-
Notifications
You must be signed in to change notification settings - Fork 587
[Medium] Patch nbdkit for CVE-2025-47711 & CVE-2025-47712 #14043
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Closed
AkarshHCL
wants to merge
152
commits into
microsoft:3.0-dev
from
AkarshHCL:topic_nbdkit/CVE-2025-47712+CVE-2025-47711
Closed
[Medium] Patch nbdkit for CVE-2025-47711 & CVE-2025-47712 #14043
AkarshHCL
wants to merge
152
commits into
microsoft:3.0-dev
from
AkarshHCL:topic_nbdkit/CVE-2025-47712+CVE-2025-47711
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
merge 3.0-dev into 3.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com> Co-authored-by: Paco Huelsz <frhuelsz@microsoft.com> Co-authored-by: Andrew Phelps <anphel31@users.noreply.github.com> Co-authored-by: alejandro-microsoft <128648451+alejandro-microsoft@users.noreply.github.com> Co-authored-by: CBL-Mariner Servicing Account <cblmargh@microsoft.com> Co-authored-by: SeanDougherty <sdougherty@microsoft.com> Co-authored-by: Henry Beberman <henry.beberman@microsoft.com> Co-authored-by: Henry Li <69694695+henryli001@users.noreply.github.com> Co-authored-by: Henry Li <lihl@microsoft.com> Co-authored-by: Bala <kumaran.4353@gmail.com> Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com> Co-authored-by: suresh-thelkar <suresh.thelkar@yahoo.com> Co-authored-by: Dan Streetman <ddstreet@microsoft.com> Co-authored-by: Mandeep Plaha <99760213+mandeepsplaha@users.noreply.github.com> Co-authored-by: jslobodzian <joslobo@microsoft.com> Co-authored-by: George Mileka <gmileka@users.noreply.github.com> Co-authored-by: CBL-Mariner-Bot <75509084+CBL-Mariner-Bot@users.noreply.github.com> Co-authored-by: lanzeliu <lanzeliu@microsoft.com> Co-authored-by: Karim Eldegwy <kimoantiqe@hotmail.com> Co-authored-by: osamaesmailmsft <110202916+osamaesmailmsft@users.noreply.github.com> Co-authored-by: Tobias Brick <39196763+tobiasb-ms@users.noreply.github.com> Co-authored-by: abadawi-msft <108105696+abadawi591@users.noreply.github.com> Co-authored-by: Mykhailo Bykhovtsev <108374904+mbykhovtsev-ms@users.noreply.github.com> Co-authored-by: sindhu-karri <33163197+sindhu-karri@users.noreply.github.com> Co-authored-by: Rohit Rawat <rohitrawat@microsoft.com> Co-authored-by: Dan Streetman <ddstreet@ieee.org> Co-authored-by: Nan Liu <108544011+liunan-ms@users.noreply.github.com> Co-authored-by: Neha Agarwal <58672330+neha170@users.noreply.github.com> Co-authored-by: Adit Jha <aditjha@microsoft.com> Co-authored-by: Nan Liu <liunan@microsoft.com> Co-authored-by: ypanch <yashpanchal@microsoft.com> Co-authored-by: Trung <tvuong@microsoft.com> Co-authored-by: Rakshaa Viswanathan <rviswanathan@microsoft.com> Co-authored-by: Rakshaa Viswanathan <46165429+rakshaa2000@users.noreply.github.com> Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com> Co-authored-by: Chris Gunn <chrisgun@microsoft.com> Co-authored-by: Cameron E Baird <cameronbaird@microsoft.com> Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com> Co-authored-by: Adub17030MS <110563293+Adub17030MS@users.noreply.github.com> Co-authored-by: Sam Meluch <109628994+sameluch@users.noreply.github.com> Co-authored-by: Sam Meluch <samemluch@microsoft.com> Co-authored-by: himaja-kesari <123194058+himaja-kesari@users.noreply.github.com> Co-authored-by: Aurélien Bombo <abombo@microsoft.com> Co-authored-by: Lanze Liu <86434077+liulanze@users.noreply.github.com> Co-authored-by: ms-mahuber <60939654+ms-mahuber@users.noreply.github.com> Co-authored-by: Kanika Nema <kanikanema@microsoft.com>
…t#8404) A recent rebranding change microsoft#8238 changed the repo name used by the containerized-rpmbuild container for mariner to azl-3.0-daily-build, but didn't change the default tdnf argument, which continued to use mariner-3.0-daily-build. This results in tdnf not working in the container. This fix updates the tdnf argument, basing it on the string in the repo file, so we don't have to copy/paste it later.
…ET option to suppress it (microsoft#8408) The containerized-rpmbuild scripts suppress most output from our tools/make commands, which means you have no idea what it's doing, whether it's hung, or sometimes even what caused an error. This change switches the default to print all this output to stdout, which a new option, QUIET to suppress it.
Co-authored-by: Henry Li <lihl@microsoft.com>
…nd remove audit messages (microsoft#8459)
Co-authored-by: Sam Meluch <109628994+sameluch@users.noreply.github.com> Co-authored-by: Sam Meluch <sam.meluch@microsoft.com>
…dev (microsoft#8544) Co-authored-by: Rachel Menge <rachelmenge@microsoft.com>
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
This reverts commit ba754a3.
…gs (microsoft#13674) Updated the config options in config_aarch64 as per nvidia's recently published patch guide. The config options are related to GB200 and GB200F helps h/w team to run the diagnostics. Made modification to config_aarch64 based on nvidia's recommendation. nvidia patch guide: https://docs.nvidia.com/grace-patch-config-guide.pdf Co-authored-by: Rachel Menge <rachelmenge@microsoft.com>
…ft#13783) Co-authored-by: Rachel Menge <rachelmenge@microsoft.com>
rebase to 3.0-dev |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merge Checklist
All boxes should be checked before merging the PR (just tick any boxes which don't apply to this PR)
*-static
subpackages, etc.) have had theirRelease
tag incremented../cgmanifest.json
,./toolkit/scripts/toolchain/cgmanifest.json
,.github/workflows/cgmanifest.json
)./LICENSES-AND-NOTICES/SPECS/data/licenses.json
,./LICENSES-AND-NOTICES/SPECS/LICENSES-MAP.md
,./LICENSES-AND-NOTICES/SPECS/LICENSE-EXCEPTIONS.PHOTON
)*.signatures.json
filessudo make go-tidy-all
andsudo make go-test-coverage
passSummary
Astrolabe patch reference:
https://gitlab.com/nbdkit/nbdkit/-/commit/a486f88d1eea653ea88b0bf8804c4825dab25ec7
What does the PR accomplish, why was it needed?
Change Log
Does this affect the toolchain?
NO
Associated issues
Test Methodology
1>ptests are failing before applying the patch


And after applying patches too.
2>Patch applies cleanly
