3eef9c87e1
openssl: only free buffers when done ( #9309 )
2024-06-04 15:21:33 -07:00
4246a18833
Revert "Fixed Perl automatic requires and provides. ( #9226 )"
...
This reverts commit 6b8eb01bf0
2024-06-04 00:09:50 -04:00
ed62ba9d97
Revert "Enable KNI module in DPDK build ( #9246 )"
...
This reverts commit 84f1470398
2024-06-04 00:08:36 -04:00
3a41e97aed
Add stable release maintainers to CODEOWNERS ( #7564 )
...
Update main branch CODEOWNERS file to require CBL-Mariner-Stable-Maintainers team review for all files in this branch since PRs targeting main are going to our next 2.0 stable release.
2024-06-03 19:29:33 -07:00
a264db1f75
Patch moby-engine to address CVE-2023-44487 ( #9276 )
2024-06-03 10:52:43 -07:00
a6539502f3
python-requests: patch CVE-2024-35195. ( #9238 )
...
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
2024-06-03 09:17:01 -07:00
513297d3dc
upgrade rubygem-rexml to 3.2.7 to resolve CVE-2024-35176 ( #9282 )
...
Co-authored-by: minghe <rmhsawyer>
2024-05-31 17:03:13 -07:00
6e4ebc6899
update and correct ruby CVE-2024035176.patch ( #9280 )
...
Co-authored-by: minghe <rmhsawyer>
2024-05-31 16:28:37 -07:00
db8f0137f6
Address kernel CVE-2022-38096, CVE-2023-47233, CVE-2023-52827, CVE-2024-25739, CVE-2024-26900, CVE-2024-26902, CVE-2024-26929, CVE-2024-26934, CVE-2024-26949, CVE-2024-26952, CVE-2024-26979, CVE-2024-27013, CVE-2024-27015, CVE-2024-27016, CVE-2024-27018, CVE-2024-27019, CVE-2024-27020, CVE-2024-35978, CVE-2024-35982, CVE-2024-35984, CVE-2024-35990, CVE-2024-35997, CVE-2024-36008 ( #9270 )
...
Address CVE-2022-38096, CVE-2023-47233, CVE-2023-52827, CVE-2024-25739, CVE-2024-26900, CVE-2024-26902, CVE-2024-26929, CVE-2024-26934, CVE-2024-26949, CVE-2024-26952, CVE-2024-26979, CVE-2024-27013, CVE-2024-27015, CVE-2024-27016, CVE-2024-27018, CVE-2024-27019, CVE-2024-27020, CVE-2024-35978, CVE-2024-35982, CVE-2024-35984, CVE-2024-35990, CVE-2024-35997, CVE-2024-36008
2024-05-31 10:21:15 -07:00
ebc77031e5
Patch CVE-2024-26147 for cert-manager ( #9268 )
2024-05-30 18:57:31 -07:00
47df6748d9
add patch for ruby CVE-2024-35176 ( #9267 )
...
Co-authored-by: minghe <rmhsawyer>
Co-authored-by: Mykhailo Bykhovtsev <108374904+mbykhovtsev-ms@users.noreply.github.com>
2024-05-30 17:49:12 -07:00
84f1470398
Enable KNI module in DPDK build ( #9246 )
2024-05-30 08:33:04 -07:00
3304dc254a
Patch nodejs18 to address CVE-2023-21100 ( #9250 )
2024-05-29 14:58:04 -07:00
07800afe35
Address hyperv-daemons CVE-2024-26951, CVE-2024-26961, CVE-2024-26965, CVE-2024-26966, CVE-2024-26973, CVE-2024-26977, CVE-2024-26984, CVE-2024-26993, CVE-2024-27000, CVE-2024-27018, CVE-2024-35848, CVE-2024-35912, CVE-2024-36008 ( #9216 )
...
Address CVE-2024-26951, CVE-2024-26961, CVE-2024-26965, CVE-2024-26966, CVE-2024-26973, CVE-2024-26977, CVE-2024-26984, CVE-2024-26993, CVE-2024-27000, CVE-2024-27018, CVE-2024-35848, CVE-2024-35912, CVE-2024-36008
2024-05-29 14:32:23 -07:00
f0b8294283
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.159.1 - branch main ( #9187 )
2024-05-29 14:31:46 -07:00
222de009ea
add patch for rubygem-rexml CVE-2024-35176 ( #9242 )
...
Co-authored-by: minghe <rmhsawyer>
2024-05-29 14:11:36 -07:00
b593ba2e31
Merge branch 'main' into 2.0
2024-05-28 21:10:43 -04:00
fea7c96a84
moby-compose: Fix CVE-2024-24786, CVE-2024-23650, CVE-2023-2253 ( #9239 )
2024-05-28 17:05:34 -07:00
ac45317296
[AUTO-CHERRYPICK] graphviz: address CVE-2023-46045 & CVE-2020-18032 - branch main ( #9129 )
...
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-05-28 15:01:40 -07:00
e86c9c1d13
[AUTO-CHERRYPICK] pytorch: Add patch for CVE-2024-27318 - branch main ( #9130 )
...
Co-authored-by: Sumynwa <sumsharma@microsoft.com>
2024-05-28 15:01:09 -07:00
f344024065
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade fluent-bit to 2.2.3 to fix CVE-2024-4323 - branch main ( #9237 )
2024-05-28 15:00:50 -07:00
dc5da04c2b
[2.0] Resolve telegraf CVE-2024-27289 ( #9235 )
...
Co-authored-by: Henry Li <lihl@microsoft.com>
2024-05-28 12:41:26 -07:00
c5d244ff28
[2.0] Upgrade cri-o to v1.22.3 to resolve regressed CVE-2022-0811 ( #9191 )
...
Co-authored-by: Henry Li <lihl@microsoft.com>
2024-05-28 12:41:17 -07:00
a7e75e15aa
add azl-compliance package ( #9213 )
...
Adds the azl-compliance package to our distro. This will be used to harden images for FIPS and FedRAMP.
2024-05-28 11:35:53 -07:00
4c410bbcd1
[AUTO-CHERRYPICK] python-werkzeug: Patch CVE-2024-34069 - branch main ( #9118 )
...
Co-authored-by: Jonathan Behrens <jbehrens@microsoft.com>
2024-05-28 09:57:50 -07:00
14d8692ef9
libvirt: Patch for CVE-2024-4418 ( #9197 )
2024-05-28 09:08:43 -07:00
4b86ac16fd
cups: patch CVE-2022-26691. ( #9168 )
...
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
2024-05-28 09:01:28 -07:00
61c7a0b9b4
Fix CVE-2023-48795 in moby-compose by patching vendor packages ( #9232 )
2024-05-28 20:01:00 +05:30
a6e63391b5
update python h5py to fix build break caused by recent to HDF5 update ( #9223 )
2024-05-27 10:51:43 -07:00
5b01d266b2
Merge branch 'main' into 2.0
2024-05-27 08:17:18 -04:00
1dbde42485
Bump Mariner 2.0 Release for June 2024 Update ( #9230 )
2024-05-27 08:16:08 -04:00
f2cf82edfa
Merge branch 'main' into 2.0
2024-05-27 08:06:18 -04:00
6b8eb01bf0
Fixed Perl automatic requires and provides. ( #9226 )
2024-05-26 22:20:56 -07:00
c3ccae590e
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade git to 2.39.4 Fix CVE-2024-32002, CVE-2024-32004, CVE-2024-32020, CVE-2024-32021, CVE-2024-32465 - branch main ( #9215 )
2024-05-27 10:46:25 +05:30
6d11efd8d2
[AUTO-CHERRYPICK] Add patch to add network interface renaming support for CAPM3 Met - branch main ( #9132 )
...
Co-authored-by: sharath-srikanth-chellappa <115591284+sharath-srikanth-chellappa@users.noreply.github.com>
2024-05-24 14:33:38 -07:00
fb499af135
fix python-jinja2 for CVE-2024-34064 ( #9188 )
2024-05-24 19:08:28 +05:30
05b9fbc6b9
[AUTO-CHERRYPICK] Remove newly added explicit version dependencies in gdal and netcdf. - branch main ( #9196 )
...
Co-authored-by: George Mileka <gmileka@users.noreply.github.com>
2024-05-23 10:13:16 -07:00
90eef0e159
fix CVE-2024-34459 for libxml2 ( #9186 )
2024-05-23 13:38:38 +05:30
5c3280f544
Address hyperv-daemons CVEs: CVE-2023-3269, CVE-2023-3338, CVE-2023-3… ( #9189 )
2024-05-22 11:09:58 -07:00
08a425ff5f
[AUTO-CHERRYPICK] Upgrade hdf5 to 1.14.4. to under several CVEs. - branch main ( #9182 )
...
Co-authored-by: George Mileka <gmileka@users.noreply.github.com>
2024-05-22 10:02:40 -07:00
c5f4ef7e9b
Upgrade azcopy to 10.24.0 to fix multiple security issues ( #9185 )
2024-05-22 17:21:05 +05:30
cdb876a032
ruby: Patch CVE-2024-27282 ( #9138 )
2024-05-21 12:56:48 -07:00
1e04206f45
[AUTO-CHERRYPICK] kubevirt: Add patch for CVE-2024-24786 - branch main ( #9148 )
...
Co-authored-by: Rohit Rawat <rohitrawat@microsoft.com>
Co-authored-by: Rohit Rawat <xordux@gmail.com>
2024-05-21 09:49:42 -07:00
02ffe5c851
ceph: fix CVE-2023-43040 ( #9146 )
2024-05-20 09:02:40 -07:00
39538f46aa
[AUTOPATCHER-CORE] Upgrade postgresql to 14.12 CVE-2024-4317 ( #9120 )
2024-05-20 11:50:24 +05:30
a1841cc9b3
msft-golang: upgrade 1.22.2 -> 1.22.3 to address CVE-2024-24787 & CVE-2024-24788 ( #9108 )
...
Changelog: https://go.dev/doc/devel/release#go1.22.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-05-20 06:42:02 +05:30
7ec4d970b4
iperf3: upgrade 3.14 -> 3.17 to address CVE-2024-26306 ( #9119 )
...
Changelog: https://github.com/esnet/iperf/releases/tag/3.17
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-05-20 06:41:22 +05:30
70f725db51
Refractor Golden Container main ( #9113 )
2024-05-17 16:21:35 -07:00
8f57105e73
move src tarballs to AME - mariner 2.0 ( #8925 )
...
Co-authored-by: CBL-Mariner Servicing Account <cblmargh@microsoft.com>
2024-05-17 14:12:32 -07:00
8c0c3ed4b0
[AUTO-CHERRYPICK] ceph: patch multiple CVEs - branch main ( #9086 )
...
Co-authored-by: Henry Beberman <henry.beberman@microsoft.com>
2024-05-17 12:57:29 -07:00
Tobias Brick