81ada2f4b4
Upgrade pmix to 4.1.3 to address CVE-2023-41915 ( #6256 )
...
* pmix: Bump package version to 4.1.3 to address CVE-2023-41915
Reference: https://github.com/openpmix/openpmix/releases/tag/v4.1.3
* pmix: update cgmanifest entry
2023-09-21 14:00:04 +05:30
79e99aa83a
Address CVE-2023-29383 in shadow-utils ( #6239 )
...
The CVE was fixed incorrectly in the first attempt by the shadow maintainers.
For the patch to work correctly, it requires the bad patch followed by the correct one.
For Mariner, both the patches are part of the same patch file.
2023-09-21 09:22:24 +05:30
8cc44ffe1e
Prepare September 2023 Update 2 ( #6241 )
2023-09-20 10:06:10 -04:00
d76627b897
Add netcdf package to specs-extended ( #6155 )
...
* Add package netcdf
* Add license info
* Update cgmanifest
* Update license map
* Refactor spec
2023-09-20 18:24:53 +05:30
b958e9287d
Use the PIC'ed version of libiberty.a static object ( #6100 )
...
* Use the PIC'ed version of libiberty.a static object
* Bumping binutils version in tool chain resource files
2023-09-19 20:07:44 -07:00
b0f5460c71
Add hdf package to specs-extended ( #6154 )
...
* Add package hdf
* Add license info
* Update cgmanifest
* Cleanup changes
* Remove unneeded patch
* Update License map
2023-09-18 18:43:16 +05:30
6630da3cf5
Add gpsbabel package to specs-extended ( #6151 )
...
* Adds package gpsbabel
* Adds license info
* Update cgmanifest
* Update patch tag
* Change setup to autosetup
* Update license map
---------
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2023-09-18 16:00:17 +05:30
5ff69889b5
Adds libkml package to specs-extended ( #6157 )
...
* Adds package libkml
* Adds license info
* Update cgmanifest
* Update license map
2023-09-18 14:24:28 +05:30
9177f76ef4
Patch libssh2 to address CVE-2020-22218 ( #6214 )
...
* Patch libssh2 to address CVE-2020-22218
* libssh2: Updating toolchain manifests
2023-09-18 14:11:43 +05:30
7534c4b5df
libguestfs: remove toolchain package requirements to fix build break ( #6225 )
...
* remove binutils BR from libguestfs
* remove tdnf install binutils
* remove all toolchain package installs
* remove procps BR
* enable toolchain-repo
* fix changelog
2023-09-17 22:41:30 -07:00
1f2b396d39
gcc: add patch for CVE-2023-4039 ( #6213 )
...
* patch gcc for CVE-2023-4039
* Add CVE-2023-4039.patch
* fix callee_offset issue in patch
* fix callee_offset issue in aarch64_expand_epilogue()
2023-09-16 17:37:14 -07:00
50afb7015d
Nopatch kernel to fix CVE-2023-4208, CVE-2023-4622 ( #6220 )
...
Co-authored-by: Betty Lakes <bettylakes@microsoft.com>
2023-09-15 14:13:43 -07:00
dcc0c34997
Removed 'exit 1' from 'supermin'. ( #6217 )
2023-09-15 09:22:51 -07:00
2f1656ca99
upgrade vim to resolve CVEs ( #6210 )
...
Co-authored-by: lihl <lihl@microsoft.com>
2023-09-13 10:20:13 -07:00
ba1ffa4070
Upgrade redis to 6.2.13 fix CVE-2022-24834 ( #6203 )
2023-09-13 16:10:05 +05:30
764666dd25
Patch CVE-2023-41910 in lldpd package ( #6205 )
2023-09-13 16:09:07 +05:30
5d25ec2d4c
Nopatch kernel to fix CVE-2023-4207 CVE-2023-4015 CVE-2023-4206 ( #6206 )
2023-09-12 12:02:41 -07:00
e94787c454
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.131.1 - branch main ( #6196 )
...
* Kernel upgrade to 5.15.131.1 version
* Update configs
* Update mariner-required-configs
---------
Co-authored-by: Rachel Menge <rachelmenge@microsoft.com>
2023-09-11 10:47:11 -07:00
f2229b253d
Add freexl package to specs-extended ( #6149 )
...
* Adds freexl to specs-extended
* Update cgmainfest entry
* Add license entry
* cleanup spec file
* Update license map
2023-09-11 14:13:44 +05:30
a85c2b7a83
Fix `librelp` tests by adding `glibc-debuginfo` ( #6181 )
...
* fixxed librelp
* fixing tabs
* fixing linter
2023-09-08 10:22:22 -07:00
e1230ee0b5
Bump the bind version to 9.16.37 to fix CVE-2022-3924, CVE-2022-3094, CVE-2022-3736 ( #6195 )
...
Bump the bind version to 9.16.37 to fix CVE-2022-3924, CVE-2022-3094, CVE-2022-3736 (#6195 )
---------
Co-authored-by: Betty Lakes <bettylakes@microsoft.com>
2023-09-08 09:48:02 -07:00
f78a6f5eb2
Adds libgeotiff package to specs-extended ( #6150 )
...
* Adds package libgeotiff
* Adds license info for libgeotiff
* Update cgmanifest entry
* Update license map
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
---------
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2023-09-08 17:20:46 +05:30
380a01c3b5
nodejs: CVE-2023-35945 ( #6180 )
...
* add nghttp2 patch to nodejs and nodejs18
* fix versions
* try fixing up patches
* remove test files from patches
2023-09-07 22:31:48 -07:00
29ef7cdbe9
patch tcl for CVE-2023-36328 ( #6194 )
...
* patch tcl for CVE-2023-36328
* increment version; add changelog entry
* use https; use autosetup
2023-09-07 21:07:39 -07:00
5ac625b618
Address nodejs CVEs 32002 32006 32559 ( #6186 )
...
* bump to 16.20.2 and 18.17.1 to address CVE-2023-32002 CVE-2023-32006 CVE-2023-32559
* update signatures
* update patch for 18.17.1
* update cgmanifest.json
* Update SPECS/nodejs/nodejs18.spec
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
---------
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2023-09-07 20:53:55 -07:00
502a10d2f7
cmake patch for CVE-2023-35495 ( #6182 )
...
* add cmake patch for CVE-2023-35495
* add new cmake version
2023-09-07 20:48:10 -07:00
fef9f5eb0a
bump frr to 8.5.3 for CVE-2023-41358 CVE-2023-41359 CVE-2023-41360 ( #6189 )
...
* bump frr to 8.5.3 for CVE-2023-41358 CVE-2023-41359 CVE-2023-41360
* update signature
* remove patch for CVE-2023-3149, it is included in 8.5.3
2023-09-07 20:39:03 -07:00
09059a4737
fix vim CVEs: CVE-2023-4734 CVE-2023-4735 CVE-2023-4736 ( #6191 )
2023-09-07 20:38:11 -07:00
2cc3ce4829
Fixing python-more-itertools tests ( #6171 )
2023-09-07 13:36:45 -07:00
a3dc2834a0
Upgrade opensc to 0.23.0 to fix CVE-2021-34193 ( #6134 )
2023-09-05 10:59:55 -07:00
956b309076
Upgrade blobfuse2 2.0.5 -> 2.1.0 ( #6144 )
...
This (v2.1.0) release of blobfuse2 introduces support for ARM64
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2023-09-05 08:57:06 +05:30
8d373241ad
Prepare September 2023 Update ( #6160 )
2023-09-04 15:21:21 -07:00
4244a7d1f1
Nopatch kernel for CVE-2023-4389, CVE-2023-32247 ( #6131 )
2023-09-01 10:15:39 -07:00
7288c7d438
Add package shapelib to SPECS-EXTENDED ( #6064 )
...
* Adds package shapelib
* Adds license info
* Update cgmanifest
* Cleanup changes
2023-09-01 00:48:38 +05:30
6acc7fa856
Add package qt5-qtserialport to SPECS-EXTENDED ( #6065 )
...
* Adds package qt5-qtserialport
* Adds license info-qtserialport
* Update cgmanifest-qtserialport
* Switch to autosetup and make_install
2023-09-01 00:17:12 +05:30
a6bb77e691
Add package uriparser to SPECS-EXTENDED ( #6067 )
...
* Adds package uriparser
* Adds license info
* Update cgmanifest
2023-08-31 23:26:34 +05:30
a8275430dc
Add package blosc to SPECS-EXTENDED ( #6066 )
...
* Adds package blosc
* Adds license info
* Update cgmanifest
* Remove comments
2023-08-31 23:09:33 +05:30
a7349bfc89
Add package liblerc to SPECS-EXTENDED ( #6063 )
...
* Adds package liblerc
* Adds license info
* Update cgmanifest
* Adds test execution command
* remove patch related to win32
* Lint spec file
2023-08-31 21:57:15 +05:30
56b5f6cb27
Add libgta package to SPECS-EXTENDED ( #6062 )
...
* Adds package libgta
* Adds license info
* Update cgmanifest
* Move global vars to top
2023-08-31 18:27:15 +05:30
1151dd44f8
Patch CVE-2022-47022 in hwloc ( #6109 )
2023-08-30 21:51:17 -07:00
5522b56551
CVE-2022-0850 ( #6073 )
2023-08-30 14:52:55 -07:00
41e5023e43
Upgrade nvidia-container-toolkit, nvidia-container-runtime and libnvidia-container ( #5898 )
...
* upgrade nvidia packages
* update signature of source tar
* save changes
* add patch to build nvidia-container-toolkit v1.13.3 with golang 1.19
* upgrade nvidia-container-toolkit and libnvidia to 1.13.5
* Update SPECS/libnvidia-container/libnvidia-container.spec
Co-authored-by: Henry Beberman <henry.beberman@microsoft.com>
* Update SPECS/nvidia-container-toolkit/nvidia-container-toolkit.spec
Co-authored-by: Henry Beberman <henry.beberman@microsoft.com>
* resolve coments
* remove patch and update vendor source tar
* Enforce golang to be equal to or greater than v1.20.7
---------
Co-authored-by: Henry Li <lihl@microsoft.com>
Co-authored-by: Henry Beberman <henry.beberman@microsoft.com>
2023-08-30 14:21:32 -07:00
271a0a4f43
Add ogdi package to SPECS-EXTENDED ( #6061 )
...
* Adds package ogdi
* Adds license info
* Update cgmanifest
* Update Source1 URL
2023-08-30 18:00:52 +05:30
5d31d3aba0
qt5-qtsvg: rebuild with qt5-qtbase fix for CVE-2023-37369 ( #6089 )
...
* bump qt5-qtsvg release
* lint spec
* modify linting
2023-08-29 15:40:55 -07:00
41accd1436
make cloud-init-output.log available to serial console ( #6051 )
...
Co-authored-by: minghe <rmhsawyer>
2023-08-29 13:54:56 -07:00
0ab6131aa6
Nopatch CVE-2023-2007 for kernel ( #6095 )
2023-08-29 12:49:20 -07:00
b06683f273
Nopatch CVE-2023-3439 as mctp is not enabled in CBL-Mariner ( #6072 )
2023-08-29 11:02:42 -07:00
f0ef831100
BugFix: httpd.conf log location incorrect ( #6004 )
...
* BugFix: httpd.conf log location incorrect
The default config.layout being used with Mariner is Apache, which
points to non existent log directory. As a result the default httpd
config provided with Mariner has an error in it, preventing httpd
serivce from starting
* Adding RuntimeDirectory to ensure httpd dir exists for pid file
2023-08-29 10:36:26 -07:00
e476484dc6
Fix CVE-2021-32292 in json-c ( #6083 )
2023-08-29 09:42:16 -07:00
4670aafbf8
Fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712 in libreswan ( #6085 )
2023-08-29 09:40:45 -07:00
Sumynwa
kanikanema
CBL-Mariner-Bot
Archana Choudhary
AZaugg
suresh-thelkar
Andrew Phelps
Betty
Pawel Winogrodzki
Henry Li
osamaesmailmsft
bfjelds
Henry Beberman
ashruti-msft
Trung
Minghe Ren
rlmenge