New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge CVE fixes for September 2.0 release #3724

Merged

anphel31 merged 17 commits into 2.0 from anphel/sept-cve-release

Sep 8, 2022

Commits on Sep 8, 2022

fix npm version in nodejs.spec (#3571 )

Camelron authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for b41e41c

Browse repository at this point
Copy the full SHA

b41e41c View commit details

Browse the repository at this point in the history
upgrade vim to 9.0.0232 (#3580 )

anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for d78c843

Browse repository at this point
Copy the full SHA

d78c843 View commit details

Browse the repository at this point in the history
qemu : fix CVE-2022-35414 (#3597 )
```
* qemu : fix CVE-2022-35414

* address PR comment

Co-authored-by: Nicolas Guibourge <[email protected]>
```
2 people authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 57ee310

Browse repository at this point
Copy the full SHA

57ee310 View commit details

Browse the repository at this point in the history
libxml2 and python-lxml: fix CVE-2022-2309 (#3583 )
```
* libxml2 and python-lxml: fix CVE-2022-2309

* libxml2 and python-lxml: fix CVE-2022-2309

* address PR comments

Co-authored-by: Nicolas Guibourge <[email protected]>
```
2 people authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 3658013

Browse repository at this point
Copy the full SHA

3658013 View commit details

Browse the repository at this point in the history
rubygem-yajl-ruby: fix CVE 2022 24795 (#3598 )
```
* rubygem-yajl-ruby : fix CVE-2022-24795

* rubygem-yajl-ruby : fix CVE-2022-24795

* back port patch from 1.4.1

* fix spec issue

* address PR comments

Co-authored-by: Nicolas Guibourge <[email protected]>
```
2 people authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 2c363f9

Browse repository at this point
Copy the full SHA

2c363f9 View commit details

Browse the repository at this point in the history

Update cert-manager to v1.7.3. (#3575 )

- Update cert-manager to v1.7.3.
- Split cert-manager binaries into separate packages.
- Remove cert-manager build dependency on Bazel and just build the
binaries directly using `go build`. This makes building easier. Also,
the latest upstream version of cert-manager does this.
- Use the Go "vendor" directory for Go dependencies instead of dumping
files in the global Go cache.

cwize1 authored and anphel31 committed Sep 8, 2022

24dbfdf

Bump supported go versions to 1.17.13, 1.18.5 to fix fifteen CVEs (#3600
```
)

Co-authored-by: Pawel Winogrodzki <[email protected]>
```
2 people authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 593692c

Browse repository at this point
Copy the full SHA

593692c View commit details

Browse the repository at this point in the history
dpkd: bump version to 21.11.2 to address CVE-2022-2132 (#3631 )
```
* dpkd: bump version to 21.11.2 to address CVE-2022-2132
* dpdk: cgmanifest: update entry

Signed-off-by: Muhammad Falak R Wani <[email protected]>
```
mfrw authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 676aa30

Browse repository at this point
Copy the full SHA

676aa30 View commit details

Browse the repository at this point in the history
vim: upgrade to 9.0.0325 to fix CVE-2022-2980 , CVE-2022-2982 , CVE-2…
```
…022-2923, CVE-2022-2946 (#3643)
```
hbeberman authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for e77d3f3

Browse repository at this point
Copy the full SHA

e77d3f3 View commit details

Browse the repository at this point in the history
python3: fix CVE-2015-20107 (#3644 )

hbeberman authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 442d7cf

Browse repository at this point
Copy the full SHA

442d7cf View commit details

Browse the repository at this point in the history
python3: fix CVE-2021-28861 (#3654 )

hbeberman authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for ce20a21

Browse repository at this point
Copy the full SHA

ce20a21 View commit details

Browse the repository at this point in the history
colord: fix CVE-2021-42523 (#3675 )

hbeberman authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for aab2d1b

Browse repository at this point
Copy the full SHA

aab2d1b View commit details

Browse the repository at this point in the history
virglrenderer: fix CVE-2022-0135 (#3674 )

hbeberman authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 4333fb0

Browse repository at this point
Copy the full SHA

4333fb0 View commit details

Browse the repository at this point in the history
libtar: Pull misc Fedora patches, fix CVE-2021-33643 , CVE-2021-33644 , C…
```
…VE-2021-33645, CVE-2021-33646 (#3686)

* Apply Fedora patches

* Apply linter

* Use upstream patch
```
dmcilvaney authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 98cae85

Browse repository at this point
Copy the full SHA

98cae85 View commit details

Browse the repository at this point in the history
Patch qemu CVE-2021-4158 (#3696 )

dmcilvaney authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 020d6f9

Browse repository at this point
Copy the full SHA

020d6f9 View commit details

Browse the repository at this point in the history
libtar: Fixup spec formatting, remove .la files, remove explicit prov…
```
…ides (#3698)

* Fixup libtar spec formatting, .la files, provides

* Add comment so we can track CVE fixes
```
dmcilvaney authored and anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 8c7d987

Browse repository at this point
Copy the full SHA

8c7d987 View commit details

Browse the repository at this point in the history
update mariner-release to 2.0-19 (#3723 )

anphel31 committed Sep 8, 2022
Configuration menu
View commit details

Copy full SHA for 50ea128

Browse repository at this point
Copy the full SHA

50ea128 View commit details

Browse the repository at this point in the history

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge CVE fixes for September 2.0 release #3724

Merge CVE fixes for September 2.0 release #3724

Commits on Sep 8, 2022