2d0dfa2124
[2.0] Upgrade ncurses to 6.3 to fix CVE-2022-29458 ( #3160 )
...
* update ncurses to 6.3
* update manifests
2022-06-14 22:56:38 -07:00
831aab2008
logrotate: bump version to 3.20.1 to address CVE-2022-1348 ( #3155 )
...
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2022-06-15 06:22:16 +05:30
7b110072d3
Add emacs SPEC to Mariner ( #3168 )
...
* Add emacs SPEC to Mariner
* Update to use macros in the emacs SPEC
* Update URL to use https
2022-06-14 15:51:18 -07:00
fee702ab61
Rely on makefile to place toolchain rpms ( #3162 )
2022-06-14 12:43:52 -07:00
58b1c6b42a
Fix util-linux source unpacking in raw toolchain ( #3166 )
2022-06-14 09:36:30 -07:00
3df18fac37
libarchive: bump version to 3.6.1 to address CVE-2022-26280 ( #3154 )
...
* libarchive: bump version to 3.6.1 to address CVE-2022-26280
* libarchive: manifests: update entry
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2022-06-14 06:49:10 +05:30
74ece200ea
tools: gomod: bump gonum to 0.11.0 to fix segfault in `graph/iterator.(*mapIter).next` ( #3153 )
...
Reference: https://github.com/gonum/gonum/issues/1775
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2022-06-14 06:48:11 +05:30
be48c7751a
libtiff: bump version to 4.4.0 to address CVE-2022-1622 & CVE-2022-1623 ( #3152 )
...
* libtiff: bump version to 4.4.0 to address CVE-2022-1622 & CVE-2022-1623
* libtiff: cgmanifest: update entry
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2022-06-14 06:47:35 +05:30
86cedc1695
Add distroless manifest format to toolkit documentation ( #3156 )
...
Signed-off-by: Tom Fay <tomfay@microsoft.com>
2022-06-13 19:53:27 +01:00
7417d8a04f
Add missing e2fsprogs dep to cloud-init ( #3141 )
2022-06-13 10:48:05 -07:00
2962f756db
Update SymCrypt and SCOSSL SPEC files to latest ( #3123 )
2022-06-10 15:09:35 -07:00
cfd57cb4d4
Upgrade exiv2 to 0.27.5 to fix CVE-2019-13504 CVE-2019-17402 CVE-2019… ( #3148 )
...
* Upgrade exiv2 to 0.27.5 to fix CVE-2019-13504 CVE-2019-17402 CVE-2019-20421 CVE-2021-3482 CVE-2021-29457 CVE-2021-29458 CVE-2021-29463 CVE-2021-29464 CVE-2021-29470 CVE-2021-29473 CVE-2021-29623 CVE-2021-32617 CVE-2021-32815 CVE-2021-34334 CVE-2021-34335 CVE-2021-37615 CVE-2021-37616 CVE-2021-37618 CVE-2021-37619 CVE-2021-37620 CVE-2021-37621 CVE-2021-37622 CVE-2021-37623
* Update cgmanifest
* Verified license
* Fix the cgmanifest url
* Update spec file for linter
* Removed unnecessary -n per code review request
2022-06-10 14:43:50 -07:00
de32fb5dc1
`python-jwt`: updating to version 2.4.0 to fix CVE-2022-29217. ( #3139 )
2022-06-10 13:24:57 -07:00
0e1e294fd9
`bind`: updating to 9.16.29 to fix CVE-2021-25219. ( #3138 )
2022-06-10 13:24:41 -07:00
3bcdc43b8f
cloud-init: uprev to 22.2 ( #3104 )
...
Minor fixes to distro patch:
- formatting, etc. to comply with upstream linting
- add .py extension to tests/unittests/distros/test_mariner
- fixup broken imports for test_mariner module
Cloud-init 22.2 includes several fixes/improvements for Azure's
datasource, full changelog is here:
https://github.com/canonical/cloud-init/blob/22.2/ChangeLog
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
2022-06-10 10:22:47 -07:00
2465a0960c
Record build state into a CSV ( #2963 )
...
Record build state in a csv file
make analyze-built-graph provides information based unresolved nodes. But sometimes (especially while cleaning-up SPECS-EXTENDED and fixing PTest), we need the failed packages and packages blocked due to failing dependencies. Failure information is stored in buildState variable and it's not written into any file after the build completion.
In this PR I'm generating CSV file detailing the SRPMs build, preBuilt, Failing, unBuilt and blockers for failing and unBuilt packages. This information is fetched from buildState variable.
It gives detailed information on which package blocks on what
* Addressing review comments
* go tidy printresults.go file
* Update toolkit/tools/scheduler/schedulerutils/printresults.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
2022-06-10 12:43:21 +05:30
4c0c1babc1
Updating `.gitignore` and removing archive. ( #3147 )
2022-06-09 23:21:54 -07:00
e5c7c6a07d
Removing tarballs from the repository. ( #3145 )
2022-06-09 15:48:08 -07:00
0f2f509db1
`ruby-augeas`: fixing build by adding missing BR. ( #3143 )
2022-06-09 14:59:37 -07:00
76e77fe143
Fix clamav ( #3136 )
...
* Fixes to clamav
don't look for config in the buildroot at runtime
create default freshclam config so freshclam works on first use
create /var/lib/clamav so freshclam can store db download there
create clamav user/group
* run spec-cleaner
2022-06-09 06:46:48 +01:00
0ff466412f
Bump Mariner Release ( #3140 )
2022-06-08 16:44:06 -07:00
fd77f53827
Upgrade terraform version to 1.2.2 ( #3135 )
...
* Upgrade terraform version to 1.2.2
* Update date correctly in change log
2022-06-08 12:10:43 -07:00
d739589153
Add packer tool SPEC and remove packer symlink in cracklib-dicts conflicts with packer tool ( #3131 )
...
* Add packer SPEC to Mariner
* Remove packer symlink not necessary conflicts with Packer tool
* Bump up version python3-cracklib in tool chain
* Correct typo in cracklib spec file
2022-06-08 10:31:06 -07:00
e32438e241
`util-linux`: updating to 2.37.4 to fix CVE-2022-0563. ( #3132 )
2022-06-08 09:54:00 -07:00
aa34f5a01a
`lua`: patching CVE-2021-44647. ( #3130 )
2022-06-08 09:39:05 -07:00
052791184e
`usbredir`: updating to version 0.12.0 to fix CVE-2021-3700. ( #3129 )
2022-06-08 09:38:29 -07:00
3d61ecb54f
`prometheus`: updating to 2.36.0 to fix CVE-2021-29622. ( #3128 )
2022-06-08 09:37:53 -07:00
55d756df8a
disable smack in kernel-rt ( #3126 )
...
* disable smack kernel config
* rebase kernel version
* remove smack from config_lsm
* update signatures
* update config
* update signatures
Co-authored-by: minghe <mingheren@microsoft.com>
2022-06-07 21:50:16 -07:00
2954a840cd
[main] Add custom package repo definitions in image configuration ( #2925 )
...
* rebase to eliminate previous commits
* add imageconfigvalidator check for custom package repos
* update logic for error checking
* minor change to code structure
* fix formatting issue
* fix typo
* Update toolkit/tools/imagegen/configuration/packagerepo.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/isomaker/maker.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/internal/network/network.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/imagegen/configuration/systemconfig.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* resolve comments
* fix systemconfig validation
* fix systemconfig test
* add clean-up in unit test
* Update toolkit/tools/imagegen/configuration/packagerepo_test.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* resolve more comments
* fix go formatting error
* resolve remaining comments
* Update toolkit/tools/internal/network/network.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/internal/network/network.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* refactor network retry
* Update toolkit/tools/imagegen/configuration/packagerepo.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/imagegen/configuration/packagerepo.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* Update toolkit/tools/internal/network/network.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
* update error clean-up
* fix file clean-up error
* Update toolkit/tools/imagegen/configuration/packagerepo.go
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
Co-authored-by: Henry Li <lihl@microsoft.com>
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
2022-06-07 18:09:05 -07:00
923c00900c
Commonize toolchain rpm extract flows ( #2766 )
...
Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
2022-06-07 17:31:30 -07:00
8e53ebb480
kernel: silencing ptp_kvm failure error ( #3122 )
2022-06-07 11:05:17 -07:00
79d65def57
`subversion`: updating to 1.14.2 to fix CVE-2021-28544. ( #3119 )
2022-06-06 23:49:03 -07:00
dc45a9c7b9
Updating `.gitignore` to ignore default sources download directory. ( #3059 )
2022-06-06 16:06:06 -07:00
8fd0aec22f
Updating `vim` to version 8.2.5064. ( #3112 )
2022-06-06 13:30:50 -07:00
b3b85d6752
Fix signature of hypervkvpd.service ( #3109 )
2022-06-06 10:09:39 -07:00
413fc8f5f8
Enabling the `LIVEPATCH` option in the kernel config. ( #3107 )
2022-06-03 17:53:09 -07:00
54f8e95cf6
kernel: Remove Smack LSM support from kernel ( #3080 )
...
* disable smack kernel config
Co-authored-by: minghe <mingheren@microsoft.com>
2022-06-03 17:20:57 -07:00
1bf312be32
ruby: remove bundled gems, add provides for default gems ( #3035 )
...
* remove bundled gems from ruby, remove spec of default
* provide default gems within ruby
* Add rake executable
* Cleanup
* Remove bundled molinillo
* Cleanup removing bundled gems
* Fix typo in versions
* Incorporate comments
* Remove ssh-key, add back cgmanifest
* Remove provides for bundler, bigdecimal
* License map, fix errors
* Incorporate comments
* fix comment, try removing patch
* Remove patches, fix license
* Fix map again
* Cleanup changelog
2022-06-03 16:23:15 -07:00
e2193c72a0
moby-runc: Upgrade to 1.1.2 to fix CVE-2022-29162 ( #3102 )
...
Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com>
2022-06-03 08:05:28 -07:00
d10bbb9333
python-mutagen: drop BR on pytest & pip install latests deps to enable ptest ( #2957 )
...
* python-mutagen: drop BR on pytest & pip install latests deps to enable ptest
* python-mutagen: annotate version of the deps installed with pip
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2022-06-03 10:02:57 +05:30
6b39b52926
`php`: adding a patch to build with updated `gd`. ( #3103 )
2022-06-02 15:45:25 -07:00
cf8565ffa8
ARM64 `buildah` and `edk2` blocked packages fix. ( #3101 )
2022-06-02 15:43:36 -07:00
07490d71a6
[main] `prebuilt-ca-certificates`: adding `Provides` for `*-microsoft` and `*-mozilla`. ( #3100 )
2022-06-02 13:16:07 -07:00
0754a54e76
hyperv-daemons/hypervkvpd.service: fix service ordering ( #3096 )
...
kvpd must start before cloud-init-local which comes before network.target.
1. Add ConditionVirtualization=microsoft to only start under Hyper-V.
2. Remove After=network.target dependency.
3. Add After=sys-devices-virtual-misc-vmbus\x21hv_kvp.device which
should be combined with BindTo=.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
2022-06-02 12:23:23 -07:00
6fea5183bb
Add nopatch for 2022-1734 ( #3097 )
2022-06-02 10:52:22 -07:00
947e021990
rsync: Upgrade to 3.2.4 ( #3095 )
2022-06-02 09:41:00 -07:00
a84381974c
ntfs-3g: Updating to 2022.5.17 to fix CVE-2021-46790 ( #3092 )
...
Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com>
2022-06-02 09:29:04 -07:00
8d1a18a083
openldap: fix CVE-2022-29155 ( #3093 )
...
Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com>
2022-06-02 08:25:11 -07:00
67e54f37d1
Opensc: upgrade to 0.22.0 to fix CVE-2020-26570, CVE-2020-26571, CVE-2020-26572, CVE-2021-42778, CVE-2021-42779, CVE-2021-42780, CVE-2021-42781, CVE-2021-42782 ( #3090 )
...
* Opensc: upgrade to 0.22.0
* Opensc: upgrade to 0.22.0
* Upgrade to 0.22.0 to fix CVE-2020-26570, CVE-2020-26571, CVE-2020-26572, CVE-2021-42778, CVE-2021-42779, CVE-2021-42780, CVE-2021-42781, CVE-2021-42782
* Upgrade to 0.22.0 to fix CVE-2020-26570, CVE-2020-26571, CVE-2020-26572, CVE-2021-42778, CVE-2021-42779, CVE-2021-42780, CVE-2021-42781, CVE-2021-42782
Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com>
2022-06-01 14:12:04 -07:00
788555fbd5
`ocaml-ctypes`: changing test dependencies to `ounit2`. ( #3088 )
2022-06-01 13:23:29 -07:00
Andrew Phelps