e65b0aec49
Upgrade iana-etc to version 20211115 ( #1664 )
2021-11-22 12:30:20 -08:00
da8fdb34f6
update libxcrypt required glibc version ( #1663 )
2021-11-22 11:46:24 -08:00
0ffa4c403e
disable ant debuginfo ( #1660 )
2021-11-22 10:29:37 -08:00
3c5765cdeb
Add python3-perf subpackage to kernel ( #1646 )
2021-11-22 09:10:57 -08:00
8018da3c3c
[dev] `uclibc-ng`: fixing CVE-2021-43523. ( #1654 ) ( #1658 )
2021-11-21 12:43:30 -08:00
20476e8ecd
[dev] Breaking circular dependencies containing pre-built packages ( #1630 )
2021-11-19 13:57:52 -08:00
d7cb7c78e9
Update toolchain and packages to build with gcc 11.2.0 and glibc 2.34 ( #1623 )
...
* update coreutils and texinfo specs
* update coreutils and texinfo in toolchain
* fix patch url
* update binutils to 2.37
* update version in manifests
* update util-linux mpfr mpc gmp
* fix mpfr tarball
* fix gmp
* update cgmanifest.json
* cleanup
* restore binutils patch
* fix gmp and mpfr specs
* update util-linux spec
* fix binutils and util-linux breaks
* update kernel CONFIG_LD_VERSION
* bump kernel release
* remove reference to rpm-define-RPM-LD-FLAGS.patch
* fix gen-ld-script.sh sha256sum
* update gcc spec to 11.2.0
* update kernel configs for gcc
* update cgmanifest
* update gcc to 11.2.0 in raw toolchain
* add patch for gcc texi issue
* update glibc to 2.34
* update manifests for diffutils and glibc
* disable tm_texi patch in toolchain
* fix SIGSTKSZ gcc issue
* patch m4 for glibc 2.34
* update make to 4.3 and diffutils to 3.8
* revert make to 4.2.1 due to operation not permitted error
* fix make and texinfo build issues with glibc 2.34
* dont build zstd in temp toolchain due to gcc build errors
* remove glibc workarounds for fintutils and gzip
* update findutils and gzip
* update gzip and findutils specs
* update gdbm to 1.21
* update elfutils to 1.185 in toolchain. fix manifests
* remove findutils test change
* remove texinfo patch
* fix kernel changelogs
* add patch for cpio extern issue
* restore rpm patch
* fix m4 spec
* fix elfutils and gpgme spec issues
* fix kernel-hyperv changelog
* update kbd and libtirpc to resolve gcc 11.2.0 issues
* fix m4 version in pkggen_core
* fix libtirpc in manifests
* fix nss error
* fix openjdk
* fix aarch64 openjdk8
* fix elfutils spec
* GODEBUG=netdns=go
* verbose rpm query
* fix coreutils on aarch64. use rpm 1.14.2.1 in raw toolchain. revert rpm.go
* bump cpio release
* revert rpm.go change
* cleanup toolchain scripts and specs. parallel make for glibc
* enable fortran
* remove aarch64 ld-2.27.so link
* add gfortran to toolchain manifests
* fix binutils changelog
* fix kernel release version
* update bison grep sed tar
* add glibc pthread patch
* upgrade file gawk and xz. fix sed and grep spec issues
* set -fcommon
* revert file to 5.34
* fix temp gawk version
* fix xz man1 files
* update libgpg-error to 1.43
* add ld-linux-aarch64.so.1 to glibc spec
* use /lib/ld-linux-aarch64.so.1
* update file 5.40 and bzip2 1.0.8 in toolchain. openjdk8 remove -fcommon.
* update to perl 5.32.0 in toolchain
* fix glibc aarch64 exclude. add shadow-utils provides. fix perl src filename
* fix efivar build. upgrade dtc
* Removing 'ctags'.
* Updating 'libacvp' to version 1.4.1.
* Updating 'nlohmann-json' to version 3.10.4.
* Updating 'dhcp.spec' CFLAGS to include CBL-Mariner's defaults.
* update and fix ipxe build. remove perl debuginfo.
* add fixes for autofs and libcomps
* Adjusting build steps for 'dhcp' and 'nlohmann-json'.
* fix rocksdb
* fix ntp
* fix libcomps url in cgmanifest. revert perl change
* fix nfs-utils
* fix azure-iot-sdk-c
* Remove 'tboot'.
* fix qemu-kvm
* update R and ant
* Updating 'libiothsm-std' to version 1.2.5.
* Linting.
* Remove tcp_wrappers package
* fix syslinux
* Downgrading 'libiothsm-std' to 1.1.8.
* fix fuse. fix libcomps url
* Downgrading 'libacvp' to 1.3.0.
* Applying GCC 11 patch.
* fix fuse configure.ac issue
* Fixing 'libiothsm-std' build.
* Upgrade lldpad to 1.1.0
* Upgrade gdb to 11.1
* Upgrade catch to 2.13.7
* fixup! Upgrade gdb to 11.1
* fixup! Upgrade lldpad to 1.1.0
* remove bazel
* Updating 'toml11' to version 3.7.0.
* update cgmanifest for catch gdb lldpad
* fix qt5-qtbase
* fix device-mapper-multipath
* fix syslinux
* fix grpc
* fix kernel configs
* fix kernel-hyperv config
* increase heap size for ant
* update lttng-consume
* fix auoms
* update valgrind. fix arm64 gdb issue
* update arm64 kernel config
* fix blobfuse
* update and fix azure-iotedge
* fix grpc 1.41.1 in cgmanifest
* fix kernel and kernel-hyperv PTHREAD_STACK_MIN issue
* remove ant ant-contrib jna R
* Updating 'azure-iotedge' sources creation instructions.
* add back ant ant-contrib bazel jna R
* restrict jdk8 packages
* verify licenses
* only build conda picosat python-pycosat on arm64. fix cgmanifest
* update openjdk8 to version 1.8.0.302
* fix cgmanifest for ant and R
* always build ant
* update licenses. remove tdnf workaround. bump shadow-utils release
* update LICENSES-MAP.md to remove tboot ctags tcp_wrappers. bump libavcp release
* fix ant builds only on arm64
* Clarifying license for 'ntp'.
* Verifying license for 'ant-contrib'.
* Verifying more specs.
* revert libabcvp CFLAGS changes
* add kernel patch file
* set -fcommon to fix libacvp build
* fix python-filelock
* revert tdnf line change
Co-authored-by: CBL-Mariner Service Account <cblmargh@microsoft.com>
Co-authored-by: Pawel Winogrodzki <pawel.winogrodzki@microsoft.com>
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
Co-authored-by: Thomas Crain <thcrain@microsoft.com>
2021-11-17 21:41:55 -08:00
d7aed1498f
Patch Libacvp to Support Additional OpenSSL Tests ( #780 ) ( #1638 )
...
Update libacvp to version 1.3.0 and add support for additional OpenSSL tests.
Co-authored-by: Nicolas Ontiveros <54044510+niontive@users.noreply.github.com>
2021-11-12 19:31:57 -08:00
8ed8dfed3e
[dev] Revert ssh brute force prevention rules ( #1637 )
...
* Revert ssh brute force prevention added in commit #741 (#1508 )
* spec lint
Co-authored-by: Neha Agarwal <58672330+neha170@users.noreply.github.com>
2021-11-10 22:30:40 -08:00
e2c32e9bf7
[dev] SPECS: drop epoch tag from specs ( #1624 )
...
* bash-completion: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* colm: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* crash: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* dpdk: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* fmt: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* kyua: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* libglvnd: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* mesa: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* ragel: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* systemtap: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* xorg-x11-font-utils: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* xorg-x11-xauth: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2021-11-11 09:36:30 +05:30
68fdd50ff4
[dev] enabling rook ( #1540 )
...
* rook building successfully
* importing runtime dependencies
* cleaning up rook.spec
* enabling patterns-ceph-containers without select dependencies
* updating licenses for added packages
* licensing corrections for added packages
* applied lint diffs
* ignoring meta package in cgmanifest
* updating licenses-map metadata
* correcting releases
* adding source link, correcting changelog
* added vendor tar instructions
* removing opensuse csi references from rook
* removed rook build flags, remove patterns-ceph source, removed rook test binary
* updating signatures.json
* correcting capitalization of source attribution
* Corrected changelog comment
Co-authored-by: maxbrodeururbas <maxbr@microsoft.com>
2021-11-10 11:49:30 -08:00
2a065b97fc
[dev] Adding a switch to skip chroot rebuilds ( #1622 )
2021-11-04 23:33:38 -07:00
ab48ab7a32
[dev] Fixing `libsepol` tests. ( #1621 )
2021-11-04 16:17:07 -07:00
ac15805823
[dev] Upgrade `mozjs` and `polkit` ( #1454 )
2021-11-04 14:05:58 -07:00
a7f32c2e51
Add checksec ( #1562 ) ( #1615 )
...
* add checksec.spec; update to 2.5.0 release
2021-11-04 13:02:15 -07:00
e7cbe925fe
update gen-ld-script.sh ( #1610 )
2021-11-03 11:35:50 -07:00
674c940aa8
[dev] cherry-pick verity-read-only-root: Add missing whitespace in verity.conf mo… ( #1592 )
...
* [1.0] verity-read-only-root: Add missing whitespace in verity.conf module lists (#1527 )
* Add missing whitespace in verity.conf module lists
* Add license verification entry
2021-11-01 12:55:15 -07:00
11b7f41b47
Add configs for eBPF ( #1586 )
2021-11-01 09:09:16 -07:00
a4de52298f
[dev] Making `apr` tests run single-threaded ( #1598 )
2021-10-29 01:12:32 -07:00
91b40b21e7
[dev] Printing active builds ( #1597 )
2021-10-29 01:09:33 -07:00
21db9f88c4
[dev]Use MountIdentifier to configure fstab file ( #1448 )
...
* Use MountIdentifier to configure fstab file
2021-10-27 17:25:53 -07:00
21654abf24
Apply binutils readonly patch in toolchain ( #1590 )
...
* apply binutils readonly patch in toolchain
* add flex dependency to dockerfile and temp toolchain
2021-10-27 12:51:14 -07:00
3c22062735
Update package note tool and binutils ( #1563 )
...
* Update module version tool to 2.1.2
* Add and set outdir path
* Update mariner-rpm-macros.spec
* Update signature for gen-ld-script.sh
* Add patch for readonly keyword support in binutils
* Enable linker script readonly keyword support patch
* Update examples and notes in generate-package-note.py
* Enable 2.36.1-4 for pkggen_core_aarch64
* Add verify-package-notes.sh script
* Update signatures and add signature for verify-package-notes.sh
* Install verify-package-notes.sh
* Update signatures and version
* Update toolchain package version for mariner-rpm-macros
* Fix example output
* Update manifest for binutils output flavors
* Update gen-ld-script.sh hash
Co-authored-by: Ismail Kose <iskose@microsoft.com>
2021-10-26 15:51:02 -07:00
cae836e6e5
Merge pull request #1509 from microsoft/chpebeni/dev-selinux
...
shadow-utils: Make pam_loginuid optional
2021-10-26 14:14:55 -04:00
4ce26ace71
Extending source attribution check. ( #1583 )
2021-10-26 11:09:47 -07:00
1e2e1afe61
shadow-utils: Make pam_loginuid optional.
...
This requires audit, which isn't used on all systems.
2021-10-26 17:56:25 +00:00
969c8868c5
[dev] kernel: Update to 5.10.74.1 ( #1571 )
...
* Update to 5.10.74.1
* Add license verified for all files
2021-10-22 11:39:58 -07:00
2b5837d9cc
Upgrade bzip2 to 1.0.8 ( #1543 )
2021-10-21 21:15:51 -07:00
9c0766ef34
[dev] Adding proper spec source attribution for CentOS specs ( #1569 )
2021-10-21 14:50:35 -07:00
5a5915de00
[dev] Adding spec file checks ( #1559 )
2021-10-20 17:04:50 -07:00
db6a866774
[dev] Unifying source attributions and `Release` tags ( #1558 )
2021-10-20 16:45:16 -07:00
faeaddbd6b
Fixing changelog spelling for Sérgio. ( #1552 )
2021-10-20 16:05:59 -07:00
174dd9f942
Add goal functionality to depsearch tool ( #1541 )
2021-10-19 10:34:25 -07:00
bdf0b16304
fix bug #36667369 - Full ISO automatically install waagent... ( #1530 ) ( #1542 )
...
Co-authored-by: nico <nicolasg@microsoft.com>
Co-authored-by: nico <nicolasg@microsoft.com>
2021-10-19 09:55:30 -07:00
bd326b6348
[dev] Revert RPM update ( #1510 , commit 191037a, #1547 ) ( #1551 )
...
This reverts:
- PR #1510 ,
- commit 15907fb09e#1547 .
2021-10-18 15:13:01 -07:00
779b742102
Moving source extraction to the '%install' section. ( #1548 )
...
Co-authored-by: CBL-Mariner Service Account <cblmargh@microsoft.com>
2021-10-16 07:37:04 -07:00
15907fb09e
Adding lost 'install' commands. ( #1547 )
...
Co-authored-by: CBL-Mariner Service Account <cblmargh@microsoft.com>
2021-10-15 14:55:00 -07:00
191037a2d4
Fix build break. Update mariner=rpm-macros signature file for gen-ld.sh
2021-10-15 07:47:56 -07:00
9c486c0633
[dev] Update RPM to 4.17.0 ( #1510 )
...
* Update RPM version to 4.17.0
* Add debugedit with tarballs
* Add changes related to encoding
* Update license map
* Update manifests
* Update SPECS/mariner-rpm-macros/gen-ld-script.sh
* Update signatures for mariner-rpm-macros
* Remove nss from the toolchain
* Substitute make invocations with macros
* Remove ndb sha from toolchain
* Fix toolchain manifests
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
2021-10-15 01:41:40 +02:00
973e10f0ff
[dev] kernel: update to 5.10.69.1 ( #1517 )
...
* Update to kernel 5.10.69.1
* add CVE-2020-3653
* Add CVE-2021-42008
2021-10-14 15:11:26 -07:00
abf0a99d98
Update zstd ( #1539 )
2021-10-14 13:55:36 -07:00
c639bdcaeb
[dev] Resolving conflicts between `nginx` and `nginx-mimetypes`. ( #1529 )
2021-10-13 23:31:16 -07:00
a0a3566a9d
[dev] Unifying `Release` tags ( #1522 )
2021-10-13 11:06:39 -07:00
043867d966
[dev] Removing `Conflicts` for `ca-certificates-shared` ( #1519 )
2021-10-12 16:08:40 -07:00
dd7ceaf863
[dev] Update openssh to 8.8p1 ( #1512 )
...
* Update openssh to 8.8p
* Update cgmanifest
2021-10-12 12:39:33 -07:00
740bbd45bd
Adding test, fixing script, refactoring. ( #1514 )
2021-10-11 16:53:18 -07:00
3317eebe95
Fix partition search ordering for part init ( #1471 )
2021-10-08 14:15:15 -07:00
8115eef995
Fix grpc-devel file conflict ( #1468 ) ( #1503 )
...
* fix grpc-devel
* exclude files
* exclude libaddress_sorting from grpc
2021-10-07 16:19:39 -07:00
25cb136091
remove macros ( #1501 )
2021-10-07 15:42:12 -07:00
514a5fcc54
[dev] `ca-certificates`: removing Mozilla CAs in favour of Microsoft ones ( #1437 )
2021-10-07 12:51:39 -07:00
Thomas Crain