microsoft
/
CBL-Mariner
зеркало из https://github.com/microsoft/CBL-Mariner.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
5 143 коммитов 990 Ветки 457 Теги 862 MiB
Граф коммитов

5143 Коммитов

Автор SHA1 Сообщение Дата
Muhammad Falak R Wani e44fb2e860
golang: drop golang-1.17 (#9877) 
None of the packages have a dependency on golang-1.17.

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-07-23 21:55:21 +05:30
CBL-Mariner-Bot 8539e10c93
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.162.2 - branch main (#9867) 2024-07-19 11:56:19 -07:00
CBL-Mariner-Bot 85ffff0104
[AUTO-CHERRYPICK] cloud-hypervisor-cvm: update to 38.0.72.2 - branch main (#9806) 
Co-authored-by: Archana Choudhary <36061892+arc9693@users.noreply.github.com>
 2024-07-17 12:13:04 -07:00
Henry Beberman af186a1119
moby-engine: remove daemon.json with backported fix (#9551) 2024-07-16 10:10:53 -07:00
ms-mahuber a455a7e6b3
kata-cc: Fix make clean call in UVM build (#9837) 
During UVM build, the default OS' clean target is executed - which is Ubuntu.
Change make clean call to clean up the artifacts for the cbl-mariner distro: rm -rf /opt/kata-containers/uvm/tools/osbuilder/.ubuntu_rootfs.done /opt/kata-containers/uvm/tools/osbuilder/ubuntu_rootfs
 2024-07-15 17:43:39 -07:00
ms-mahuber a9004163a1
kata-containers-cc: Adapt tarfs make install trgt (#9829) 
Signed-off-by: Manuel Huber <mahuber@microsoft.com>
Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
 2024-07-15 13:01:40 -07:00
CBL-Mariner-Bot 77d1924e4c
[AUTO-CHERRYPICK] [AUTOPATCHER-kernel] Kernel upgrade to version 5.15.162.1 - branch fasttrack/2.0 - branch main (#9834) 2024-07-15 10:46:55 -07:00
Archana Choudhary 3e14b7eeed
hvloader: add patch for CVE-2023-0464 (#9443) 2024-07-12 15:22:15 +05:30
Pawel Winogrodzki cd7cf078f1
Patched CVE-2023-26253 in `glusterfs`. (CP: #9717) (#9719) 2024-07-10 10:55:16 -07:00
Muhammad Falak R Wani 4fa1760cc4
msft-golang: upgrade 1.22.4 -> 1.22.5 to address CVE-2024-24790 & CVE-2024-24791 (#9579) 
Changelog: https://go.dev/doc/devel/release#go1.22.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-07-09 00:38:46 +05:30
sharath-srikanth-chellappa 5669eeb9ba
emacs: Upgrading emacs version to 29.4 to address CVE-2024-39331 (#9709) 
Co-authored-by: Sharath Srikanth Chellappa <sharathsr@microsoft.com>
 2024-07-08 10:40:12 -07:00
Dan Streetman 350616f115
Update shim-unsigned-x64 to 15.8 and updates signed shim (#7893) 
Updates the unsigned shim for x64 to 15.8 and includes new signing certificate
Also updates the signed version of this shim

Co-authored-by: Chris Co <chrco@microsoft.com>
 2024-07-04 17:17:35 -07:00
Rachel Menge 3595f2a878
Address Kernel CVE-2021-3847, CVE-2024-26913, CVE-2024-26933, CVE-2024-26978, CVE-2024-36477, CVE-2024-36481, CVE-2024-38664, CVE-2024-39291 (#9571) 2024-07-04 17:15:48 -07:00
CBL-Mariner-Bot 0ac28edc5d
[AUTO-CHERRYPICK] openssh: fix "regresshion" CVE, CVE-2024-6387, with patch from debian. - branch main (#9565) 
Co-authored-by: SeanDougherty <sdougherty@microsoft.com>
 2024-07-03 10:41:01 -07:00
CBL-Mariner-Bot fd9ff7f98c
[AUTO-CHERRYPICK] Patch openssh to fix CVE-2023-28531 - branch main (#9519) 
Co-authored-by: Sam Meluch <109628994+sameluch@users.noreply.github.com>
 2024-06-27 14:34:19 -07:00
CBL-Mariner-Bot 623d203905
[AUTO-CHERRYPICK] Fix guava CVE-2023-2976 - branch main (#9526) 
Co-authored-by: sindhu-karri <33163197+sindhu-karri@users.noreply.github.com>
 2024-06-27 14:34:05 -07:00
CBL-Mariner-Bot ff8289a113
[AUTO-CHERRYPICK] Patch CVE-2023-52890 in ntfs-3g - branch main (#9520) 
Co-authored-by: suresh-thelkar <suresh.thelkar@yahoo.com>
 2024-06-27 14:31:15 -07:00
Muhammad Falak R Wani 36367cba80
toolkit: bump azidentity 1.3.1 -> 1.6.0 to address CVE-2024-35255 (#9382) 
Fixes: https://github.com/microsoft/azurelinux/security/dependabot/13
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-06-27 07:43:10 +05:30
CBL-Mariner-Bot 2606e07373
[AUTO-CHERRYPICK] Fix CVE-2024-3727 in cri-o by patching vendored github.com/containers/image - branch main (#9488) 
Co-authored-by: Paco Huelsz <frhuelsz@microsoft.com>
 2024-06-26 13:31:42 -07:00
CBL-Mariner-Bot 82e82e134c
[AUTO-CHERRYPICK] wget: patch CVE-2024-38428 - branch main (#9487) 
Co-authored-by: Saul Paredes <30801614+Redent0r@users.noreply.github.com>
 2024-06-26 10:40:33 -07:00
CBL-Mariner-Bot c89dbfa1a2
[AUTO-CHERRYPICK] R: patch CVE-2024-27322 - branch main (#9486) 
Co-authored-by: Saul Paredes <30801614+Redent0r@users.noreply.github.com>
 2024-06-26 10:40:27 -07:00
CBL-Mariner-Bot c7a0e96884
[AUTO-CHERRYPICK] php: update to 8.1.29 to fix CVEs - branch main (#9393) 
Co-authored-by: Neha Agarwal <58672330+neha170@users.noreply.github.com>
 2024-06-26 10:40:22 -07:00
CBL-Mariner-Bot 84edf52699
[AUTO-CHERRYPICK] Update conntrack-tools and dependency - branch main (#9398) 
Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
 2024-06-26 10:40:18 -07:00
CBL-Mariner-Bot 9d8cb0c6de
[AUTO-CHERRYPICK] vte291: patch CVE-2024-37535 - branch main (#9484) 
Co-authored-by: Neha Agarwal <58672330+neha170@users.noreply.github.com>
 2024-06-26 10:40:13 -07:00
CBL-Mariner-Bot 4c110ece4e
[AUTO-CHERRYPICK] Patch CVE-2024-5564 in libndp - branch main (#9485) 
Co-authored-by: Nick Samson <nick.samson@microsoft.com>
 2024-06-26 10:40:06 -07:00
CBL-Mariner-Bot f374bf96c9
[AUTO-CHERRYPICK] Fix CVE-2024-3727 in skopeo - branch main (#9489) 
Co-authored-by: Rohit Rawat <rohitrawat@microsoft.com>
Co-authored-by: jslobodzian <joslobo@microsoft.com>
 2024-06-26 10:39:55 -07:00
Sumynwa b4644287d3
Upgrade vitess to v17.0.7 to fix CVE-2024-32886 (#9374) 2024-06-26 16:25:31 +05:30
CBL-Mariner-Bot e5d9cb6d2d
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.160.1 - branch main (#9362) 
This upgrade also contains ccf143f "Revert netfilter: br_netfilter: skip conntrack input hook for promisc packets" to unblock hairpin functionality.
 2024-06-25 17:07:38 -07:00
CBL-Mariner-Bot be0256e50c
Bump release for July 2024 Update (#9505) 2024-06-25 16:47:52 -04:00
jslobodzian c02863076b
Remove isorelax project from 2.0 Extended (#9503) 2024-06-25 16:34:41 -04:00
Rachel Menge 20b638e307
Address kernel CVE-2022-48670, CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2024-36023, CVE-2024-36897, CVE-2024-36902, CVE-2024-36938, CVE-2024-36971 (#9474) 2024-06-25 09:20:09 -07:00
CBL-Mariner-Bot 00e57e32d2
[AUTOPATCHER-CORE] Upgrade python-urllib3 to 1.26.19 patch CVE-2024-37891 (#9458) 2024-06-24 16:43:49 -07:00
Muhammad Falak R Wani 8e8032e9c4
msft-golang: upgrade version 1.22.3 -> 1.22.4 to address CVE-2024-24790 (#9352) 
Changelog: https://go.dev/doc/devel/release#go1.22.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-06-24 10:24:25 +05:30
CBL-Mariner-Bot da61f9c8be
[AUTOPATCHER-CORE] Upgrade dhcp to 4.4.3-P1 CVE-2022-2928, CVE-2022-2929 (#9436) 
Co-authored-by: Osama Esmail <osamaesmail@microsoft.com>
 2024-06-19 14:01:43 -07:00
Archana Choudhary 6a2491bb28
mysql: upgrade to 8.0.36 to fix 10 CVEs (#9428) 2024-06-19 12:27:08 +05:30
Saul Paredes e690393bf0
telegraf: patch CVE-2024-35255 (#9426) 2024-06-18 16:54:20 -07:00
Saul Paredes 654e5b3aad
yasm: patch CVE-2021-33454 (#9433) 2024-06-18 16:54:08 -07:00
Nick Samson e3c025c81b
nodejs18: upgrade nodejs18 to 18.20.3 to fix CVE-2024-28863 (#9372) 
Co-authored-by: Nick Samson <nisamson@microsoft.com>
 2024-06-18 13:27:56 -07:00
suresh-thelkar 2ab7702b23
Patch CVE-2024-5742 in nano (#9404) 2024-06-18 09:41:19 +05:30
bfjelds 30f1ce2f3a
Address CVE-2024-3727 by patching vendored github.com/containers/image (#9343) 2024-06-13 12:09:22 -07:00
Nan Liu ddbdd8987b
libarchive: add patch to resolve CVE-2024-26256 (#9340) 2024-06-13 09:02:08 -07:00
Archana Choudhary 610f91c953
hvloader: add patch to resolve CVE-2024-1298 (#9337) 2024-06-11 23:44:08 +05:30
Archana Choudhary 65cae39c11
edk2: add patch for CVE-2024-1298 (#9335) 2024-06-11 23:32:29 +05:30
CBL-Mariner-Bot 6af9f3d10a
[AUTOPATCHER-CORE] Upgrade libpng to 1.6.39 Fix CVE-2022-3857 (#9317) 
Co-authored-by: Mandeep Plaha <mandeepplaha@microsoft.com>
 2024-06-10 13:31:46 -07:00
Muhammad Falak R Wani c16735c961
golang: update 1.21.6 -> 1.21.11 to address CVE-2024-24790 (#9097) 
Changelog: https://go.dev/doc/devel/release#go1.21.minor
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-06-10 12:37:44 +05:30
Bala 9322acd7b2
Fix CVE-2024-3154 in package cri-o (#9284) 2024-06-07 16:32:27 -07:00
Tobias Brick 8ff27fc0fb
Upgrade azl-compliance to version 1.0.2 (#9348) 
Upgrade azl-compliance to latest version, to move us closer to FedRAMP compliance for AZL on AKS.
 2024-06-07 15:56:44 -07:00
Gary Swalling 487653257d
Update kernel-mos to 5.15.158.2 (#9356) 2024-06-07 15:31:03 -07:00
J Camposeco 44f82e45f6
python-cryptography: Update OpenSSL version to fix CVE-2023-50782 (#9359) 
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
 2024-06-07 15:20:56 -07:00
CBL-Mariner-Bot e2c8d9e5da
[FASTTRACK-CHERRYPICK] openssl: Fix CVE-2023-50782 affecting python-cryptography - branch main (#9318) 
Co-authored-by: J Camposeco <108859819+jcamposeco@users.noreply.github.com>
Co-authored-by: Juan Camposeco <juanarturoc@microsoft.com>
 2024-06-07 14:54:22 -07:00