folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,796 Commits 970 Branches 457 Tags 853 MiB
Commit Graph

4796 Commits

Author SHA1 Message Date
Henry Beberman e1cbb1d9b8
Remove /etc/host.conf from filesystem (#7389) 2024-01-23 10:28:55 -08:00
CBL-Mariner-Bot 36b91defaa
Prepare January 2024 Update 3 (#7392) 2024-01-23 09:35:59 -05:00
Muhammad Falak R Wani ad95d11916
skopeo: upgrade version 1.13.3 -> 1.14.1 to address GHSA-jq35-85cj-fj4p (#7357) 
Reference: https://github.com/advisories/GHSA-jq35-85cj-fj4p
Changelog: https://github.com/containers/skopeo/releases/tag/v1.14.1
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-01-23 08:48:00 +05:30
Mandeep Plaha cc1b3c5c18
add memcached container files (#7307) 2024-01-22 12:29:45 -08:00
elainezhao96 9740bd10e5
Image Customizer: remove adduser-config.yaml file as it contains password field (#7298) 2024-01-22 10:02:11 -08:00
CBL-Mariner-Bot c9f493b694
[AUTO-CHERRYPICK] Add epoch to libdwarf spec to fix versioning order - branch main (#7341) 
Co-authored-by: sindhu-karri <33163197+sindhu-karri@users.noreply.github.com>
 2024-01-19 17:30:11 -08:00
rlmenge 4cc8642e31
Enable CONFIG_X86_IOPL_IOPERM (#7181) 
Enable for hardware platforms that use AMBIOS. Interacting with the firmware on these platforms from Linux user space uses the AMI Setup Control Environment Utility, SCELNX_64. This closed source vendor provided program depends on the iopl deprecated, legacy syscall. This syscall's availability is controlled by CONFIG_X86_IOPL_IOPERM kernel configuration item. Therefore, enable to prevent segfaults.
 2024-01-19 12:04:48 -08:00
Aurélien 904fdec443
Introduce Rust virtiofsd package (#7215) 2024-01-19 10:15:09 -08:00
AZaugg d311a29d67
Fix mariadb install post script (#7320) 
The post scripts for mariadb don't run due to missing script. As part of cmake install, mariadb-install-db script is removed. Adding patch to ensure script is correctly added to buildroot

Installing/Updating: mariadb-connector-c-config-3.1.10-6.cm2.noarch
Installing/Updating: mariadb-server-10.6.9-5.cm2.x86_64
/var/tmp/rpm-tmp.wjMLcK: line 3: mysql_install_db: command not found
 2024-01-19 09:38:27 -08:00
sindhu-karri e5cc638536
Fix CVE-2023-50711 in cloud-hypervisor (#7269) 2024-01-19 12:20:15 -05:00
Pawel Winogrodzki 400cedf4b9
Fixed `cloud-init` tests. (#7330) 
Co-authored-by: Dan Streetman <ddstreet@ieee.org>
 2024-01-19 08:52:47 -08:00
Tobias Brick 5a8926c206
apply patch for CVE-2023-48795 (#7329) 2024-01-18 15:33:07 -08:00
Harshit Gupta 4002115d51
Patch libssh2 for CVE-2023-48795 (#7292) 
Co-authored-by: Harshit Gupta <guptaharshit@microsoft.com>
 2024-01-18 16:36:22 -05:00
Chris Gunn 1255e34134
Imager: Ensure ext4 formatting is consistent across build hosts (#7303) 2024-01-18 13:16:41 -08:00
elainezhao96 7e65dd1ece
OS Modifier (EMU): Add sshkeys to user config (#7305) 2024-01-18 13:10:15 -08:00
amritakohli 770c563981
Image Customizer: Make either one of split partitions format and output image format required (#7323) 2024-01-18 11:37:22 -08:00
Pawel Winogrodzki 119bf4061e
Added cross-compilation `binutils` and `kernel-headers`. (#6945) 2024-01-18 11:14:34 -08:00
Harshit Gupta a678fe8edb
Patch erlang for CVE-2023-48795 (#7299) 
Co-authored-by: Harshit Gupta <guptaharshit@microsoft.com>
 2024-01-18 09:50:15 -05:00
Chris Gunn 98d0c1f5a8
Image Customizer: Fix special directories and partition customization. (#7043) 2024-01-17 17:19:22 -08:00
Mandeep Plaha 573152fd98
add container images source files to 2.0 (#7223) 2024-01-17 13:27:16 -08:00
amritakohli acd143edc9
Image Customizer: Use safeloopback.Loopback instead of ImageConnection for split partitions (#7300) 2024-01-17 13:13:39 -08:00
Dallas Delaney babfccfb47
Kata-CC: Upgrade to 0.6.3 (#7196) 
Co-authored-by: Aurélien Bombo <abombo@microsoft.com>
Co-authored-by: ms-mahuber <60939654+ms-mahuber@users.noreply.github.com>
Co-authored-by: Mitch Zhu <mitchzhu@microsoft.com>
 2024-01-17 13:02:28 -08:00
Mandeep Plaha 790a54fbc6
fix python urllib3 test (#7294) 2024-01-17 10:28:31 -08:00
Pawel Winogrodzki 52ea900703
Making GitHub Actions' permissions explicit. (#7282) 2024-01-17 08:58:31 -08:00
Minghe Ren 6b85d88357
add patch for azure-iot-sdk-c CVE-2024-21646 (#7283) 
Co-authored-by: minghe <rmhsawyer>
 2024-01-17 08:00:32 -08:00
Gary Swalling 1328babbb5
Kernel upgrade to version 5.15.145.2 (#7280) 2024-01-16 20:23:43 -08:00
CBL-Mariner-Bot c29c87f98b
Prepare January 2024 Update 2 (#7281) 2024-01-16 19:42:42 -05:00
Henry Li ee3cf7fbbc
[2.0] Fix postfix CVE-2023-51764 (#7226) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-01-16 16:28:12 -08:00
Gary Swalling 6e583d646b
Upgrade kernel-mos to 5.15.145.2 (#7227) 2024-01-16 15:21:31 -08:00
Mandeep Plaha cf69f07d13
Upgrade kured to 1.14.2 for vendored go CVE-2023-39325 (#7275) 2024-01-16 13:52:42 -08:00
Lanze Liu e0b3d80514
Bugfix - Skip Dracut Module and Mariner.cfg Update with no Verity Cfg. (#7234) 
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
 2024-01-16 09:13:00 -08:00
Muhammad Falak R Wani ff88067d79
workflows: bump setup-go to v5 (#7262) 
Changelog: https://github.com/actions/setup-go/releases/tag/v5.0.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-01-16 17:58:24 +05:30
Henry Li de15b7680f
[2.0] Fix sqlite CVE-2023-7104 (#7251) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-01-12 13:24:58 -08:00
Henry Li acbb4aa54c
[2.0] Fix reaper CVE-2023-26159 (#7248) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-01-12 13:24:48 -08:00
Dan Streetman 4cfc44fcaa Update sudo to 1.9.15p5 for CVE-2023-42465 2024-01-12 16:20:29 -05:00
Dan Streetman 9669632f5c Remove -fvisibility=hidden build param 
Using this causes the compiler to convert *all* global symbols to
local symbols, which is *absolutely* not the correct thing to do.

This was causing the build-time test suite to immediately fail,
because the symbols (e.g. sk_api_version) inside the test sk-dummy.so
were being built as local symbols instead of global symbols, which
broke the dlsym() call to load the sk_api_version() symbol.
 2024-01-12 16:16:32 -05:00
Dan Streetman 980916afed Add patches for CVE-2023-48795 2024-01-12 16:16:32 -05:00
Henry Beberman 7a368eb2f4
Patch CVE-2023-51714 in qt5-qtbase (#7187) 2024-01-12 11:09:45 -08:00
CBL-Mariner-Bot 174ad4ca00
[AUTOPATCHER-CORE] Upgrade packer to 1.8.7 CVE-2023-45286 (#7081) 
Co-authored-by: Bala <balakumaran.kannan@microsoft.com>
Co-authored-by: Bala <kumaran.4353@gmail.com>
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-01-12 15:31:02 +05:30
jslobodzian 79b3a0cee6
Add DAILY_BUILD_REPO argument to support local developer builds with daily builds (#7239) 2024-01-11 18:24:31 -05:00
Jon Slobodzian c9da0704ef Revert "Upgrade kernel-mos to 5.15.143.1 (#7086)" 
This reverts commit 5324a3a344.
 2024-01-11 05:30:41 -08:00
Henry Li 6628a87b59
[2.0] Fix fluent-bit CVE-2023-52284 (#7221) 
Co-authored-by: Henry Li <lihl@microsoft.com>
 2024-01-10 21:38:39 -08:00
Andrew Phelps 608f6516bd
[main] Revert "toolkit image build: Fix make error for config files outside … (#7186) 2024-01-10 17:19:40 -08:00
Jon Slobodzian 1a57d91875 Revert "fix: upgrade cloud-init to v23.4.1 (#7065)" 
This reverts commit fc07dc5399.
 2024-01-10 17:16:48 -08:00
rlmenge 478618d56f
Revert "[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.143.1 - branch main (#7048)" (#7222) 2024-01-10 15:57:39 -08:00
Andrew Phelps b2bb9d7697
toolkit: fix worker chroot progress [main] (#7218) 2024-01-10 14:59:18 -08:00
Trung c056cddcb5
python-gevent: Disable flaky test failure (#7217) 2024-01-10 13:43:44 -08:00
Mandeep Plaha f6ef92dc4f
Remove CPython from %check pip3 install in cytools (#7199) 2024-01-10 10:49:14 -08:00
corvus-callidus 6447768bde
Patch CVE-2023-48795 in moby-cli (#7216) 2024-01-10 10:47:58 -08:00
amritakohli 0cb8cfb0dd
Image Customizer: Resolves bug with SSH public key paths - support for relative path (#7207) 2024-01-10 09:59:32 -08:00