CBL-Mariner-Bot
9d61e77566
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.145.1 - branch main ( #7156 )
2024-01-08 12:52:47 -08:00
CBL-Mariner-Bot
98ac904188
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2023-6546 ( #7172 )
2024-01-08 10:37:22 -08:00
sindhu-karri
9eb66b6101
Upgrade and move libdwarf from extended to core ( #6827 )
2024-01-05 14:08:24 +05:30
Roaa Sakr
3d89b98de0
Revert "Increase image size for baremetal and qemu guest to 4GB" ( #7171 )
2024-01-04 15:24:15 -08:00
Neha Agarwal
bf7b67e4f2
containerized-rpmbuild: make tools only for build mode ( #7122 )
2024-01-04 08:55:18 -08:00
CBL-Mariner-Bot
515cb74cbe
[AUTO-CHERRYPICK] apparmor: add patches for CVE-2023-50471 and CVE-2023-50472 - branch main ( #7149 )
...
Co-authored-by: Dallas Delaney <106280731+dallasd1@users.noreply.github.com>
2024-01-02 09:59:54 -08:00
Neha Agarwal
c00ee1fff4
libssh: update to v0.10.6 to fix CVE-2023-48795 ( #7141 )
2024-01-02 09:41:59 -08:00
CBL-Mariner-Bot
ff01fee0d9
Prepare January 2024 ( #7144 )
2024-01-02 10:30:01 -05:00
CBL-Mariner-Bot
8655780ab5
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2023-6931 and CVE-2023-6932 ( #7137 )
...
Co-authored-by: Neha Agarwal <nehaagarwal@microsoft.com>
2023-12-29 13:59:41 -08:00
Neha Agarwal
a3d7868c0c
postgresql: update to v14.10 to fix CVE-2023-5868, CVE-2023-5869 and CVE-2023-5870 ( #7138 )
2023-12-29 13:11:23 -08:00
Neha Agarwal
f2a17384db
dbus: Update to v1.15.6 to fix CVE-2023-34969 ( #7134 )
2023-12-29 10:43:02 -08:00
CBL-Mariner-Bot
1d8a012438
[AUTO-CHERRYPICK] xorg-x11-server: add patches for CVE-2023-6377 and CVE-2023-6478 - branch main ( #7133 )
...
Co-authored-by: Dallas Delaney <106280731+dallasd1@users.noreply.github.com>
2023-12-28 13:59:37 -08:00
Neha Agarwal
23bfa1f4f7
openssh: patch CVE-2023-51384 and CVE-2023-51385 ( #7125 )
2023-12-28 09:24:33 -08:00
Neha Agarwal
46d5a680f5
ansible: update to v2.14.12 to fix CVE-2023-5764 ( #7124 )
2023-12-26 11:38:03 -08:00
suresh-thelkar
89e025180f
Patch CVE-2023-46218 mysql ( #7118 )
2023-12-23 14:21:47 +05:30
Christopher Co
fc07dc5399
fix: upgrade cloud-init to v23.4.1 ( #7065 )
...
This change upgrades cloud-init to v23.4.1. This version contains fixes for an issue where some Azure Stack implementations do not support IMDS. Also this cloud-init version has the override data source patch integrated so we can drop the patch from our packaging.
Signed-off-by: Chris Co <chrco@microsoft.com>
2023-12-22 22:50:49 -08:00
ms-mahuber
7be6ca587a
Set OOMScoreAdjust to -999 for containerd-cc ( #7121 )
2023-12-22 19:55:00 -08:00
raviprpandey
b203de4f7d
Set OOMScoreAdjust to -999 for containerd ( #6819 )
2023-12-22 16:14:13 -08:00
Sam Meluch
720629ca10
Add Backport for installonlypkgs to tdnf for Mariner 2.0 ( #7056 )
...
Co-authored-by: Sam Meluch <sam.meluch@microsoft.com>
2023-12-22 11:00:36 -08:00
sindhu-karri
c3ee8c04ed
Move rubygem-puppet-resource_api from Extended to Core ( #7108 )
2023-12-22 15:40:25 +05:30
sindhu-karri
0e78174c90
Move cpp-hocon from extended to core ( #7099 )
2023-12-22 15:23:35 +05:30
sindhu-karri
1f2285732a
Move rubygem-hocon from Extended to Core ( #7103 )
2023-12-22 14:55:30 +05:30
sindhu-karri
ed6e4ec85c
Move rubygem-deep_merge from Extended to Core ( #7107 )
2023-12-22 13:43:25 +05:30
sindhu-karri
a52536b78b
Move ruby-augeas from Extended to Core ( #7106 )
2023-12-22 13:01:55 +05:30
sindhu-karri
bc655f2c7d
Move rubygem-thor from extended to core ( #7100 )
2023-12-22 12:53:47 +05:30
sindhu-karri
ff611bea20
Move package leatherman from extended to core ( #7098 )
2023-12-22 11:56:55 +05:30
sindhu-karri
1995b15363
Move package catch1 from extended to core ( #7096 )
2023-12-22 11:56:36 +05:30
suresh-thelkar
6462d9989a
Patch CVE-2023-45866 in bluez ( #7097 )
2023-12-22 10:23:48 +05:30
Christopher Co
7e792c13f9
ci: add codeowners for toolkit folders ( #7091 )
...
Update the GitHub codeowners file to automatically add tooling codeowners as reviewers to the toolkit code. Retain general dev reviewers for docs, imageconfigs, and package manifests.
Signed-off-by: Chris Co <chrco@microsoft.com>
2023-12-21 15:48:50 -08:00
CBL-Mariner-Bot
e3aa39d710
[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2023-46862 CVE-2023-6622 ( #7113 )
2023-12-21 13:55:15 -08:00
Lanze Liu
bb4c29e48d
imagecustomizer: initial dm-verity enablement by nbd. ( #6809 )
...
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
2023-12-21 13:05:26 -08:00
Gary Swalling
5324a3a344
Upgrade kernel-mos to 5.15.143.1 ( #7086 )
2023-12-21 11:40:37 -08:00
CBL-Mariner-Bot
b1ffd4eeb3
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.143.1 - branch main ( #7048 )
...
Note this upgrade also required an update to the kernel-hci patches.
Co-authored-by: Vince Perri <viperri@microsoft.com>
2023-12-21 11:11:19 -08:00
Mandeep Plaha
e2a91dbf9d
Patch CVE-2023-49083 in python-cryptography ( #7104 )
2023-12-21 09:00:27 -08:00
CBL-Mariner-Bot
32572206ca
[AUTOPATCHER-CORE] Upgrade fish to 3.6.2 CVE-2023-49284 ( #7039 )
2023-12-21 09:55:36 +05:30
Dmytro Chasovskykh
8f1884667a
applying disable-newgroup-query-when-netgroup-base-is-not-set.patch ( #7085 )
...
Fixes: a48d432a11
("Sudo ldap netgroup_query bug fix patch (#7068 )")
Co-authored-by: Dmytro Chasovskykh <dchasovskykh@linkedin.com>
2023-12-20 19:34:25 -08:00
sindhu-karri
c989846a40
Add moreutils package to mariner ( #7017 )
2023-12-21 08:18:07 +05:30
amritakohli
4d38bd44d6
Image Customizer: Support for partition extraction - raw, raw-zstd ( #7013 )
2023-12-20 16:29:47 -08:00
Mitch Zhu
31fbf2bbbe
Add Kata meta-package ( #7053 )
...
Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
2023-12-20 14:25:25 -08:00
Christopher Co
71792f5d69
ci: update kata codeowner packages ( #7063 )
...
Update the GitHub codeowners file to automatically add the cbl-mariner-kata-containers team as reviewers for kata-containers and confidential containers packages.
Signed-off-by: Chris Co <chrco@microsoft.com>
2023-12-20 13:35:53 -08:00
Rohit Rawat
e87fb99c84
Fix CVE-2020-8694, CVE-2020-8695 and CVE-2020-12912 ( #7029 )
...
Fixes moby-engine and moby-containerd by upgrade
2023-12-20 20:40:33 +05:30
sindhu-karri
1eec67c797
Add package perl-Time-Duration to mariner ( #7016 )
2023-12-20 13:12:02 +05:30
sindhu-karri
26be580363
Move package perl-Class-Accessor from extended to core ( #7026 )
2023-12-20 12:00:10 +05:30
sindhu-karri
9908edd747
Move package perl-Sub-Name from Extended to core ( #7027 )
2023-12-20 11:59:21 +05:30
sindhu-karri
3ef0e1f125
Move package perl-Devel-CheckBin from extended to core ( #7028 )
2023-12-20 11:58:34 +05:30
sindhu-karri
9a290953b9
Move perl-IO-String from extended to core ( #7025 )
2023-12-20 11:57:44 +05:30
sindhu-karri
d3b5e583fb
Move package perl-IPC-Run from Extended to Core ( #7015 )
2023-12-20 11:54:56 +05:30
sindhu-karri
8a9d3a5e96
move docbook2X package from Extended to Core ( #7012 )
2023-12-20 11:53:43 +05:30
AZaugg
a48d432a11
Sudo ldap netgroup_query bug fix patch ( #7068 )
...
sudo backed by ldap is no longer working after moving to the new version of sudo. Patched the fix upstream to get ldap sudo to work with NETGROUP_QUERY
2023-12-19 21:23:02 -08:00
CBL-Mariner-Bot
311df2a641
[AUTOPATCHER-CORE] Upgrade curl to 8.5.0 CVE-2023-46219 ( #7059 )
...
Co-authored-by: Cameron Baird <cameronbaird@microsoft.com>
2023-12-19 14:37:17 -08:00