Skip to content

[AUTOPATCHER-CORE] Upgrade pgbouncer to 1.25.1 for CVE-2025-12819#15219

Merged
jslobodzian merged 4 commits intofasttrack/2.0from
cblmargh/pgbouncer-upgrade-to-1.25.1-fasttrack/2.0
Dec 22, 2025
Merged

[AUTOPATCHER-CORE] Upgrade pgbouncer to 1.25.1 for CVE-2025-12819#15219
jslobodzian merged 4 commits intofasttrack/2.0from
cblmargh/pgbouncer-upgrade-to-1.25.1-fasttrack/2.0

Conversation

@CBL-Mariner-Bot
Copy link
Collaborator

@CBL-Mariner-Bot CBL-Mariner-Bot commented Dec 4, 2025

[AUTOPATCHER-CORE] Upgrade pgbouncer to 1.25.1 for CVE-2025-12819
Upgrade pipeline run -> https://dev.azure.com/mariner-org/mariner/_build/results?buildId=996834&view=results

@CBL-Mariner-Bot CBL-Mariner-Bot requested a review from a team as a code owner December 4, 2025 07:18
@Kanishk-Bansal Kanishk-Bansal self-assigned this Dec 4, 2025
@Kanishk-Bansal Kanishk-Bansal marked this pull request as draft December 4, 2025 09:52
@Kanishk-Bansal Kanishk-Bansal force-pushed the cblmargh/pgbouncer-upgrade-to-1.25.1-fasttrack/2.0 branch from 58a36a1 to 60cbfda Compare December 4, 2025 10:39
Prevent the installation of manpages since it depends on the pandoc p…
855655f 
…ackage

Signed-off-by: Kanishk Bansal <kanbansal@microsoft.com>
@Kanishk-Bansal Kanishk-Bansal force-pushed the cblmargh/pgbouncer-upgrade-to-1.25.1-fasttrack/2.0 branch from 60cbfda to 855655f Compare December 5, 2025 07:44
@Kanishk-Bansal
Copy link
Contributor

Kanishk-Bansal commented Dec 5, 2025

Buddy Build

@Kanishk-Bansal Kanishk-Bansal added the CVEFixReadyForMaintainerReview When a CVE fix has been reviewed by release manager and is ready for stable maintainer review label Dec 5, 2025
@Kanishk-Bansal Kanishk-Bansal marked this pull request as ready for review December 5, 2025 19:35
@mayankfz
Copy link
Contributor

mayankfz commented Dec 8, 2025

There are performance issues reported on 1.25.1 ->pgbouncer/pgbouncer#1439
Also, unsure about how this would impact us from version 1.25.0 -> Stop using deprecated OpenSSL function EVP_PKEY_get0_EC_KEY. This could cause issues with certain FIPS implementatinos. (#1384)

Unsure about how we should proceed here.

@jslobodzian jslobodzian merged commit b9b8f8b into fasttrack/2.0 Dec 22, 2025
13 checks passed
@jslobodzian jslobodzian deleted the cblmargh/pgbouncer-upgrade-to-1.25.1-fasttrack/2.0 branch December 22, 2025 14:40
CBL-Mariner-Bot added a commit that referenced this pull request Dec 22, 2025
@CBL-Mariner-Bot @jslobodzian
[AUTOPATCHER-CORE] Upgrade pgbouncer to 1.25.1 for CVE-2025-12819 (#1…
8168f82 
…5219)

Signed-off-by: Kanishk Bansal <kanbansal@microsoft.com>
Co-authored-by: Kanishk Bansal <kanbansal@microsoft.com>
Co-authored-by: jslobodzian <joslobo@microsoft.com>
(cherry picked from commit b9b8f8b)
@CBL-Mariner-Bot CBL-Mariner-Bot mentioned this pull request Dec 22, 2025
Merged
@CBL-Mariner-Bot
Copy link
Collaborator Author

CBL-Mariner-Bot commented Dec 22, 2025

Auto cherry-pick results:

Auto cherry-pick pipeline run -> https://dev.azure.com/mariner-org/mariner/_build/results?buildId=1010315&view=results

@Kanishk-Bansal Kanishk-Bansal added the CVE-fixed-by-upgrade CVE fixed by package upgrade label Dec 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jslobodzian jslobodzian jslobodzian approved these changes

Assignees

@Kanishk-Bansal Kanishk-Bansal

Labels

Automatic PR AutoUpgrade Core CVE-fixed-by-upgrade CVE fixed by package upgrade CVEFixReadyForMaintainerReview When a CVE fix has been reviewed by release manager and is ready for stable maintainer review fasttrack/2.0 PRs Destined for Azure Linux 2.0 Packaging security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@CBL-Mariner-Bot @Kanishk-Bansal @mayankfz @jslobodzian