Skip to content

Sandbox/rdutta/3.0/update 3.0.20250521 3.0 v4 #326

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cheeyanglee merged 280 commits into from
Jul 24, 2025
Merged

Sandbox/rdutta/3.0/update 3.0.20250521 3.0 v4 #326

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
280 commits
Select commit Hold shift + click to select a range
74c9a94
libgxps: update to 0.3.2 (#11264)
durgajagadeesh Apr 11, 2025
a0e2a01
Update liblqr-1 to 0.4.3 (#10987)
kevin-b-lockwood Apr 11, 2025
517a68a
libblockdev: Version update to 3.2.0 (#10962)
jykanase Apr 11, 2025
55b0aa9
hyphen-it: Update Version from 0.20071127 -> 5.1.1 (#10957)
v-smalavathu Apr 11, 2025
448cb19
Upgrade: os-prober version to 1.81 (#11494)
jykanase Apr 11, 2025
f33d943
[3.0] Fix Patch Application for `skopeo` (#13340)
Kanishk-Bansal Apr 14, 2025
9efb56d
[3.0] Fix Patch Application for `nvidia-container-toolkit` (#13345)
Kanishk-Bansal Apr 14, 2025
4b7b5be
flux warnings (#13385)
tobiasb-ms Apr 14, 2025
840cde4
Fix to include idmapd.conf and id_resolver.conf in nfs-utils for 3.0 …
bhagyapathak Apr 15, 2025
dea7b3a
[Medium] patch dwarves for CVE-2025-29481 (#13384)
jykanase Apr 15, 2025
d6f51a5
[Medium] Patch libbpf for CVE-2025-29481 (#13382)
jykanase Apr 15, 2025
5e37eeb
[3.0] Introduce debug and metapackage and reduce size of non-debug me…
Camelron Apr 15, 2025
a7a419d
extended repo LVBS kernel (#12064)
ddstreet Apr 15, 2025
fe43366
[AUTO-CHERRYPICK] [MEDIUM] Patch numpy to fix CVE-2018-1999024 - bran…
CBL-Mariner-Bot Apr 15, 2025
ff1447f
[AUTO-CHERRYPICK] [Medium] Patch dietlibc for CVE-2015-1473 - branch …
CBL-Mariner-Bot Apr 15, 2025
4541f4a
[AUTO-CHERRYPICK] Patch gnutls for CVE-2024-12133 [Medium] - branch 3…
CBL-Mariner-Bot Apr 15, 2025
1050cd8
[AUTO-CHERRYPICK] [Medium] Patch vitess for CVE-2025-22870 - branch 3…
CBL-Mariner-Bot Apr 15, 2025
1b8b37e
[AUTO-CHERRYPICK] Patch `ceph` for CVE-2021-28361 [High] - branch 3.0…
CBL-Mariner-Bot Apr 15, 2025
d9ccd92
[AUTO-CHERRYPICK] [Low] Patch subversion for CVE-2024-46901 - branch …
CBL-Mariner-Bot Apr 15, 2025
540b2d2
[AUTO-CHERRYPICK] [Medium] patch memcached for CVE-2021-44647 - branc…
CBL-Mariner-Bot Apr 15, 2025
fbfacda
[AUTO-CHERRYPICK] Patch prometheus-node-exporter for CVE-2025-22870 […
CBL-Mariner-Bot Apr 15, 2025
8fa8595
[AUTO-CHERRYPICK] Patch expat for CVE-2024-8176 [HIGH] - branch 3.0-d…
CBL-Mariner-Bot Apr 15, 2025
8fd0d89
[AUTO-CHERRYPICK] Upgrade libssh2 to 1.11.1 for CVE-2023-48795 [Mediu…
CBL-Mariner-Bot Apr 15, 2025
3fd4c10
[AUTO-CHERRYPICK] Patch `blobfuse2` for CVE-2025-30204 [High] - branc…
CBL-Mariner-Bot Apr 15, 2025
91dd93a
[AUTO-CHERRYPICK] Upgrade `mysql` to 8.0.41 for CVE-2025-21490 & CVE-…
CBL-Mariner-Bot Apr 15, 2025
8611275
[AUTO-CHERRYPICK] Patch `fluent-bit` for CVE-2025-31498 [High] - bran…
CBL-Mariner-Bot Apr 15, 2025
ba1ccd5
[AUTO-CHERRYPICK] Patch git-lfs for CVE-2025-22870 [Medium] - branch …
CBL-Mariner-Bot Apr 15, 2025
a09e742
[AUTO-CHERRYPICK] Patch prometheus-process-exporter for CVE-2025-2287…
CBL-Mariner-Bot Apr 15, 2025
b397f4c
[AUTO-CHERRYPICK] [Low] patch clang for CVE-2024-7883 - branch 3.0-de…
CBL-Mariner-Bot Apr 15, 2025
c045460
[AUTO-CHERRYPICK] Patch rabbitmq-server for CVE-2025-30219 [Medium] -…
CBL-Mariner-Bot Apr 15, 2025
b43cf80
[AUTO-CHERRYPICK] Patch wpa_supplicant for CVE-2025-24912 [Low] - bra…
CBL-Mariner-Bot Apr 15, 2025
c08a8b7
[AUTO-CHERRYPICK] Patch augeas for CVE-2025-2588 [MEDIUM] - branch 3.…
CBL-Mariner-Bot Apr 15, 2025
1c49dbb
[AUTO-CHERRYPICK] [Medium] Upgrade grpc version to 1.62.3 for CVE-202…
CBL-Mariner-Bot Apr 15, 2025
e64f969
[AUTO-CHERRYPICK] [LOW] Patch unzip to fix CVE-2021-4217 - branch 3.0…
CBL-Mariner-Bot Apr 15, 2025
6fa93b2
[AUTO-CHERRYPICK] [MEDIUM] Patch syslinux to fix CVE-2011-2501,CVE-20…
CBL-Mariner-Bot Apr 15, 2025
eddea03
[AUTO-CHERRYPICK] [Medium] Patch ruby for CVE-2025-25186 - branch 3.0…
CBL-Mariner-Bot Apr 15, 2025
767ea95
[AUTO-CHERRYPICK] [Medium] edk2 openssl CVE-2024-13176 - branch 3.0-d…
CBL-Mariner-Bot Apr 15, 2025
13e3bb9
[AUTO-CHERRYPICK] Patch coredns for CVE-2024-53259 [Medium] - branch …
CBL-Mariner-Bot Apr 15, 2025
7a10db3
[AUTO-CHERRYPICK] [Low]patch flannel for CVE-2024-51744 - branch 3.0-…
CBL-Mariner-Bot Apr 15, 2025
6bf160c
[AUTO-CHERRYPICK] [Low} Patch dcos-cli for CVE-2024-51744 - branch 3.…
CBL-Mariner-Bot Apr 15, 2025
aa48c6e
[AUTO-CHERRYPICK] [Low] patch bcc for CVE-2024-2314 - branch 3.0-dev …
CBL-Mariner-Bot Apr 15, 2025
0c05128
[AUTO-CHERRYPICK] Patch telegraf for CVE-2024-35255 and CVE-2025-2714…
CBL-Mariner-Bot Apr 15, 2025
5c8830b
[AUTO-CHERRYPICK] python-requests: add patch for CVE-2024-35195 - bra…
CBL-Mariner-Bot Apr 15, 2025
e182f67
Updated context to be used for HTTP request + refactoring (#9291)
PawelWMS Apr 15, 2025
e4c7d7e
Fix perl-json-any ptest (#13424)
rikenm1 Apr 15, 2025
6ccf7a6
Fix ocaml-ctypes ptest (#13422)
rikenm1 Apr 15, 2025
b07adbf
Fix ocaml-astring ptest (#13421)
rikenm1 Apr 15, 2025
a4e49f1
Fix rubygem-rake ptest (#13420)
rikenm1 Apr 15, 2025
01d0466
Fix Ptest for python-ecdsa (#13414)
rikenm1 Apr 15, 2025
30d7ad1
Fix ptest python-greenlet (#13413)
rikenm1 Apr 15, 2025
f5d8d4b
Add patch fixing tests for python-cytoolz (#13333)
sameluch Apr 15, 2025
0e2e262
amtk: upgrade to 5.6.1 (#12935)
durgajagadeesh Apr 16, 2025
aae1deb
Upgrade: python-kdcproxy version to 1.0.0 (#12939)
akhila-guruju Apr 16, 2025
fbc257c
Upgrade: python-lazy-object-proxy version to 1.10.0 (#12940)
akhila-guruju Apr 16, 2025
721815f
[AUTO-CHERRYPICK] [Low] patch vitess for CVE-2024-53257 - branch 3.0-…
CBL-Mariner-Bot Apr 16, 2025
6277f76
Fixing specs generating duplicate SRPMs (#13314)
PawelWMS Apr 18, 2025
a767021
[AUTO-CHERRYPICK] Patch `ruby` CVE-2025-27219, CVE-2025-27220, CVE-20…
CBL-Mariner-Bot Apr 21, 2025
84d2b92
[AUTO-CHERRYPICK] [Medium] Patch azcopy for CVE-2025-22870 and CVE-20…
CBL-Mariner-Bot Apr 21, 2025
362a10a
[AUTO-CHERRYPICK] Patch `elfutils` for CVE-2025-1372, CVE-2025-1376 &…
CBL-Mariner-Bot Apr 21, 2025
94e26d9
[AUTO-CHERRYPICK] Patch keda for CVE-2024-51744, CVE-2025-22870 and f…
CBL-Mariner-Bot Apr 21, 2025
07ad2a8
[AUTO-CHERRYPICK] [Medium] Patch nodejs for CVE-2024-34064, CVE-2020-…
CBL-Mariner-Bot Apr 21, 2025
2c69bf1
[AUTO-CHERRYPICK] Patch prometheus for CVE-2024-35255 [Medium]. - br…
CBL-Mariner-Bot Apr 21, 2025
1fde606
[AUTO-CHERRYPICK] [Medium] Patch gnutls for CVE-2024-12243 - branch 3…
CBL-Mariner-Bot Apr 21, 2025
de7f91a
[AUTO-CHERRYPICK] [Low] Patch kubernetes for CVE-2024-51744 - branch …
CBL-Mariner-Bot Apr 21, 2025
c474ff4
[AUTO-CHERRYPICK] [Medium] Patch haproxy for CVE-2025-32464 - branch …
CBL-Mariner-Bot Apr 21, 2025
8baa18b
[AUTO-CHERRYPICK] Patch openssh for CVE-2025-32728 [MEDIUM] - branch …
CBL-Mariner-Bot Apr 21, 2025
c10e844
[AUTO-CHERRYPICK] Patch telegraf for CVE-2025-30215 [CRITICAL] - bran…
CBL-Mariner-Bot Apr 21, 2025
432f8e2
[AUTO-CHERRYPICK] Upgrade erlang to 26.2.5.11 for CVE-2025-32433 [CRI…
CBL-Mariner-Bot Apr 21, 2025
adefc63
[AUTO-CHERRYPICK] [AUTO-PR] azure-core/azurelinux:anphel/3-perl-cve -…
CBL-Mariner-Bot Apr 21, 2025
9645f0c
[AUTO-CHERRYPICK] [Medium] patch qemu for CVE-2021-20255, CVE-2023-66…
CBL-Mariner-Bot Apr 21, 2025
10ac7a1
[AUTO-CHERRYPICK] [Medium] Patch packer for CVE-2025-22870 and CVE-20…
CBL-Mariner-Bot Apr 21, 2025
ee0ba8f
[AUTO-CHERRYPICK] [LOW] Patch ceph for CVE-2020-14378 - branch 3.0-de…
CBL-Mariner-Bot Apr 21, 2025
28ee4bf
[AUTO-CHERRYPICK] Patch giflib for CVE-2025-31344 [HIGH] - branch 3.0…
CBL-Mariner-Bot Apr 21, 2025
f2a3202
[AUTO-CHERRYPICK] Patch `graphviz` for CVE-2023-46045 [High] - branch…
CBL-Mariner-Bot Apr 21, 2025
a622439
grub2: Replace fgrep with grep (#13435)
KavyaSree2610 Apr 22, 2025
4a46ba6
Patch containerd and containerd2 for CVE-2024-40635 [medium] (#13334)
aadhar-agarwal Apr 22, 2025
eef23cf
Fix CVE-2024-40635 for moby-containerd-cc with an upstream patch (#13…
manuelh-dev Apr 22, 2025
4cdfe91
Fix sphinxcontrib-xxxx ptests (#13550)
rikenm1 Apr 22, 2025
fcdc279
Fix python cherrypy ptest (#13549)
rikenm1 Apr 22, 2025
0c95b8b
fix perl test without module ptest (#13546)
rikenm1 Apr 22, 2025
cf98434
fix perl-yaml-tiny ptest (#13544)
rikenm1 Apr 22, 2025
e2fdd60
fix python-iniparse ptest (#13312)
rikenm1 Apr 22, 2025
c62c506
Fix python typing extensions ptest (#13311)
rikenm1 Apr 22, 2025
465b5b7
[MEDIUM] Patch tinyxml2 for CVE-2024-50615 (#13380)
archana25-ms Apr 23, 2025
0568651
Remove fluentd and associated plugins from Azure Linux 3.0 (#13478)
jslobodzian Apr 23, 2025
71ed23d
Upgrade: python-curio version to 1.6^1.1484546 (#13052)
SumitJenaHCL Apr 24, 2025
223ded6
Upgrade: tk version to 8.6.13 (#13025)
archana25-ms Apr 24, 2025
e47e11b
Upgrade: perl-Term-Table version to 0.024 (#13019)
SumitJenaHCL Apr 24, 2025
09c3fcf
ansible-freeipa: Update to 1.13.2 (#11028)
durgajagadeesh Apr 24, 2025
2c75d9d
Upgrade: containernetworking-plugins version to 1.6.1 (#13453)
archana25-ms Apr 24, 2025
5c1cdfd
freexl : Upgrade to version 2.0.0 (#10855)
jykanase Apr 24, 2025
2ad0882
hyphen-ca: Update Version from 0.9.3 -> 1.5 (#10875)
v-smalavathu Apr 24, 2025
199ec98
hyphen-tk: Update Version from 0.20110620 -> 0.20210322 (#10981)
v-smalavathu Apr 24, 2025
faf8985
Upgrade: librevenge version to 0.0.5 (#11022)
SumitJenaHCL Apr 24, 2025
1fdc117
Upgrade: libspiro version to 20240903 (#11058)
SumitJenaHCL Apr 24, 2025
d2bb5ae
Upgraded lksctp-tools to version 1.0.19 (#12094)
aninda-al Apr 24, 2025
9740a51
ocaml-xml-light: upgrade to 2.5 (#12984)
durgajagadeesh Apr 24, 2025
dc8d6a2
Upgrade: osinfo-db-tools version to 1.12.0 (#11513)
jykanase Apr 24, 2025
278ed85
Upgrade perl-Alien-pkgconf version to 0.20 (#12936)
jykanase Apr 24, 2025
d3dbf1f
Upgrade: perl-Class-Tiny version to 1.008 (#12751)
SumitJenaHCL Apr 24, 2025
5c3a548
Upgrade: perl-Config-AutoConf version to 0.320 (#12749)
SumitJenaHCL Apr 24, 2025
15cc307
Upgrade perl-Test-Simple version to 1.302204 (#12946)
jykanase Apr 24, 2025
d39c248
Build Fix for perl-Test2-Tools-Explain version 0.02 (#13097)
akhila-guruju Apr 24, 2025
3b2e6e4
Upgrade: pyparted to version 3.58 (#11613)
SumitJenaHCL Apr 24, 2025
24e667a
Upgrades python-blinker to version 1.7.0 (#12345)
aninda-al Apr 24, 2025
3737c09
Upgrades python-cheetah to version 3.2.6.post1 (#12381)
aninda-al Apr 24, 2025
41af91b
Upgrade: python-pymongo version to 4.2.0 (#11637)
akhila-guruju Apr 24, 2025
d4ba312
Upgrade: python-IPy to version 1.01 (#11615)
SumitJenaHCL Apr 24, 2025
76a7ecc
Upgrade: python-requests-toolbelt version to 1.0.0 (#12943)
akhila-guruju Apr 24, 2025
02f535b
azl-otel-collector: Add azl-otel-collector to SPECS-EXTENDED (#13160)
aditjha-msft Apr 24, 2025
16c03af
fixed regexp build failure caused by javac version 6 not being suppor…
aninda-al Apr 24, 2025
6b03e40
Upgrade: rubygem-flexmock version to 3.0.1 (#11538)
akhila-guruju Apr 24, 2025
7ffacec
Upgrade: rubygem-pkg-config version to 1.5.7 (#11601)
akhila-guruju Apr 24, 2025
11653a1
Upgrade: uglify-js version to 3.19.3 (#12981)
archana25-ms Apr 24, 2025
8f8278e
Upgrade: xfconf version to 4.18.3 (#12976)
archana25-ms Apr 24, 2025
0049b94
Upgrade xfsdump version to 3.1.12 (#12942)
jykanase Apr 24, 2025
565c0d0
Update SCOSSL to 1.8.0 (#13151)
mamckee Apr 24, 2025
e006449
Upgrade xrestop version to 0.6 (#12941)
jykanase Apr 24, 2025
bd41b9e
Upgrade ypserv version to 4.2 (#12938)
jykanase Apr 24, 2025
05bcd14
Upgrade: perl-File-TreeCreate version to 0.0.1 (#13318)
archana25-ms Apr 24, 2025
fea32fc
qtsvg: bump release to recompile with latest qtbase-devel (#13295)
anphel31 Apr 24, 2025
4e55b13
upgrade rust to 1.85.0 (#11295)
KavyaSree2610 Apr 24, 2025
43a515b
[AUTO-CHERRYPICK] Fix `crash` for CVE-2021-20197, CVE-2022-47673, CVE…
CBL-Mariner-Bot Apr 24, 2025
684faed
[AUTO-CHERRYPICK] Patch `giflib` for CVE-2021-40633 [High] - branch 3…
CBL-Mariner-Bot Apr 24, 2025
902a1c0
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade pgbouncer to 1.24.1 to f…
CBL-Mariner-Bot Apr 24, 2025
91309e5
[AUTO-CHERRYPICK] [High] Patch moby-engine for CVE-2025-30204 - branc…
CBL-Mariner-Bot Apr 24, 2025
564a214
[AUTO-CHERRYPICK] [High] Patch libsoup for CVE-2025-32913, CVE-2025-3…
CBL-Mariner-Bot Apr 24, 2025
976368d
[AUTO-CHERRYPICK] Patch `pytorch` for CVE-2025-32434, CVE-2025-3730 […
CBL-Mariner-Bot Apr 24, 2025
5ade69f
[AUTO-CHERRYPICK] [Medium] Patch prometheus for CVE-2025-22870 and CV…
CBL-Mariner-Bot Apr 24, 2025
940b196
[AUTO-CHERRYPICK] Patch nodejs for CVE-2025-27516 [Medium] - branch 3…
CBL-Mariner-Bot Apr 24, 2025
73d1b48
Upgrade `fcgi` to 2.4.5 for CVE-2025-23016 [Critical] (#13560)
Kanishk-Bansal Apr 24, 2025
bfd9038
[Medium] Patch influxdb for CVE-2025-22870 and CVE-2024-51744 (#13095)
v-smalavathu Apr 21, 2025
26109cf
apache-commons-digester: Build error fix (#13141)
durgajagadeesh Apr 25, 2025
97c618e
libutempter: Update Version from 1.1.6 -> 1.2.1 (#11116)
v-smalavathu Apr 25, 2025
f93449c
Upgrade: mod_http2 version to 2.0.29 (#12921)
akhila-guruju Apr 25, 2025
73d3abb
Add a post and postun for mariadb-connector-c, ensuring ldconfig is r…
christopherco Apr 25, 2025
bb834a8
Patch libtiff for CVE-2023-6228 [Low] (#11788)
Ankita13-code Apr 25, 2025
339d8c2
kernel: enable dxgkrnl module (#12996)
christopherco Apr 25, 2025
a3ae661
[AUTO-CHERRYPICK] Patch `keda` for CVE-2025-22872 [Medium] - branch 3…
CBL-Mariner-Bot Apr 25, 2025
26492a0
[AUTO-CHERRYPICK] Patch libsoup for CVE-2025-32908, CVE-2025-32914 [H…
CBL-Mariner-Bot Apr 25, 2025
189c033
[AUTO-CHERRYPICK] flux: patch CVE-2024-43806 - branch 3.0-dev (#13597)
CBL-Mariner-Bot Apr 26, 2025
46db0d3
Patch nginx for work item 56114630 to enable webdav module (#12888)
sandeepkarambelkar Apr 26, 2025
fe9a0d1
libunicap: Fixed build issues (#13599)
v-smalavathu Apr 28, 2025
7d2b180
nvmetcli: update to 0.7 (#11550)
durgajagadeesh Apr 28, 2025
5d76430
Add yq package for work item 55989974 (#12997)
sandeepkarambelkar Apr 28, 2025
c53bd1c
[Medium] patch sriov-network-device-plugin for CVE-2025-22872 (#13558)
jykanase Apr 28, 2025
496c5d0
[Medium] patch docker-compose for CVE-2025-22872 (#13557)
jykanase Apr 28, 2025
914e595
[MEDIUM] Patch cf-cli for CVE-2025-22872 (#13553)
archana25-ms Apr 28, 2025
a924b8a
[MEDIUM] Patch containerized-data-importer for CVE-2025-22872 (#13535)
archana25-ms Apr 28, 2025
8a29e28
[MEDIUM] Patch prometheus-adapter for CVE-2025-22872 (#13534)
archana25-ms Apr 28, 2025
43dfa39
[MEDIUM] Patch packer for CVE-2025-22872 (#13532)
archana25-ms Apr 28, 2025
709e977
[Medium] patch gh for CVE-2025-22872 (#13531)
jykanase Apr 28, 2025
05e88db
[Medium] Patch kube-vip-cloud-provider for CVE-2025-22872 (#13523)
kevin-b-lockwood Apr 28, 2025
dc2340b
[Medium] patch bcc for CVE-2025-29481 (#13426)
jykanase Apr 28, 2025
81f6c4a
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade valkey to 8.0.3 for CVE-…
CBL-Mariner-Bot Apr 28, 2025
31396fa
Update toolkit's gonum to resolve CVE-2024-24792 in image package (#1…
dmcilvaney Apr 29, 2025
fc3a5a8
Prepare May 2025 Update (#13618)
CBL-Mariner-Bot Apr 29, 2025
e8f8ab6
Add libmambapy to Azure Linux (#13381)
rikenm1 Apr 29, 2025
7edc702
Merge branch '3.0-dev' into anphel/3-merge-for-apr-2025-monthly
anphel31 Apr 29, 2025
806af31
Merge 3.0-dev for April 2025 monthly release (#13620)
jslobodzian Apr 29, 2025
ac523a9
[AUTOPATCHER-CORE] Upgrade espeak-ng to 1.52.0 remove chrome extensio…
CBL-Mariner-Bot Apr 29, 2025
d01712c
Revert "Update toolkit's gonum to resolve CVE-2024-24792 in image pac…
jslobodzian Apr 29, 2025
7e483a8
Grab latest 3.0-dev to revert golang update. (#13631)
jslobodzian Apr 29, 2025
3eed689
Fix ptest for Python-pytest-forked (#13633)
rikenm1 Apr 29, 2025
0e479f8
Fix python-msgpack ptest (#13635)
rikenm1 Apr 29, 2025
fdb0a1f
Fix python-more-itertools Ptest (#13632)
rikenm1 Apr 29, 2025
02469b5
Fix Ptest for python-markdown (#13634)
rikenm1 Apr 30, 2025
f7363e9
Upgraded xdg-dbus-proxy to version 0.1.6 (#11689)
aninda-al Apr 30, 2025
5a74a32
Upgraded xcb-util-wm to version 0.4.2 (#11683)
aninda-al Apr 30, 2025
feb12c0
[Medium] Patch influxdb for CVE-2025-22872 (#13600)
v-smalavathu Apr 30, 2025
1bccfb3
[Medium] Patch kubevirt for CVE-2025-22872 (#13578)
v-smalavathu Apr 30, 2025
a25cb13
[Medium] Patch kubernetes for CVE-2025-22872 (#13571)
v-smalavathu Apr 30, 2025
33fd972
Upgrade: python-dmidecode version to 3.12.3 (#13562)
akhila-guruju Apr 30, 2025
83d799d
Toolchain: Restore old download manifest behavior (#13649)
dmcilvaney May 1, 2025
0481b4a
[Medium] Patch ig for CVE-2025-22872 (#13650)
v-smalavathu May 5, 2025
8acb2e8
Update kernel-lpg-innovate to version 6.6.85.1 (#13468)
ddstreet May 5, 2025
d1fb3f6
Upgrade: marisa version to 0.2.6 (#13623)
archana25-ms May 6, 2025
d73da20
[Medium] Patch cni-plugins for CVE-2025-22872 (#13615)
v-smalavathu May 6, 2025
0fcce55
Fixes boost by adding phoenix multiple defn patch needed by libetonye…
aninda-al May 6, 2025
39df6fe
jzlib : Build fix (#13607)
archana25-ms May 6, 2025
52bacd2
[Medium] Patch multus for CVE-2025-22872 (#13593)
kevin-b-lockwood May 6, 2025
302d30d
Replace and Upgrade: mailx 12.5 to s-nail 14.9.25 (#13627)
archana25-ms May 6, 2025
63c72aa
generic-logos: fix the build error (#13573)
durgajagadeesh May 6, 2025
adaaf9b
[Medium] Patch libxml2 for CVE-2025-32414 and CVE-2025-32415 (#13497)
v-smalavathu May 6, 2025
c5e6a43
Fixes broken build of perl-File-DesktopEntry (#13477)
aninda-al May 6, 2025
2ded8c3
[MEDIUM] Patch helm for CVE-2025-32386 & CVE-2025-22872 (#13452)
archana25-ms May 6, 2025
97d5876
git: use openssh-clients instead of full openssh package (#13448)
mfrw May 6, 2025
f7e223b
Upgrade python-beautifulsoup4 version to 4.12.3 (#13064)
jykanase May 6, 2025
9eb76af
Upgrades rp-pppoe to version 4.0 (#12985)
aninda-al May 6, 2025
f7e3b38
Upgrade stunnel for work item 56658178 (#13502)
sandeepkarambelkar May 6, 2025
4af3c90
Switched the fast-track PR check to run on an AZL 3.0 agent pool. (#1…
PawelWMS May 6, 2025
c36b50d
[AUTO-CHERRYPICK] Patch `dnf5` CVE-2024-1929, CVE-2024-1930, CVE-2024…
CBL-Mariner-Bot May 6, 2025
7afe536
[AUTO-CHERRYPICK] Patch busybox for CVE-2023-39810 [HIGH] - branch 3.…
CBL-Mariner-Bot May 6, 2025
bf092fc
[AUTO-CHERRYPICK] Patch libsoup for CVE-2025-2784 [HIGH], CVE-2025-32…
CBL-Mariner-Bot May 6, 2025
2147429
[AUTO-CHERRYPICK] Patch qemu for CVE-2024-4467, CVE-2024-7730 [HIGH],…
CBL-Mariner-Bot May 6, 2025
3c19036
[AUTO-CHERRYPICK] virtiofsd: patch CVE-2024-43806 - branch 3.0-dev (#…
CBL-Mariner-Bot May 6, 2025
af89812
Fix Ptest python-Cryptography (#13691)
rikenm1 May 6, 2025
bf3311b
Fix python-oauthlib ptest (#13637)
rikenm1 May 6, 2025
23521e5
Skip Conda test that are failing (#13657)
rikenm1 May 6, 2025
e9c183c
fix perl-cpan-meta-check ptest (#13693)
rikenm1 May 6, 2025
e85b5be
add repo snapshot options to dnf5 (#10947)
sameluch May 7, 2025
f25f496
Patch telegraf for CVE-2025-22872 [Medium] (#13525)
mayankfz May 8, 2025
8972f1a
Upgrade: zenity version to 3.44.1 (#13694)
archana25-ms May 8, 2025
55ea3fd
Patch libsoup for CVE-2025-32053 [Medium] (#13406)
bhagyapathak May 8, 2025
2b22d1e
(security) golang: bump Go version to 1.23.9-1 (#13697)
bot-for-go[bot] May 8, 2025
064cf7c
(security) golang: bump Go version to 1.24.3-1 (#13698)
bot-for-go[bot] May 8, 2025
a1b268e
toolkit: golang-jwt: 5.2.1 -> 5.2.2 to address excessive memory alloc…
mfrw May 12, 2025
5fa8c7f
Remove a build log file added by mistake (#13758)
kgodara912 May 13, 2025
3e3afc8
[MEDIUM] Patch edk2 for CVE-2024-2511, CVE-2024-38796 & CVE-2024-4603…
archana25-ms May 13, 2025
1d3636f
Patch qemu for CVE-2024-26327, CVE-2024-26328 [MEDIUM] (#13714)
kgodara912 May 13, 2025
4b9863b
[AUTO-CHERRYPICK] SymCrypt-OpenSSL -- Update mechanism for creating k…
CBL-Mariner-Bot May 13, 2025
776ee00
Build Fix: jsch 0.1.55 (#13709)
archana25-ms May 13, 2025
55f61fc
Upgrades objenesis to version 3.3 (#13704)
aninda-al May 13, 2025
e73c02e
Upgrade: libgeotiff version to 1.7.3 (#13696)
durgajagadeesh May 13, 2025
e803fe7
Upgrade: perl-JSON-MaybeXS version to 1.004008 (#13678)
durgajagadeesh May 13, 2025
2a6d8d2
[MEDIUM] Patch pytorch for CVE-2025-2953 (#13641)
archana25-ms May 13, 2025
0a14c4e
Upgrades lua-lunitx to version 0.8.1 (#13629)
aninda-al May 13, 2025
3e23989
mock: backport upstream change for disabling ca-trust copying (#13706)
reubeno May 13, 2025
e85006e
[AUTO-CHERRYPICK] [AUTO-PR] Cherry-picked CVE-2025-22247 fix in `open…
CBL-Mariner-Bot May 13, 2025
d17f363
[AUTO-CHERRYPICK] Patch `syslog-ng` for CVE-2024-47619 [High] - branc…
CBL-Mariner-Bot May 13, 2025
0ee8cb7
[AUTO-CHERRYPICK] [3.0 fasttrack] glibc: add pthread_cond_wait patch …
CBL-Mariner-Bot May 14, 2025
4cee6e0
Promote stunnel to core (#13755)
sandeepkarambelkar May 14, 2025
12c5a58
Fix ptest for python-asn1crypto, python-mako, python-gast, and python…
rikenm1 May 14, 2025
8a108d1
kata-containers(-cc): Update to 3.15.0.aks0 release (#13647)
manuelh-dev May 14, 2025
2899a81
[AUTO-CHERRYPICK] Upgrade SymCrypt-OpenSSL to 1.8.1 - branch 3.0-dev …
CBL-Mariner-Bot May 15, 2025
3f48a1a
dom0 packages: Update to dom0 release v2411.19.1 (#13648)
manuelh-dev May 15, 2025
49e7d7d
Prepare May 2025 Update 2 (#13808)
PawelWMS May 15, 2025
02ceb98
Merge 3.0-dev for May 2025 2 release
PawelWMS May 15, 2025
8a67fc4
Extended build failure logging (#13705)
PawelWMS May 15, 2025
28f87c2
Latest 3.0-dec update.
PawelWMS May 15, 2025
cab4240
Merge 3.0-dev for May 2025 2 release (#13809)
jslobodzian May 15, 2025
469ae7b
Upgrade kyotocabinet to version 1.2.80 (#10802)
aninda-al May 16, 2025
293fd84
Updated lua-json to version 1.3.4 (#11179)
aninda-al May 16, 2025
10abee5
[3.0] bmake: move tests to check section (#13815)
anphel31 May 16, 2025
13bf13b
kernel-64k: enabling config options required for GB200 and GB200F dia…
sidchintamaneni May 17, 2025
837e7d7
[Medium] patch rpm-ostree for CVE-2024-2905 (#13818)
jykanase May 20, 2025
d944fbb
[Medium] Patch iniparser for CVE-2023-33461 (#13804)
v-smalavathu May 20, 2025
98835ba
[Medium] Patch yasm for CVE-2023-51258 and CVE-2023-37732 (#13792)
akhila-guruju May 20, 2025
91ef9b2
Patch docker-buildx for CVE-2025-0495 [Medium] (#13768)
sandeepkarambelkar May 20, 2025
e19b003
kernel-64k: Added a new patch to solve EFI slack slots issue (#13783)
sidchintamaneni May 20, 2025
dc78d7c
Revert "Merge 3.0-dev for May 2025 2 release" (#13833)
PawelWMS May 20, 2025
4754737
Prepare May 2025 Update 2 (#13808)
PawelWMS May 15, 2025
2251bb6
kernel-64k: enabling config options required for GB200 and GB200F dia…
sidchintamaneni May 17, 2025
696dc13
kernel-64k: Added a new patch to solve EFI slack slots issue (#13783)
sidchintamaneni May 20, 2025
1de4113
Anphel/3 mid may 2025 update b (#13839)
jslobodzian May 21, 2025
8fd0667
Revert "Anphel/3 mid may 2025 update b" (#13846)
anphel31 May 21, 2025
da84812
Revert "Revert "Merge 3.0-dev for May 2025 2 release"" (#13847)
anphel31 May 21, 2025
3d04526
Sync 3.0-dev to 3.0 as of e19b003a (#13848)
jslobodzian May 21, 2025
3cd11c5
Fixed reporting of build errors (CP: #13889) (#13897)
PawelWMS May 27, 2025
6ad0c3b
Merge tag '3.0.20250521-3.0' into 3.0-dev
ranjan-dutta Jul 18, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
48 changes: 48 additions & 0 deletions .github/workflows/check-srpm-duplicates.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.

# This action checks that the specs in this repo
# generate SRPMs with unique names.
name: SRPMs duplicates check

on:
push:
branches: [main, 2.0*, 3.0*, fasttrack/*]
pull_request:
branches: [main, 2.0*, 3.0*, fasttrack/*]

jobs:
check:
name: SRPMs duplicates check
runs-on: ubuntu-latest
strategy:
matrix:
# Each group is published to a different repo, thus we only need to check
# for SRPM duplicates within the group.
specs-dirs-groups: ["SPECS SPECS-SIGNED", "SPECS-EXTENDED"]

steps:
# Checkout the branch of our repo that triggered this action
- name: Workflow trigger checkout
uses: actions/checkout@v4

# For consistency, we use the same major/minor version of Python that Azure Linux ships
Comment on lines +26 to +29

Check warning

Code scanning / zizmor

does not set persist-credentials: false Warning

does not set persist-credentials: false
- name: Setup Python 3.12
uses: actions/setup-python@v5
with:
python-version: 3.12

# Generate the specs.json files. They are the input for the duplicates check script.
- name: Generate specs.json
run: |
set -euo pipefail

for spec_folder in ${{ matrix.specs-dirs-groups }}; do
echo "Generating specs.json for spec folder '$spec_folder'."

sudo make -C toolkit -j$(nproc) parse-specs REBUILD_TOOLS=y DAILY_BUILD_ID=lkg SPECS_DIR=../$spec_folder
cp -v build/pkg_artifacts/specs.json ${spec_folder}_specs.json
done

- name: Check for duplicate SRPMs
run: python3 toolkit/scripts/check_srpm_duplicates.py *_specs.json
Comment on lines +16 to +48

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the detected issue, we need to add a permissions block to the workflow. The permissions block will specify the minimal privileges required for the workflow to execute successfully. Since the workflow primarily reads repository contents and does not need write access, the permissions block should restrict access to contents: read.

The permissions block can be added at the workflow level (applies to all jobs) or at the job level (specific to the check job). We will add the permissions at the workflow level because all jobs in the workflow share the same privilege requirements.

Suggested changeset 1
.github/workflows/check-srpm-duplicates.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/check-srpm-duplicates.yml b/.github/workflows/check-srpm-duplicates.yml
--- a/.github/workflows/check-srpm-duplicates.yml
+++ b/.github/workflows/check-srpm-duplicates.yml
@@ -4,6 +4,8 @@
 # This action checks that the specs in this repo
 # generate SRPMs with unique names.
 name: SRPMs duplicates check
+permissions:
+  contents: read
 
 on:
   push:
EOF
@@ -4,6 +4,8 @@
# This action checks that the specs in this repo
# generate SRPMs with unique names.
name: SRPMs duplicates check
permissions:
contents: read

on:
push:
Copilot is powered by AI and may make mistakes. Always verify output.
5 changes: 4 additions & 1 deletion SPECS-EXTENDED/389-ds-base/389-ds-base.spec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ ExcludeArch: i686
Summary: 389 Directory Server (%{variant})
Name: 389-ds-base
Version: 3.1.1
Release: 2%{?dist}
Release: 3%{?dist}
License: GPL-3.0-or-later AND (0BSD OR Apache-2.0 OR MIT) AND (Apache-2.0 OR Apache-2.0 WITH LLVM-exception OR MIT) AND (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR MIT OR Zlib) AND (Apache-2.0 OR MIT) AND (CC-BY-4.0 AND MIT) AND (MIT OR Apache-2.0) AND Unicode-DFS-2016 AND (MIT OR CC0-1.0) AND (MIT OR Unlicense) AND 0BSD AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND MIT AND MIT AND ISC AND MPL-2.0 AND PSF-2.0
URL: https://www.port389.org
Vendor: Microsoft Corporation
Expand Down Expand Up @@ -732,6 +732,9 @@ exit 0
%endif

%changelog
* Mon Apr 21 2025 Kavya Sree Kaitepalli <kkaitepalli@microsoft.com> 3.1.1-3
- Bump release to build with rust 1.85.0

* Fri Sep 20 2024 Muhammad Falak <mwani@microsoft.com> 3.1.0-2
- Initial Azure Linux import from Fedora 42 (license: MIT)
- License verified
Expand Down
3 changes: 2 additions & 1 deletion SPECS-EXTENDED/amtk/amtk.signatures.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
{
"Signatures": {
"amtk-5.0.2.tar.xz": "71cc891fbaaa3d0cb87eeef9a2f7e1a2acab62f738d09ea922fb4b9ea2f84f86"
"amtk-5.6.1.tar.xz": "d50115b85c872aac296934b5ee726a3fa156c6f5ad96d27e0edd0aa5ad173228"
}
}

103 changes: 74 additions & 29 deletions SPECS-EXTENDED/amtk/amtk.spec
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,25 @@
Vendor: Microsoft Corporation
Distribution: Azure Linux
Name: amtk
Version: 5.0.2
Release: 3%{?dist}
Version: 5.6.1
Release: 8%{?dist}
Summary: Actions, Menus and Toolbars Kit for GTK+ applications

License: LGPLv2+
License: LGPL-3.0-or-later
URL: https://wiki.gnome.org/Projects/Amtk
Source0: https://download.gnome.org/sources/amtk/5.0/amtk-%{version}.tar.xz
Source0: https://download.gnome.org/sources/amtk/5.6/amtk-%{version}.tar.xz

BuildRequires: gcc
BuildRequires: gettext
BuildRequires: gtk-doc
BuildRequires: meson
BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(gobject-introspection-1.0)
BuildRequires: pkgconfig(gtk+-3.0)

# Removed in F34
Obsoletes: amtk-tests < 5.3.1

%description
Amtk is the acronym for “Actions, Menus and Toolbars Kit”. It is a basic
GtkUIManager replacement based on GAction. It is suitable for both a
Expand All @@ -30,34 +35,24 @@ The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.


%package tests
Summary: Tests for the %{name} package
Requires: %{name}%{?_isa} = %{version}-%{release}

%description tests
The %{name}-tests package contains tests that can be used to verify
the functionality of the installed %{name} package.


%prep
%autosetup
%autosetup -p1


%build
%configure --enable-installed-tests
%make_build V=1
%meson -Dgtk_doc=true
%meson_build


%install
%make_install
find $RPM_BUILD_ROOT -name '*.la' -delete
%meson_install

%find_lang amtk-5


%files -f amtk-5.lang
%license COPYING
%doc AUTHORS NEWS README
%license LICENSES/LGPL-3.0-or-later.txt
%doc NEWS README.md
%dir %{_libdir}/girepository-1.0
%{_libdir}/girepository-1.0/Amtk-5.typelib
%{_libdir}/libamtk-5.so.0*
Expand All @@ -70,18 +65,68 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
%{_datadir}/gir-1.0/Amtk-5.gir
%dir %{_datadir}/gtk-doc
%dir %{_datadir}/gtk-doc/html
%{_datadir}/gtk-doc/html/amtk-5.0/

%files tests
%dir %{_libexecdir}/installed-tests
%{_libexecdir}/installed-tests/amtk-5/
%dir %{_datadir}/installed-tests
%{_datadir}/installed-tests/amtk-5/
%{_datadir}/gtk-doc/html/amtk-5/


%changelog
* Fri Oct 15 2021 Pawel Winogrodzki <pawelwi@microsoft.com> - 5.0.2-3
- Initial CBL-Mariner import from Fedora 32 (license: MIT).
* Fri Mar 14 2025 Durga Jagadeesh Palli <v-dpalli@microsoft.com> - 5.6.1-8
- Initial Azure Linux import from Fedora 41 (license: MIT)
- License verified.

* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5.6.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild

* Mon Jan 29 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5.6.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5.6.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5.6.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 5.6.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 5.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

* Mon Dec 12 2022 Kalev Lember <klember@redhat.com> - 5.6.1-1
- Update to 5.6.1
- Switch to SPDX license tags

* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 5.3.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 5.3.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

* Thu Feb 18 2021 Kalev Lember <klember@redhat.com> - 5.3.1-1
- Update to 5.3.1
- Switch to meson build system
- Remove -tests sub package as the installed tests are gone upstream

* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

* Thu Sep 10 2020 Kalev Lember <klember@redhat.com> - 5.2.0-1
- Update to 5.2.0

* Fri Sep 04 2020 Kalev Lember <klember@redhat.com> - 5.1.2-1
- Update to 5.1.2

* Fri Jul 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.1.1-3
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Fri May 29 2020 Kalev Lember <klember@redhat.com> - 5.1.1-1
- Update to 5.1.1

* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Expand Down
2 changes: 1 addition & 1 deletion SPECS-EXTENDED/ansible-freeipa/ansible-freeipa.signatures.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"Signatures": {
"ansible-freeipa-0.3.4.tar.gz": "3c60aadbd612cd577145e85582a5e3ab8d62787592d7789218196cf624ffc85f"
"ansible-freeipa-1.13.2.tar.gz": "f4965770a906c78988c097aa08a20f84ad268be3479401edeebfe47541cbe0c8"
}
}
Loading
Loading