folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,451 Commits 915 Branches 455 Tags 846 MiB
Commit Graph

5451 Commits

Author SHA1 Message Date
jslobodzian bec03956ca Merge branch 'main' into 2.0 2024-10-28 22:00:57 -04:00
CBL-Mariner-Bot 3eb66d1e29
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade msft-golang to 1.22.8 To fix CVE-2022-41717 - branch main (#10834) 2024-10-25 14:41:49 -04:00
CBL-Mariner-Bot 4401d89fad
[AUTO-CHERRYPICK] Added Patch CVE-2022-25255 for qt5-qtbase - branch main (#10835) 
Co-authored-by: Mykhailo Bykhovtsev <108374904+mbykhovtsev-ms@users.noreply.github.com>
 2024-10-25 14:41:25 -04:00
CBL-Mariner-Bot 4dd3ddf0b0
[AUTO-CHERRYPICK] Upgrade mysql to 8.0.40 - branch main (#10809) 
Co-authored-by: Sudipta Pandit <sudpandit@microsoft.com>
 2024-10-25 14:40:38 -04:00
jslobodzian 0fbfb7a9f3 Merge branch 'main' into 2.0 2024-10-25 08:51:55 -04:00
CBL-Mariner-Bot 7f7a3b897b
Prepare November 2024 (#10845) 2024-10-25 08:50:34 -04:00
Rachel Menge c5b6704f80
Remove Amateur Radio X.25 PLP Rose for CVE-2022-2961 (#10826) 
The rose_bind() function which is used in the AX.25 PLP Rose protocol introduced a race condition which has CVE-2022-2961. Therefore remove rose support.
 2024-10-24 14:40:32 -07:00
CBL-Mariner-Bot 1729e7544b
[AUTO-CHERRYPICK] Patch Reaper for multiple CVEs - branch main (#10735) 
Co-authored-by: Rohit Rawat <rohitrawat@microsoft.com>
Co-authored-by: jslobodzian <joslobo@microsoft.com>
Co-authored-by: Riken Maharjan <rmaharjan@microsoft.com>
 2024-10-23 11:47:18 -07:00
Muhammad Falak R Wani b958bee0c4
curl: address CVE-2024-8096 (#10731) 
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-10-23 11:40:11 +05:30
Muhammad Falak R Wani 60d78f8b22
nghttp2: address CVE-2024-28182 (#10656) 
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-10-23 09:18:37 +05:30
Muhammad Falak R Wani 2ab7767a79
gnutls: upgrade 3.7.7 -> 3.7.11 to address CVE-2023-5981, CVE-2024-28835, CVE-2024-28834 & CVE-2024-0553 (#10578) 
Changelog: https://gitlab.com/gnutls/gnutls/-/blob/3.7.11/NEWS
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-10-23 09:16:25 +05:30
Muhammad Falak R Wani db8338b9b1
apr: upgrade version 1.7.2 -> 1.7.5 to address CVE-2023-49582 (#10749) 
Changelog: https://downloads.apache.org/apr/CHANGES-APR-1.7
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-10-23 09:07:02 +05:30
Mitch Zhu 08e99cef68
Patch gdb 11.2 for CVE-2023-39128, CVE-2023-39129, CVE-2023-39130 (#10683) 2024-10-22 13:13:48 -07:00
CBL-Mariner-Bot 78c1dd1dc9
[AUTOPATCHER-CORE] Upgrade php to 8.1.30 CVE-2024-8927, CVE-2024-8925 (#10795) 2024-10-22 12:06:02 +05:30
Dallas Delaney 8f60da79d4
rubygem-async-http: remove version dependency of rubygem-protocol-http1 (#10682) 
Co-authored-by: Dallas Delaney <dadelan@example.com>
 2024-10-21 18:02:58 -07:00
Sudipta Pandit 9cc3b9949b
libpcap: Backport fixes for CVE-2024-8006 (#10793) 2024-10-22 02:04:46 +05:30
Sudipta Pandit 8b11ebddc9
Upgrade redis to 6.2.16 (#10798) 2024-10-22 02:03:49 +05:30
Chris Gunn 770cf87559
fluent-bit: CVE-2024-26455, CVE-2024-25629 (#10739) 2024-10-21 12:09:50 -07:00
Henry Li fece1b0dd3
[2.0] Resolve kubernetes CVE-2024-24786 (#10669) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-10-18 14:02:58 -07:00
CBL-Mariner-Bot 95c646c8e7
[AUTO-CHERRYPICK] Patch vim to resolve CVE-2024-43802 - branch main (#10771) 
Co-authored-by: Sam Meluch <109628994+sameluch@users.noreply.github.com>
 2024-10-18 15:31:55 -04:00
CBL-Mariner-Bot cdd7571aab
[AUTO-CHERRYPICK] libarchive: Patch CVE-2024-48957, CVE-2024-48958, CVE-2024-20696 - branch main (#10770) 
Co-authored-by: Nan Liu <108544011+liunan-ms@users.noreply.github.com>
 2024-10-18 15:31:34 -04:00
CBL-Mariner-Bot 054eed9904
[AUTO-CHERRYPICK] Patch terraform to resolve CVE-2022-32149 & CVE-2023-4782 - branch main (#10755) 
Co-authored-by: Sumedh Alok Sharma <sumsharma@microsoft.com>
 2024-10-18 15:30:59 -04:00
CBL-Mariner-Bot f43a558e8d
[AUTO-CHERRYPICK] Fix CVE 2024 24786 and CVE 2022 41717 for prometheus - branch main (#10737) 
Co-authored-by: bhagyapathak <bhagyapathak@users.noreply.github.com>
 2024-10-18 15:30:42 -04:00
CBL-Mariner-Bot f7e825f60a
[AUTO-CHERRYPICK] Apply security fix for CVE-2024-28180 by patching vendored go-jose - branch main (#10736) 
Co-authored-by: abadawi-msft <108105696+abadawi591@users.noreply.github.com>
 2024-10-18 15:30:21 -04:00
CBL-Mariner-Bot e88c36d034
[AUTO-CHERRYPICK] Upgrade OpenIPMI to 2.0.36 to fix CVE-2024-42934 - branch main (#10734) 
Co-authored-by: suresh-thelkar <suresh.thelkar@yahoo.com>
 2024-10-18 14:55:10 -04:00
CBL-Mariner-Bot a41e552a4e
[AUTO-CHERRYPICK] Patch CVE-2022-28506 and CVE-2023-48161 in giflib - branch main (#10733) 
Co-authored-by: suresh-thelkar <suresh.thelkar@yahoo.com>
 2024-10-18 14:54:26 -04:00
CBL-Mariner-Bot 6cc144262e
[AUTO-CHERRYPICK] Patch CVE-2024-31449 in redis - branch main (#10732) 
Co-authored-by: suresh-thelkar <suresh.thelkar@yahoo.com>
 2024-10-18 14:53:39 -04:00
bhagyapathak 4517ec0599
Fix CVE-2024-47554 for apache-commons-io (#10708) 2024-10-15 11:30:40 +05:30
Sumedh Alok Sharma ca21053edc
Patch cni-plugins to resolve CVE-2023-3978 (#10689) 2024-10-15 11:16:33 +05:30
Henry Li 10ccf03d75
[2.0] Resolve kubernetes CVE-2024-28180 (#10668) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-10-14 22:20:02 -07:00
Henry Li d97b713262
[2.0] Resolve dcos-cli CVE-2024-28180 (#10667) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-10-14 22:19:37 -07:00
CBL-Mariner-Bot d3b1c72ca5
[AUTO-CHERRYPICK] Patch unbound to fix CVE-2024-33655, CVE-2024-8508, and CVE-2024-43167 - branch main (#10674) 
Co-authored-by: Sam Meluch <109628994+sameluch@users.noreply.github.com>
 2024-10-10 14:48:13 -07:00
Muhammad Falak R Wani 7b9cd9b10c
gh: address CVE-2022-32149 (#10334) 
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-10-10 15:01:50 +05:30
CBL-Mariner-Bot 9e55d13d8b
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade nvidia-container-toolkit to 1.16.2 Critical vulnerability CVE-2024-0132, Medium vulnerability CVE-2024-0133 - branch main (#10660) 2024-10-09 13:50:37 -07:00
CBL-Mariner-Bot 6d7ba8b546
[AUTO-CHERRYPICK] Fix CVE-2024-47191 in oath-toolkit - branch main (#10650) 
Co-authored-by: Mandeep Plaha <99760213+mandeepsplaha@users.noreply.github.com>
 2024-10-09 13:50:18 -07:00
Rohit Rawat 1b8263cf25
Patch CVE-2024-45590 in reaper (#10557) 2024-10-09 20:02:15 +05:30
CBL-Mariner-Bot 7322224044
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2024-38381 CVE-2024-42228 CVE-2024-38577 CVE-2024-41098 CVE-2024-42246 CVE-2024-43853 CVE-2024-43905 CVE-2024-43884 CVE-2024-44946 CVE-2024-44986 CVE-2024-44987 CVE-2024-44985 CVE-2024-44974 CVE-2024-43892 CVE-2024-43897 CVE-2024-44989 CVE-2024-44999 CVE-2024-44995 CVE-2024-44990 CVE-2024-45006 CVE-2024-41011 CVE-2024-44998 CVE-2024-44983 CVE-2024-46677 CVE-2024-45021 CVE-2024-46674 CVE-2024-45026 CVE-2024-45025 CVE-2024-46673 CVE-2024-45009 CVE-2024-45028 CVE-2024-45011 CVE-2024-45018 CVE-2024-45016 CVE-2024-46685 CVE-2024-44947 CVE-2024-38588 CVE-2024-42297 CVE-2024-43829 CVE-2024-46863 (#10406) 
Handle CVE-2024-38381 CVE-2024-42228 CVE-2024-38577 CVE-2024-41098 CVE-2024-42246 CVE-2024-43853 CVE-2024-43905 CVE-2024-43884 CVE-2024-44946 CVE-2024-44986 CVE-2024-44987 CVE-2024-44985 CVE-2024-44974 CVE-2024-43892 CVE-2024-43897 CVE-2024-44989 CVE-2024-44999 CVE-2024-44995 CVE-2024-44990 CVE-2024-45006 CVE-2024-41011 CVE-2024-44998 CVE-2024-44983 CVE-2024-46677 CVE-2024-45021 CVE-2024-46674 CVE-2024-45026 CVE-2024-45025 CVE-2024-46673 CVE-2024-45009 CVE-2024-45028 CVE-2024-45011 CVE-2024-45018 CVE-2024-45016 CVE-2024-46685 CVE-2024-44947 CVE-2024-38588 CVE-2024-42297 CVE-2024-43829 CVE-2024-46863
 2024-10-07 19:06:22 -07:00
CBL-Mariner-Bot 6677f60264
[AUTO-CHERRYPICK] python3: Add patch for CVE-2024-4032 - branch main (#10620) 
Co-authored-by: Ankita Pareek <56152556+Ankita13-code@users.noreply.github.com>
 2024-10-04 14:17:25 -07:00
CBL-Mariner-Bot e9c8962636
[AUTO-CHERRYPICK] heimdal: Add backported patch for fixing CVE-2022-3116 - branch main (#10615) 
Co-authored-by: Ankita Pareek <56152556+Ankita13-code@users.noreply.github.com>
 2024-10-04 14:17:11 -07:00
jslobodzian 4b2db5328c Merge branch 'main' into 2.0 2024-10-04 13:21:03 -04:00
jslobodzian a8d7f4b9ae
Prepare October 2024 Update (#10548) 
Co-authored-by: CBL-Mariner Servicing Account <cblmargh@microsoft.com>
 2024-10-04 11:08:34 -04:00
Pawel Winogrodzki 2d9218893c
Fixed spec entanglement PR check (CP: #10585) (#10586) 2024-09-30 17:50:08 -07:00
Minghe Ren 2340f8b4e8
add Azure marketplace ARM64 FIPS image definition (#10526) 
Co-authored-by: minghe <rmhsawyer>
 2024-09-27 15:37:33 -07:00
CBL-Mariner-Bot a67cb06cad
[AUTO-CHERRYPICK] apply patch to fix CVE-2024-6232 and CVE-2024-8088 for python3 2.0 - branch main (#10553) 
Co-authored-by: himaja-kesari <123194058+himaja-kesari@users.noreply.github.com>
 2024-09-26 11:41:52 -07:00
CBL-Mariner-Bot 271b7dc767
[AUTO-CHERRYPICK] Update openssl to 3.3.2 under cloud-hypervisor-cvm in order to address CVE-2024-6119 - branch main (#10530) 
Co-authored-by: Jiri Appl <jiria@microsoft.com>
Co-authored-by: Riken Maharjan <rmaharjan@microsoft.com>
 2024-09-26 11:37:05 -07:00
flora-taagen 0ce7d669bb
Update README.md (#10562) 2024-09-26 09:58:53 -07:00
Rohit Rawat eee1b27598
Patch CVE-2024-43796 in reaper (#10543) 2024-09-25 15:38:22 +05:30
CBL-Mariner-Bot b2015ea737
[AUTO-CHERRYPICK] Add patch for CVE-2024-41946 to ruby and rubygem-rexml - branch main (#10510) 
Co-authored-by: Harshit Gupta <harshitgupta1337@gmail.com>
 2024-09-24 11:43:59 -07:00
CBL-Mariner-Bot d0eb3f3a76
[AUTO-CHERRYPICK] Patch gdk-pixbuf2 for CVE-2022-48622. - branch main (#10508) 
Co-authored-by: Sumedh Alok Sharma <sumsharma@microsoft.com>
 2024-09-24 11:43:46 -07:00
CBL-Mariner-Bot bec544d490
[AUTO-CHERRYPICK] add edk2 patches for CVE-2022-36763, CVE-2022-36764, CVE-2022-36765, CVE-2023-45230, CVE-2023-45236, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2023-45237 - branch main (#10516) 
Co-authored-by: Minghe Ren <mingheren@microsoft.com>
 2024-09-24 11:43:38 -07:00