Граф коммитов

5172 Коммитов

Автор SHA1 Сообщение Дата
CBL-Mariner-Bot d27fb3931a
[AUTO-CHERRYPICK] Upgrade default golang to 1.22.5 and backport the fix for 1.18 - branch main (#9968)
Co-authored-by: bhagyapathak <bhagyapathak@users.noreply.github.com>
2024-07-29 23:36:30 -04:00
CBL-Mariner-Bot 21b41f2cce
[AUTO-CHERRYPICK] gh: patch CVE-2021-43565 - branch main (#9969)
Co-authored-by: Archana Choudhary <36061892+arc9693@users.noreply.github.com>
2024-07-29 23:35:55 -04:00
CBL-Mariner-Bot a7c7a36624
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade python-idna to 3.7 CVE-2024-3651 - branch main (#9930) 2024-07-29 23:10:48 -04:00
CBL-Mariner-Bot cf3bd41771
[AUTO-CHERRYPICK] Upgrade httpd to 2.4.62 to address CVE-2024-40725 - branch main (#9928)
Co-authored-by: Sumynwa <sumsharma@microsoft.com>
Co-authored-by: jslobodzian <joslobo@microsoft.com>
2024-07-29 23:09:48 -04:00
Sumynwa 8db67c1a19
terraform: Patch CVE-2024-6104 for bundled hashicorp/go-retryablehttp. (#9959) 2024-07-29 22:25:09 -04:00
CBL-Mariner-Bot a80826bba9
[AUTO-CHERRYPICK] Bug fix in patch CVE-2024-5535 in openssl - branch main (#9961)
Co-authored-by: suresh-thelkar <suresh.thelkar@yahoo.com>
Co-authored-by: Suresh Thelkar <sthelkar@microsoft.com>
2024-07-29 22:24:08 -04:00
CBL-Mariner-Bot 37ec872227
[AUTO-CHERRYPICK] fix CVE-2024-41110 in moby-engine - branch main (#9966)
Co-authored-by: Rohit Rawat <rohitrawat@microsoft.com>
2024-07-29 22:23:04 -04:00
CBL-Mariner-Bot 3328395785
[AUTO-CHERRYPICK] Patch for gtk2 and gtk3 CVE-2024-6655 - branch main (#9967)
Co-authored-by: joejoew <111843948+joejoew@users.noreply.github.com>
2024-07-29 22:21:56 -04:00
CBL-Mariner-Bot 84853ebbda
Prepare August 2024 Update (#9940) 2024-07-28 08:34:16 -04:00
Rachel Menge b9c5a1a214
Address kernel CVE-2024-36288, CVE-2024-38662, CVE-2024-38780, CVE-2024-39277, CVE-2024-39292 (#9612) 2024-07-26 16:14:37 -07:00
sindhu-karri d5117e2764
Fix CVE-2024-6104 in skopeo (#9859) 2024-07-26 10:53:48 +05:30
sindhu-karri dd995b7be9
Fix CVE-2024-6345 in python3 (#9904) 2024-07-26 10:53:15 +05:30
Muhammad Falak R Wani a76c83ad92
curl: upgrade 8.5.0 -> 8.8.0 to address CVE-2024-2398 (#9832)
Changelog: https://curl.se/changes.html#8_8_0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-07-26 10:14:11 +05:30
CBL-Mariner-Bot e5afaac73c
[AUTOPATCHER-CORE] Upgrade krb5 to 1.21.3 CVE-2024-37371, CVE-2024-37370 (#9921)
Co-authored-by: Adit Jha <aditjha@microsoft.com>
2024-07-25 17:16:18 -07:00
CBL-Mariner-Bot acf2b37976
[AUTO-CHERRYPICK] cf-cli: patch CVE-2021-43565 - branch main (#9902)
Co-authored-by: Archana Choudhary <36061892+arc9693@users.noreply.github.com>
Co-authored-by: Riken Maharjan <106988478+rikenm1@users.noreply.github.com>
2024-07-25 16:43:37 -07:00
CBL-Mariner-Bot f684f328c3
[AUTO-CHERRYPICK] Reverted `packer` to version 1.9.5 and patched its CVEs. - branch main (#9854)
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
Co-authored-by: Riken Maharjan <106988478+rikenm1@users.noreply.github.com>
2024-07-25 16:41:35 -07:00
CBL-Mariner-Bot 42df5d19ef
[AUTO-CHERRYPICK] Patch moby-buildx CVES CVE-2021-43565 CVE-2022-28948 CVE-2022-41723 - branch main (#9891)
Co-authored-by: Cameron E Baird <cameronbaird@microsoft.com>
Co-authored-by: Riken Maharjan <106988478+rikenm1@users.noreply.github.com>
2024-07-25 16:37:35 -07:00
CBL-Mariner-Bot f9abe2539f
[AUTO-CHERRYPICK] cri-o: patch CVE-2021-43565 - branch main (#9901)
Co-authored-by: Archana Choudhary <36061892+arc9693@users.noreply.github.com>
2024-07-25 19:01:19 -04:00
CBL-Mariner-Bot f5e5df1bcf
[AUTO-CHERRYPICK] rapidjson: fix CVE-2024-38517 and CVE-2024-39684 - branch main (#9897)
Co-authored-by: xiaohong <Xiaohong-Deng@users.noreply.github.com>
2024-07-25 19:00:36 -04:00
CBL-Mariner-Bot 2dd276939a
[AUTO-CHERRYPICK] ceph: Fix high CVE-2024-38517 and CVE-2024-39684 - branch main (#9858)
Co-authored-by: Vince Perri <5596945+vinceaperri@users.noreply.github.com>
2024-07-25 18:57:09 -04:00
CBL-Mariner-Bot d86b17bc05
[AUTO-CHERRYPICK] Patch tpm2-tools for CVE-2024-29038 & CVE-2024-29039. - branch main (#9825)
Co-authored-by: Sumynwa <sumsharma@microsoft.com>
2024-07-25 18:53:55 -04:00
CBL-Mariner-Bot 57506f34f3
[AUTO-CHERRYPICK] telegraf: Add patch for CVE-2024-37298 - branch main (#9823)
Co-authored-by: Sumynwa <sumsharma@microsoft.com>
2024-07-25 18:53:12 -04:00
CBL-Mariner-Bot 970da2d51e
[AUTO-CHERRYPICK] Upgrade httpd to 2.4.61 to fix CVE-2024-38473 - branch main (#9819)
Co-authored-by: Tobias Brick <39196763+tobiasb-ms@users.noreply.github.com>
2024-07-25 15:52:46 -07:00
CBL-Mariner-Bot 35e1eed14f
[AUTO-CHERRYPICK] Patched CVE-2024-37890, CVE-2023-42282, and CVE-2017-18214 in `reaper`. - branch main (#9807)
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
2024-07-25 18:51:17 -04:00
CBL-Mariner-Bot 055ff1c664
[AUTO-CHERRYPICK] libmemcached-awesome: Upgrading version to 1.1.4 to address CVE-2023-27478 - branch main (#9805)
Co-authored-by: sharath-srikanth-chellappa <115591284+sharath-srikanth-chellappa@users.noreply.github.com>
2024-07-25 18:50:31 -04:00
Sam Meluch 8ecb1756f5
Filter out debuginfo packages when running sodiff (#6698)
Co-authored-by: Sam Meluch <sam.meluch@microsoft.com>
2024-07-25 12:35:06 -05:00
CBL-Mariner-Bot 5e921ee588
[AUTO-CHERRYPICK] Patch CVE-2024-5535 in openssl - branch main (#9905) 2024-07-25 20:34:06 +05:30
chalamalasetty 8fbdbff440
Upgrade kernel-mos version to 5.15.161.1 (#9923) 2024-07-24 23:16:03 -07:00
Tobias Brick 297b90e3d0
fix intermittent openssl FIPS selftest failures in jitterentropy (#9890) 2024-07-23 12:58:32 -07:00
Muhammad Falak R Wani e44fb2e860
golang: drop golang-1.17 (#9877)
None of the packages have a dependency on golang-1.17.

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-07-23 21:55:21 +05:30
CBL-Mariner-Bot 8539e10c93
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.162.2 - branch main (#9867) 2024-07-19 11:56:19 -07:00
CBL-Mariner-Bot 85ffff0104
[AUTO-CHERRYPICK] cloud-hypervisor-cvm: update to 38.0.72.2 - branch main (#9806)
Co-authored-by: Archana Choudhary <36061892+arc9693@users.noreply.github.com>
2024-07-17 12:13:04 -07:00
Henry Beberman af186a1119
moby-engine: remove daemon.json with backported fix (#9551) 2024-07-16 10:10:53 -07:00
ms-mahuber a455a7e6b3
kata-cc: Fix make clean call in UVM build (#9837)
During UVM build, the default OS' clean target is executed - which is Ubuntu.
Change make clean call to clean up the artifacts for the cbl-mariner distro: rm -rf /opt/kata-containers/uvm/tools/osbuilder/.ubuntu_rootfs.done /opt/kata-containers/uvm/tools/osbuilder/ubuntu_rootfs
2024-07-15 17:43:39 -07:00
ms-mahuber a9004163a1
kata-containers-cc: Adapt tarfs make install trgt (#9829)
Signed-off-by: Manuel Huber <mahuber@microsoft.com>
Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
2024-07-15 13:01:40 -07:00
CBL-Mariner-Bot 77d1924e4c
[AUTO-CHERRYPICK] [AUTOPATCHER-kernel] Kernel upgrade to version 5.15.162.1 - branch fasttrack/2.0 - branch main (#9834) 2024-07-15 10:46:55 -07:00
Archana Choudhary 3e14b7eeed
hvloader: add patch for CVE-2023-0464 (#9443) 2024-07-12 15:22:15 +05:30
Pawel Winogrodzki cd7cf078f1
Patched CVE-2023-26253 in `glusterfs`. (CP: #9717) (#9719) 2024-07-10 10:55:16 -07:00
Muhammad Falak R Wani 4fa1760cc4
msft-golang: upgrade 1.22.4 -> 1.22.5 to address CVE-2024-24790 & CVE-2024-24791 (#9579)
Changelog: https://go.dev/doc/devel/release#go1.22.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-07-09 00:38:46 +05:30
sharath-srikanth-chellappa 5669eeb9ba
emacs: Upgrading emacs version to 29.4 to address CVE-2024-39331 (#9709)
Co-authored-by: Sharath Srikanth Chellappa <sharathsr@microsoft.com>
2024-07-08 10:40:12 -07:00
Dan Streetman 350616f115
Update shim-unsigned-x64 to 15.8 and updates signed shim (#7893)
Updates the unsigned shim for x64 to 15.8 and includes new signing certificate
Also updates the signed version of this shim

Co-authored-by: Chris Co <chrco@microsoft.com>
2024-07-04 17:17:35 -07:00
Rachel Menge 3595f2a878
Address Kernel CVE-2021-3847, CVE-2024-26913, CVE-2024-26933, CVE-2024-26978, CVE-2024-36477, CVE-2024-36481, CVE-2024-38664, CVE-2024-39291 (#9571) 2024-07-04 17:15:48 -07:00
CBL-Mariner-Bot 0ac28edc5d
[AUTO-CHERRYPICK] openssh: fix "regresshion" CVE, CVE-2024-6387, with patch from debian. - branch main (#9565)
Co-authored-by: SeanDougherty <sdougherty@microsoft.com>
2024-07-03 10:41:01 -07:00
CBL-Mariner-Bot fd9ff7f98c
[AUTO-CHERRYPICK] Patch openssh to fix CVE-2023-28531 - branch main (#9519)
Co-authored-by: Sam Meluch <109628994+sameluch@users.noreply.github.com>
2024-06-27 14:34:19 -07:00
CBL-Mariner-Bot 623d203905
[AUTO-CHERRYPICK] Fix guava CVE-2023-2976 - branch main (#9526)
Co-authored-by: sindhu-karri <33163197+sindhu-karri@users.noreply.github.com>
2024-06-27 14:34:05 -07:00
CBL-Mariner-Bot ff8289a113
[AUTO-CHERRYPICK] Patch CVE-2023-52890 in ntfs-3g - branch main (#9520)
Co-authored-by: suresh-thelkar <suresh.thelkar@yahoo.com>
2024-06-27 14:31:15 -07:00
Muhammad Falak R Wani 36367cba80
toolkit: bump azidentity 1.3.1 -> 1.6.0 to address CVE-2024-35255 (#9382)
Fixes: https://github.com/microsoft/azurelinux/security/dependabot/13
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-06-27 07:43:10 +05:30
CBL-Mariner-Bot 2606e07373
[AUTO-CHERRYPICK] Fix CVE-2024-3727 in cri-o by patching vendored github.com/containers/image - branch main (#9488)
Co-authored-by: Paco Huelsz <frhuelsz@microsoft.com>
2024-06-26 13:31:42 -07:00
CBL-Mariner-Bot 82e82e134c
[AUTO-CHERRYPICK] wget: patch CVE-2024-38428 - branch main (#9487)
Co-authored-by: Saul Paredes <30801614+Redent0r@users.noreply.github.com>
2024-06-26 10:40:33 -07:00
CBL-Mariner-Bot c89dbfa1a2
[AUTO-CHERRYPICK] R: patch CVE-2024-27322 - branch main (#9486)
Co-authored-by: Saul Paredes <30801614+Redent0r@users.noreply.github.com>
2024-06-26 10:40:27 -07:00