folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,796 Commits 852 Branches 449 Tags 879 MiB
Commit Graph

4796 Commits

Author SHA1 Message Date
CBL-Mariner-Bot 9d61e77566
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.145.1 - branch main (#7156) 2024-01-08 12:52:47 -08:00
CBL-Mariner-Bot 98ac904188
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2023-6546 (#7172) 2024-01-08 10:37:22 -08:00
sindhu-karri 9eb66b6101
Upgrade and move libdwarf from extended to core (#6827) 2024-01-05 14:08:24 +05:30
Roaa Sakr 3d89b98de0
Revert "Increase image size for baremetal and qemu guest to 4GB" (#7171) 2024-01-04 15:24:15 -08:00
Neha Agarwal bf7b67e4f2
containerized-rpmbuild: make tools only for build mode (#7122) 2024-01-04 08:55:18 -08:00
CBL-Mariner-Bot 515cb74cbe
[AUTO-CHERRYPICK] apparmor: add patches for CVE-2023-50471 and CVE-2023-50472 - branch main (#7149) 
Co-authored-by: Dallas Delaney <106280731+dallasd1@users.noreply.github.com>
 2024-01-02 09:59:54 -08:00
Neha Agarwal c00ee1fff4
libssh: update to v0.10.6 to fix CVE-2023-48795 (#7141) 2024-01-02 09:41:59 -08:00
CBL-Mariner-Bot ff01fee0d9
Prepare January 2024 (#7144) 2024-01-02 10:30:01 -05:00
CBL-Mariner-Bot 8655780ab5
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2023-6931 and CVE-2023-6932 (#7137) 
Co-authored-by: Neha Agarwal <nehaagarwal@microsoft.com>
 2023-12-29 13:59:41 -08:00
Neha Agarwal a3d7868c0c
postgresql: update to v14.10 to fix CVE-2023-5868, CVE-2023-5869 and CVE-2023-5870 (#7138) 2023-12-29 13:11:23 -08:00
Neha Agarwal f2a17384db
dbus: Update to v1.15.6 to fix CVE-2023-34969 (#7134) 2023-12-29 10:43:02 -08:00
CBL-Mariner-Bot 1d8a012438
[AUTO-CHERRYPICK] xorg-x11-server: add patches for CVE-2023-6377 and CVE-2023-6478 - branch main (#7133) 
Co-authored-by: Dallas Delaney <106280731+dallasd1@users.noreply.github.com>
 2023-12-28 13:59:37 -08:00
Neha Agarwal 23bfa1f4f7
openssh: patch CVE-2023-51384 and CVE-2023-51385 (#7125) 2023-12-28 09:24:33 -08:00
Neha Agarwal 46d5a680f5
ansible: update to v2.14.12 to fix CVE-2023-5764 (#7124) 2023-12-26 11:38:03 -08:00
suresh-thelkar 89e025180f
Patch CVE-2023-46218 mysql (#7118) 2023-12-23 14:21:47 +05:30
Christopher Co fc07dc5399
fix: upgrade cloud-init to v23.4.1 (#7065) 
This change upgrades cloud-init to v23.4.1. This version contains fixes for an issue where some Azure Stack implementations do not support IMDS. Also this cloud-init version has the override data source patch integrated so we can drop the patch from our packaging.

Signed-off-by: Chris Co <chrco@microsoft.com>
 2023-12-22 22:50:49 -08:00
ms-mahuber 7be6ca587a
Set OOMScoreAdjust to -999 for containerd-cc (#7121) 2023-12-22 19:55:00 -08:00
raviprpandey b203de4f7d
Set OOMScoreAdjust to -999 for containerd (#6819) 2023-12-22 16:14:13 -08:00
Sam Meluch 720629ca10
Add Backport for installonlypkgs to tdnf for Mariner 2.0 (#7056) 
Co-authored-by: Sam Meluch <sam.meluch@microsoft.com>
 2023-12-22 11:00:36 -08:00
sindhu-karri c3ee8c04ed
Move rubygem-puppet-resource_api from Extended to Core (#7108) 2023-12-22 15:40:25 +05:30
sindhu-karri 0e78174c90
Move cpp-hocon from extended to core (#7099) 2023-12-22 15:23:35 +05:30
sindhu-karri 1f2285732a
Move rubygem-hocon from Extended to Core (#7103) 2023-12-22 14:55:30 +05:30
sindhu-karri ed6e4ec85c
Move rubygem-deep_merge from Extended to Core (#7107) 2023-12-22 13:43:25 +05:30
sindhu-karri a52536b78b
Move ruby-augeas from Extended to Core (#7106) 2023-12-22 13:01:55 +05:30
sindhu-karri bc655f2c7d
Move rubygem-thor from extended to core (#7100) 2023-12-22 12:53:47 +05:30
sindhu-karri ff611bea20
Move package leatherman from extended to core (#7098) 2023-12-22 11:56:55 +05:30
sindhu-karri 1995b15363
Move package catch1 from extended to core (#7096) 2023-12-22 11:56:36 +05:30
suresh-thelkar 6462d9989a
Patch CVE-2023-45866 in bluez (#7097) 2023-12-22 10:23:48 +05:30
Christopher Co 7e792c13f9
ci: add codeowners for toolkit folders (#7091) 
Update the GitHub codeowners file to automatically add tooling codeowners as reviewers to the toolkit code. Retain general dev reviewers for docs, imageconfigs, and package manifests.

Signed-off-by: Chris Co <chrco@microsoft.com>
 2023-12-21 15:48:50 -08:00
CBL-Mariner-Bot e3aa39d710
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2023-46862 CVE-2023-6622 (#7113) 2023-12-21 13:55:15 -08:00
Lanze Liu bb4c29e48d
imagecustomizer: initial dm-verity enablement by nbd. (#6809) 
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
 2023-12-21 13:05:26 -08:00
Gary Swalling 5324a3a344
Upgrade kernel-mos to 5.15.143.1 (#7086) 2023-12-21 11:40:37 -08:00
CBL-Mariner-Bot b1ffd4eeb3
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.143.1 - branch main (#7048) 
Note this upgrade also required an update to the kernel-hci patches.

Co-authored-by: Vince Perri <viperri@microsoft.com>
 2023-12-21 11:11:19 -08:00
Mandeep Plaha e2a91dbf9d
Patch CVE-2023-49083 in python-cryptography (#7104) 2023-12-21 09:00:27 -08:00
CBL-Mariner-Bot 32572206ca
[AUTOPATCHER-CORE] Upgrade fish to 3.6.2 CVE-2023-49284 (#7039) 2023-12-21 09:55:36 +05:30
Dmytro Chasovskykh 8f1884667a
applying disable-newgroup-query-when-netgroup-base-is-not-set.patch (#7085) 
Fixes: a48d432a11 ("Sudo ldap netgroup_query bug fix patch (#7068)")

Co-authored-by: Dmytro Chasovskykh <dchasovskykh@linkedin.com>
 2023-12-20 19:34:25 -08:00
sindhu-karri c989846a40
Add moreutils package to mariner (#7017) 2023-12-21 08:18:07 +05:30
amritakohli 4d38bd44d6
Image Customizer: Support for partition extraction - raw, raw-zstd (#7013) 2023-12-20 16:29:47 -08:00
Mitch Zhu 31fbf2bbbe
Add Kata meta-package (#7053) 
Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
 2023-12-20 14:25:25 -08:00
Christopher Co 71792f5d69
ci: update kata codeowner packages (#7063) 
Update the GitHub codeowners file to automatically add the cbl-mariner-kata-containers team as reviewers for kata-containers and confidential containers packages.

Signed-off-by: Chris Co <chrco@microsoft.com>
 2023-12-20 13:35:53 -08:00
Rohit Rawat e87fb99c84
Fix CVE-2020-8694, CVE-2020-8695 and CVE-2020-12912 (#7029) 
Fixes moby-engine and moby-containerd by upgrade
 2023-12-20 20:40:33 +05:30
sindhu-karri 1eec67c797
Add package perl-Time-Duration to mariner (#7016) 2023-12-20 13:12:02 +05:30
sindhu-karri 26be580363
Move package perl-Class-Accessor from extended to core (#7026) 2023-12-20 12:00:10 +05:30
sindhu-karri 9908edd747
Move package perl-Sub-Name from Extended to core (#7027) 2023-12-20 11:59:21 +05:30
sindhu-karri 3ef0e1f125
Move package perl-Devel-CheckBin from extended to core (#7028) 2023-12-20 11:58:34 +05:30
sindhu-karri 9a290953b9
Move perl-IO-String from extended to core (#7025) 2023-12-20 11:57:44 +05:30
sindhu-karri d3b5e583fb
Move package perl-IPC-Run from Extended to Core (#7015) 2023-12-20 11:54:56 +05:30
sindhu-karri 8a9d3a5e96
move docbook2X package from Extended to Core (#7012) 2023-12-20 11:53:43 +05:30
AZaugg a48d432a11
Sudo ldap netgroup_query bug fix patch (#7068) 
sudo backed by ldap is no longer working after moving to the new version of sudo. Patched the fix upstream to get ldap sudo to work with NETGROUP_QUERY
 2023-12-19 21:23:02 -08:00
CBL-Mariner-Bot 311df2a641
[AUTOPATCHER-CORE] Upgrade curl to 8.5.0 CVE-2023-46219 (#7059) 
Co-authored-by: Cameron Baird <cameronbaird@microsoft.com>
 2023-12-19 14:37:17 -08:00