Add Instruction to filter gpg-pubkey from rpm cmd's output.
Add Microsoft GPG keys to installer env
Add cairomm package version 1.12.0
Add cpptest package version 1.1.2
Add dbus package provides for dbus-x11
& drop metapackage
Add github check-in action to warn about bumping package versions dependent on glibc-static
Add k-exec-tools to marketplace image
Add kernel-drivers-gpu package
Add krb5.conf to resolve pam_krb5 ptest failure
Add libcroco package version 0.6.13
Add libyang2 to mariner SPECs
Add logrotate conf entry for rsyslog to prevent logs growing too large
Add obsoletes between qemu-common, qemu-virtiofsd
Add python package python-google-auth-oauthlib and move its extended dependencies to the core
Add sgx-backwards-compatability package to marketplace images
Adding sriov-network-device-plugin spec file
Automatic upgrade of tzdata to 2022e
Bump toolkit/tools' cgmanifest.json's listing for ulikunitz/xz to v0.5.10 to match the go.mod version.
Clear libtar CVE-2021-33644 and CVE-2021-33646 (both fixed by earlier patch file)
Create missing systemd accounts
Enable modules for TCP Congestion Algorithms
Fix 4 Python ptests to use a set version of pytest
.
Fix 4 rubygem-*
packages to obsolete older versions of ruby
.
Fix SPEC file import information from CentOS as MIT
Fix perl-CGI
, python-pytest-benchmark
, and python-requests
tests.
Fix chroot cleanup scripts
Fix cloud-init mariner variant not set properly
Fix gpg key import in worker chroot
Fix manifest checks with RPM 4.18
Fix python crypt to work with FIPS
Fix rsyslog.logrotate signature
Fix subsequent Make iso calls from failing (handle space parsing)
Fix tooling to rebuild worker chroot rpm db only when necessary
Fix unbound CVE
Mitigated attended installation regression
Move wireless-regdb and iw to Mariner core repo to resolve failure to load regulatory.db
Patch aspell to fix CVE-2019-25051
Patch libtiff to fix CVE-2022-3570
Patch redis to fix CVE-2022-3647
Patched CVE-2022-34918 with livepatch-5.15.48.1-4.cm2.
Remove 'ming' from SPECS-EXTENDED
Remove autodetected Go modules in toolkit/tools/cgmanifest.json
Update documentation with 2.0 related information and misc. fixes
Update kernel-rt config to build with new glibc
Update maven.spec to use macro instead of hard-coded source URL.
Updated rpmops.sh
: added a '/bin/sh' check.
Updated livepatch macros and template to preserve signatures.
Upgrade 'libtasn1' to 4.19.0 to fix CVE-2021-46848.
Upgrade PHP to verion 8.1.11 and promote from SPECS-EXTENDED to SPECS
Upgrade nodejs
to version 16.17.1 to fix CVE-2022-32213.
Upgrade cassandra version to 4.0.7
Upgrade dbus to version 1.15.2 to fix CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
Upgrade expat to version 2.5.0 to fix CVE-2022-43680
Upgrade kernel to version 5.15.74.1 to fix CVE-2022-3541, CVE-2022-3544, CVE-2022-41674, CVE-2022-42719, CVE-2022-42703, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722
Upgrade mod_wsgi to version 4.9.3 to fix CVE-2022-2255
Upgrade mysql to version 8.0.31 to fix CVE-2022-21592,CVE-2022-21594,CVE-2022-21599,CVE-2022-21604,CVE-2022-21608,CVE-2022-21611,CVE-2022-21617,CVE-2022-21625,CVE-2022-21632,CVE-2022-21633,CVE-2022-21635,CVE-2022-21637,CVE-2022-21638,CVE-2022-21640,CVE-2022-21641,CVE-2022-39400,CVE-2022-39402,CVE-2022-39403,CVE-2022-39408,CVE-2022-39410
Upgrade terraform to version 1.32.2 to CVE-2021-36230
Upgrade tidy to 5.8.0
Upgrade wireshark to version 3.4.16 to fix CVE-2022-3190
Upgraded nginx to version 1.22.1 to fix CVE-2022-3638