microsoft
/
CBL-Mariner
зеркало из https://github.com/microsoft/CBL-Mariner.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
4 780 коммитов 1 004 Ветки 463 Теги 877 MiB
Граф коммитов

4780 Коммитов

Автор SHA1 Сообщение Дата
Pawel Winogrodzki 119bf4061e
Added cross-compilation `binutils` and `kernel-headers`. (#6945) 2024-01-18 11:14:34 -08:00
Harshit Gupta a678fe8edb
Patch erlang for CVE-2023-48795 (#7299) 
Co-authored-by: Harshit Gupta <guptaharshit@microsoft.com>
 2024-01-18 09:50:15 -05:00
Chris Gunn 98d0c1f5a8
Image Customizer: Fix special directories and partition customization. (#7043) 2024-01-17 17:19:22 -08:00
Mandeep Plaha 573152fd98
add container images source files to 2.0 (#7223) 2024-01-17 13:27:16 -08:00
amritakohli acd143edc9
Image Customizer: Use safeloopback.Loopback instead of ImageConnection for split partitions (#7300) 2024-01-17 13:13:39 -08:00
Dallas Delaney babfccfb47
Kata-CC: Upgrade to 0.6.3 (#7196) 
Co-authored-by: Aurélien Bombo <abombo@microsoft.com>
Co-authored-by: ms-mahuber <60939654+ms-mahuber@users.noreply.github.com>
Co-authored-by: Mitch Zhu <mitchzhu@microsoft.com>
 2024-01-17 13:02:28 -08:00
Mandeep Plaha 790a54fbc6
fix python urllib3 test (#7294) 2024-01-17 10:28:31 -08:00
Pawel Winogrodzki 52ea900703
Making GitHub Actions' permissions explicit. (#7282) 2024-01-17 08:58:31 -08:00
Minghe Ren 6b85d88357
add patch for azure-iot-sdk-c CVE-2024-21646 (#7283) 
Co-authored-by: minghe <rmhsawyer>
 2024-01-17 08:00:32 -08:00
Gary Swalling 1328babbb5
Kernel upgrade to version 5.15.145.2 (#7280) 2024-01-16 20:23:43 -08:00
CBL-Mariner-Bot c29c87f98b
Prepare January 2024 Update 2 (#7281) 2024-01-16 19:42:42 -05:00
Henry Li ee3cf7fbbc
[2.0] Fix postfix CVE-2023-51764 (#7226) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-01-16 16:28:12 -08:00
Gary Swalling 6e583d646b
Upgrade kernel-mos to 5.15.145.2 (#7227) 2024-01-16 15:21:31 -08:00
Mandeep Plaha cf69f07d13
Upgrade kured to 1.14.2 for vendored go CVE-2023-39325 (#7275) 2024-01-16 13:52:42 -08:00
Lanze Liu e0b3d80514
Bugfix - Skip Dracut Module and Mariner.cfg Update with no Verity Cfg. (#7234) 
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
 2024-01-16 09:13:00 -08:00
Muhammad Falak R Wani ff88067d79
workflows: bump setup-go to v5 (#7262) 
Changelog: https://github.com/actions/setup-go/releases/tag/v5.0.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-01-16 17:58:24 +05:30
Henry Li de15b7680f
[2.0] Fix sqlite CVE-2023-7104 (#7251) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-01-12 13:24:58 -08:00
Henry Li acbb4aa54c
[2.0] Fix reaper CVE-2023-26159 (#7248) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-01-12 13:24:48 -08:00
Dan Streetman 4cfc44fcaa Update sudo to 1.9.15p5 for CVE-2023-42465 2024-01-12 16:20:29 -05:00
Dan Streetman 9669632f5c Remove -fvisibility=hidden build param 
Using this causes the compiler to convert *all* global symbols to
local symbols, which is *absolutely* not the correct thing to do.

This was causing the build-time test suite to immediately fail,
because the symbols (e.g. sk_api_version) inside the test sk-dummy.so
were being built as local symbols instead of global symbols, which
broke the dlsym() call to load the sk_api_version() symbol.
 2024-01-12 16:16:32 -05:00
Dan Streetman 980916afed Add patches for CVE-2023-48795 2024-01-12 16:16:32 -05:00
Henry Beberman 7a368eb2f4
Patch CVE-2023-51714 in qt5-qtbase (#7187) 2024-01-12 11:09:45 -08:00
CBL-Mariner-Bot 174ad4ca00
[AUTOPATCHER-CORE] Upgrade packer to 1.8.7 CVE-2023-45286 (#7081) 
Co-authored-by: Bala <balakumaran.kannan@microsoft.com>
Co-authored-by: Bala <kumaran.4353@gmail.com>
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-01-12 15:31:02 +05:30
jslobodzian 79b3a0cee6
Add DAILY_BUILD_REPO argument to support local developer builds with daily builds (#7239) 2024-01-11 18:24:31 -05:00
Jon Slobodzian c9da0704ef Revert "Upgrade kernel-mos to 5.15.143.1 (#7086)" 
This reverts commit 5324a3a344.
 2024-01-11 05:30:41 -08:00
Henry Li 6628a87b59
[2.0] Fix fluent-bit CVE-2023-52284 (#7221) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-01-10 21:38:39 -08:00
Andrew Phelps 608f6516bd
[main] Revert "toolkit image build: Fix make error for config files outside … (#7186) 2024-01-10 17:19:40 -08:00
Jon Slobodzian 1a57d91875 Revert "fix: upgrade cloud-init to v23.4.1 (#7065)" 
This reverts commit fc07dc5399.
 2024-01-10 17:16:48 -08:00
rlmenge 478618d56f
Revert "[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.143.1 - branch main (#7048)" (#7222) 2024-01-10 15:57:39 -08:00
Andrew Phelps b2bb9d7697
toolkit: fix worker chroot progress [main] (#7218) 2024-01-10 14:59:18 -08:00
Trung c056cddcb5
python-gevent: Disable flaky test failure (#7217) 2024-01-10 13:43:44 -08:00
Mandeep Plaha f6ef92dc4f
Remove CPython from %check pip3 install in cytools (#7199) 2024-01-10 10:49:14 -08:00
corvus-callidus 6447768bde
Patch CVE-2023-48795 in moby-cli (#7216) 2024-01-10 10:47:58 -08:00
amritakohli 0cb8cfb0dd
Image Customizer: Resolves bug with SSH public key paths - support for relative path (#7207) 2024-01-10 09:59:32 -08:00
CBL-Mariner-Bot 9d61e77566
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.145.1 - branch main (#7156) 2024-01-08 12:52:47 -08:00
CBL-Mariner-Bot 98ac904188
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2023-6546 (#7172) 2024-01-08 10:37:22 -08:00
sindhu-karri 9eb66b6101
Upgrade and move libdwarf from extended to core (#6827) 2024-01-05 14:08:24 +05:30
Roaa Sakr 3d89b98de0
Revert "Increase image size for baremetal and qemu guest to 4GB" (#7171) 2024-01-04 15:24:15 -08:00
Neha Agarwal bf7b67e4f2
containerized-rpmbuild: make tools only for build mode (#7122) 2024-01-04 08:55:18 -08:00
CBL-Mariner-Bot 515cb74cbe
[AUTO-CHERRYPICK] apparmor: add patches for CVE-2023-50471 and CVE-2023-50472 - branch main (#7149) 
Co-authored-by: Dallas Delaney <106280731+dallasd1@users.noreply.github.com>
 2024-01-02 09:59:54 -08:00
Neha Agarwal c00ee1fff4
libssh: update to v0.10.6 to fix CVE-2023-48795 (#7141) 2024-01-02 09:41:59 -08:00
CBL-Mariner-Bot ff01fee0d9
Prepare January 2024 (#7144) 2024-01-02 10:30:01 -05:00
CBL-Mariner-Bot 8655780ab5
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2023-6931 and CVE-2023-6932 (#7137) 
Co-authored-by: Neha Agarwal <nehaagarwal@microsoft.com>
 2023-12-29 13:59:41 -08:00
Neha Agarwal a3d7868c0c
postgresql: update to v14.10 to fix CVE-2023-5868, CVE-2023-5869 and CVE-2023-5870 (#7138) 2023-12-29 13:11:23 -08:00
Neha Agarwal f2a17384db
dbus: Update to v1.15.6 to fix CVE-2023-34969 (#7134) 2023-12-29 10:43:02 -08:00
CBL-Mariner-Bot 1d8a012438
[AUTO-CHERRYPICK] xorg-x11-server: add patches for CVE-2023-6377 and CVE-2023-6478 - branch main (#7133) 
Co-authored-by: Dallas Delaney <106280731+dallasd1@users.noreply.github.com>
 2023-12-28 13:59:37 -08:00
Neha Agarwal 23bfa1f4f7
openssh: patch CVE-2023-51384 and CVE-2023-51385 (#7125) 2023-12-28 09:24:33 -08:00
Neha Agarwal 46d5a680f5
ansible: update to v2.14.12 to fix CVE-2023-5764 (#7124) 2023-12-26 11:38:03 -08:00
suresh-thelkar 89e025180f
Patch CVE-2023-46218 mysql (#7118) 2023-12-23 14:21:47 +05:30
Christopher Co fc07dc5399
fix: upgrade cloud-init to v23.4.1 (#7065) 
This change upgrades cloud-init to v23.4.1. This version contains fixes for an issue where some Azure Stack implementations do not support IMDS. Also this cloud-init version has the override data source patch integrated so we can drop the patch from our packaging.

Signed-off-by: Chris Co <chrco@microsoft.com>
 2023-12-22 22:50:49 -08:00