81 Pull requests merged by 19 people

• Toolchain: Restore old download manifest behavior

  #13649 merged May 1, 2025

• Upgrade: python-dmidecode version to 3.12.3

  #13562 merged Apr 30, 2025

• [Medium] Patch kubernetes for CVE-2025-22872

  #13571 merged Apr 30, 2025

• [Medium] Patch kubevirt for CVE-2025-22872

  #13578 merged Apr 30, 2025

• [Medium] Patch kubernetes for CVE-2025-22872

  #13579 merged Apr 30, 2025

• [Medium] Patch influxdb for CVE-2025-22872

  #13600 merged Apr 30, 2025

• [MEDIUM] Patch helm for CVE-2025-32386 & CVE-2025-22872

  #13454 merged Apr 30, 2025

• Upgraded xcb-util-wm to version 0.4.2

  #11683 merged Apr 30, 2025

• Upgraded xdg-dbus-proxy to version 0.1.6

  #11689 merged Apr 30, 2025

• Fix Ptest for python-markdown

  #13634 merged Apr 30, 2025

• Fix python-more-itertools Ptest

  #13632 merged Apr 29, 2025

• Fix python-msgpack ptest

  #13635 merged Apr 29, 2025

• Fix ptest for Python-pytest-forked

  #13633 merged Apr 29, 2025

• Grab latest 3.0-dev to revert golang update.

  #13631 merged Apr 29, 2025

• [AUTOPATCHER-CORE] Upgrade espeak-ng to 1.52.0 remove chrome extension which used unverified function

  #13467 merged Apr 29, 2025

• Merge 3.0-dev for April 2025 monthly release

  #13620 merged Apr 29, 2025

• Add libmambapy to Azure Linux

  #13381 merged Apr 29, 2025

• Prepare May 2025 Update

  #13619 merged Apr 29, 2025

• Prepare May 2025 Update

  #13618 merged Apr 29, 2025

• Update toolkit's gonum to resolve CVE-2024-24792 in image package

  #13616 merged Apr 29, 2025

• Update toolkit's gonum to resolve CVE-2024-24792 in image package

  #13617 merged Apr 29, 2025

• [AUTO-CHERRYPICK] Patch hvloader for CVE-2022-36763, CVE-2022-36764, CVE-2022-36765 [High] - branch main

  #13612 merged Apr 28, 2025

• [AUTO-CHERRYPICK] shadow-utils: patch CVE-2023-4641[Medium] - branch main

  #13611 merged Apr 28, 2025

• [AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade valkey to 8.0.3 for CVE-2025-21605 [High] - branch 3.0-dev

  #13610 merged Apr 28, 2025

• Patch hvloader for CVE-2022-36763, CVE-2022-36764, CVE-2022-36765 [High]

  #13583 merged Apr 28, 2025

• shadow-utils: patch CVE-2023-4641[Medium]

  #11925 merged Apr 28, 2025

• [AUTOPATCHER-CORE] Upgrade valkey to 8.0.3 for CVE-2025-21605 [High]

  #13603 merged Apr 28, 2025

• [MEDIUM] Patch tinyxml2 for CVE-2024-50615

  #13429 merged Apr 28, 2025

• [Medium] patch bcc for CVE-2025-29481

  #13426 merged Apr 28, 2025

• [Medium] Patch kube-vip-cloud-provider for CVE-2025-22872

  #13523 merged Apr 28, 2025

• [Medium] patch gh for CVE-2025-22872

  #13531 merged Apr 28, 2025

• [MEDIUM] Patch packer for CVE-2025-22872

  #13532 merged Apr 28, 2025

• [MEDIUM] Patch prometheus-adapter for CVE-2025-22872

  #13534 merged Apr 28, 2025

• [MEDIUM] Patch containerized-data-importer for CVE-2025-22872

  #13535 merged Apr 28, 2025

• [Medium] Patch cni-plugins for CVE-2025-22872

  #13551 merged Apr 28, 2025

• [Medium] Patch kubevirt for CVE-2025-22872

  #13552 merged Apr 28, 2025

• [MEDIUM] Patch cf-cli for CVE-2025-22872

  #13553 merged Apr 28, 2025

• [Medium] patch docker-compose for CVE-2025-22872

  #13557 merged Apr 28, 2025

• [Medium] patch sriov-network-device-plugin for CVE-2025-22872

  #13558 merged Apr 28, 2025

• [Medium] patch sriov-network-device-plugin for CVE-2025-22872

  #13559 merged Apr 28, 2025

• Add yq package for work item 55989974

  #12997 merged Apr 28, 2025

• nvmetcli: update to 0.7

  #11550 merged Apr 28, 2025

• libunicap: Fixed build issues

  #13599 merged Apr 28, 2025

• Patch nginx for work item 56114630 to enable webdav module

  #12888 merged Apr 26, 2025

• [AUTO-CHERRYPICK] flux: patch CVE-2024-43806 - branch 3.0-dev

  #13597 merged Apr 26, 2025

• [AUTO-CHERRYPICK] Patch libsoup for CVE-2025-32908, CVE-2025-32914 [HIGH] - branch 3.0-dev

  #13594 merged Apr 25, 2025

• flux: patch CVE-2024-43806

  #11979 merged Apr 25, 2025

• [AUTO-CHERRYPICK] Patch keda for CVE-2025-22872 [Medium] - branch 3.0-dev

  #13595 merged Apr 25, 2025

• [AUTO-CHERRYPICK] Patch pytorch for CVE-2025-32434, CVE-2025-3730 [Critical] - branch main

  #13592 merged Apr 25, 2025

• [AUTO-CHERRYPICK] Patch qemu for CVE-2024-4467 [HIGH], CVE-2024-3447, CVE-2024-6505 [MEDIUM] - branch main

  #13591 merged Apr 25, 2025

• [AUTO-CHERRYPICK] Upgrade fcgi to 2.4.5 for CVE-2025-23016 [Critical] - branch main

  #13590 merged Apr 25, 2025

• [AUTO-CHERRYPICK] Patch libsoup for CVE-2025-32914 [HIGH] - branch main

  #13589 merged Apr 25, 2025

• kernel: enable dxgkrnl module

  #12996 merged Apr 25, 2025

• Patch keda for CVE-2025-22872 [Medium]

  #13584 merged Apr 25, 2025

• Patch libsoup for CVE-2025-32908, CVE-2025-32914 [HIGH]

  #13582 merged Apr 25, 2025

• Patch qemu for CVE-2024-4467 [HIGH], CVE-2024-3447, CVE-2024-6505 [MEDIUM]

  #13574 merged Apr 25, 2025

• Patch libsoup for CVE-2025-32914 [HIGH]

  #13581 merged Apr 25, 2025

• Patch pytorch for CVE-2025-32434, CVE-2025-3730 [Critical]

  #13556 merged Apr 25, 2025

• Upgrade fcgi to 2.4.5 for CVE-2025-23016 [Critical]

  #13561 merged Apr 25, 2025

• Patch libtiff for CVE-2023-6228 [Low]

  #11788 merged Apr 25, 2025

• Add a post and postun for mariadb-connector-c, ensuring ldconfig is run

  #13580 merged Apr 25, 2025

• Upgrade: mod_http2 version to 2.0.29

  #12921 merged Apr 25, 2025

• libutempter: Update Version from 1.1.6 -> 1.2.1

  #11116 merged Apr 25, 2025

• apache-commons-digester: Build error fix

  #13141 merged Apr 25, 2025

• [AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade pgbouncer to 1.24.1 to fix CVE-2025-2291 [High] - branch main

  #13566 merged Apr 24, 2025

• [AUTO-CHERRYPICK] Patch nodejs for CVE-2025-27516 [Medium] - branch 3.0-dev

  #13565 merged Apr 24, 2025

• [AUTO-CHERRYPICK] [Medium] Patch prometheus for CVE-2025-22870 and CVE-2024-51744 - branch 3.0-dev

  #13564 merged Apr 24, 2025

• [AUTO-CHERRYPICK] Patch pytorch for CVE-2025-32434, CVE-2025-3730 [Critical] - branch 3.0-dev

  #13563 merged Apr 24, 2025

• [AUTO-CHERRYPICK] [High] Patch libsoup for CVE-2025-32913, CVE-2025-32906, CVE-2025-32909, CVE-2025-32910, CVE-2025-32912 - branch 3.0-dev

  #13543 merged Apr 24, 2025

• [AUTO-CHERRYPICK] [High] Patch moby-engine for CVE-2025-30204 - branch 3.0-dev

  #13542 merged Apr 24, 2025

• [AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade pgbouncer to 1.24.1 to fix CVE-2025-2291 [High] - branch 3.0-dev

  #13541 merged Apr 24, 2025

• [AUTO-CHERRYPICK] Patch giflib for CVE-2021-40633 [High] - branch 3.0-dev

  #13540 merged Apr 24, 2025

• [AUTO-CHERRYPICK] Fix crash for CVE-2021-20197, CVE-2022-47673, CVE-2022-47696 [High] - branch 3.0-dev

  #13539 merged Apr 24, 2025

• [AUTO-CHERRYPICK] [High] Patch moby-engine for CVE-2025-30204 - branch main

  #13538 merged Apr 24, 2025

• [AUTO-CHERRYPICK] Patch giflib for CVE-2021-40633 [High] - branch main

  #13537 merged Apr 24, 2025

• [AUTO-CHERRYPICK] Fix crash for CVE-2021-20197, CVE-2022-47673, CVE-2022-47696, CVE-2022-37434 [High] - branch main

  #13536 merged Apr 24, 2025

• [AUTO-CHERRYPICK] Patch golang for CVE-2025-22871[High] - branch main

  #13512 merged Apr 24, 2025

• upgrade rust to 1.85.0

  #11295 merged Apr 24, 2025

• Upgrade fcgi to 2.4.5 for CVE-2025-23016 [Critical]

  #13560 merged Apr 24, 2025

• [AUTOPATCHER-kernel] Kernel upgrade to version 5.15.180.1 - branch main

  #13569 merged Apr 24, 2025

• postfix: upgrade to 3.7.4 [2.0]

  #13570 merged Apr 24, 2025

36 Pull requests opened by 19 people

• [MEDIUM] Patch golang for CVE-2024-24789 & CVE-2025-22870

  #13586 opened Apr 25, 2025

• Fix post and postun sections in sdbus-cpp.spec

  #13588 opened Apr 25, 2025

• [Medium] Patch multus for CVE-2025-22872

  #13593 opened Apr 25, 2025

• [Medium] Patch multus for CVE-2025-22872

  #13596 opened Apr 25, 2025

• Upgrade: python-debtcollector version to 3.0.0

  #13604 opened Apr 28, 2025

• Upgrade: python-mccabe to version 0.7.0

  #13605 opened Apr 28, 2025

• jzlib : Build fix

  #13607 opened Apr 28, 2025

• Fixes boost by adding phoenix multiple defn patch needed by libetonyek

  #13608 opened Apr 28, 2025

• Upgrades libetonyek to verson 0.1.12

  #13609 opened Apr 28, 2025

• [Medium] Patch vitess for CVE-2025-22872

  #13614 opened Apr 28, 2025

• [Medium] Patch cni-plugins for CVE-2025-22872

  #13615 opened Apr 28, 2025

• Patch hvloader for CVE-2023-45236, CVE-2023-45237 [High]

  #13621 opened Apr 29, 2025

• Upgrade papi to 7.1.0

  #13622 opened Apr 29, 2025

• Upgrade: marisa version to 0.2.6

  #13623 opened Apr 29, 2025

• Upgrade: man-pages-zh-CN version to 1.6.3.6

  #13624 opened Apr 29, 2025

• Upgrade: opencc version to 1.1.7

  #13625 opened Apr 29, 2025

• Upgrade: cjkuni-uming-fonts version to 0.2.20080216.2

  #13626 opened Apr 29, 2025

• Replace and Upgrade: mailx 12.5 to s-nail 14.9.25

  #13627 opened Apr 29, 2025

• Upgrades lua-lunitx to version 0.8.1

  #13629 opened Apr 29, 2025

• config_aarch64 changes for kernel-64k

  #13630 opened Apr 29, 2025

• [Low] Patch reaper for CVE-2024-6484

  #13636 opened Apr 29, 2025

• Fix python-oauthlib ptest

  #13637 opened Apr 29, 2025

• edited readme

  #13639 opened Apr 29, 2025

• [Medium] Patch docker-buildx for CVE-2025-22872

  #13640 opened Apr 30, 2025

• [MEDIUM] Patch pytorch for CVE-2025-2953

  #13641 opened Apr 30, 2025

• [MEDIUM] Patch pytorch for CVE-2025-2953

  #13642 opened Apr 30, 2025

• [AUTOPATCHER-CORE] Upgrade redis to 6.2.18 for CVE-2025-21605 [HIGH]

  #13643 opened Apr 30, 2025

• Upgrade: proj version to 9.4.1

  #13644 opened Apr 30, 2025

• OOT Modules -> Add kernel version and release nb into release nb

  #13645 opened Apr 30, 2025

• Patch `dnf5` CVE-2024-1929, CVE-2024-1930, CVE-2024-2746 [High]

  #13646 opened Apr 30, 2025

• kata-containers(-cc): Update to 3.15.0.aks0 release

  #13647 opened Apr 30, 2025

• dom0 packages: Update to dom0 release v2411.19.1

  #13648 opened Apr 30, 2025

• [Medium] Patch ig for CVE-2025-22872

  #13650 opened Apr 30, 2025

• Patch busybox for CVE-2023-39810 [HIGH]

  #13651 opened May 1, 2025

• Patch busybox for CVE-2023-39810 [HIGH]

  #13652 opened May 1, 2025

• Add new package citus for work item 47499297 Linkedin

  #13653 opened May 1, 2025

3 Issues opened by 3 people

• libcrypt/crypt.h is mssing in azurelinux-3.0 compared to mariner-2.0

  #13601 opened Apr 27, 2025

• libstdc++-devel package is incorrect

  #13587 opened Apr 25, 2025

• AppArmor absence on AzureLinux

  #13585 opened Apr 25, 2025

69 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• kernel-mshv: Introduce headers subpackage

  #13567 commented on May 1, 2025 • 9 new comments

• [Medium] Patch libsoup for CVE-2025-32909, CVE-2025-32910, CVE-2025-32912

  #13496 commented on Apr 30, 2025 • 7 new comments

• Update libimobiledevice to 1.3.0-1

  #13576 commented on Apr 30, 2025 • 4 new comments

• Upgrades lasso to version 2.8.2

  #12242 commented on Apr 26, 2025 • 2 new comments

• fixed perl-AnyEvent-BDB

  #11783 commented on Apr 30, 2025 • 2 new comments

• [Medium] Patch kubernetes for CVE-2024-45310

  #13469 commented on Apr 28, 2025 • 2 new comments

• Upgrade:python-flask to version 3.1.0

  #13518 commented on Apr 27, 2025 • 2 new comments

• [Medium] Patch libxml2 for CVE-2025-32414

  #13522 commented on Apr 28, 2025 • 2 new comments

• generic-logos: fix the build error

  #13573 commented on Apr 30, 2025 • 2 new comments

• upgrade: python-trio to version 0.23.1

  #13501 commented on Apr 27, 2025 • 1 new comment

• Upgrade:python-flake8 to version 6.1.0

  #13519 commented on Apr 27, 2025 • 1 new comment

• [MEDIUM] Patch helm for CVE-2025-32386 & CVE-2025-22872

  #13452 commented on Apr 29, 2025 • 1 new comment

• Add tardev-snapshotter package to specs-extended

  #13127 commented on Apr 29, 2025 • 1 new comment

• Upgrade python-beautifulsoup4 version to 4.12.3

  #13064 commented on Apr 30, 2025 • 1 new comment

• Upgrade: arpwatch version to 3.7

  #12937 commented on Apr 25, 2025 • 1 new comment

• Upgrade ppp to 2.5.0

  #12868 commented on Apr 30, 2025 • 1 new comment

• rasqal: fixed build

  #12846 commented on Apr 30, 2025 • 1 new comment

• tensorflow: fix CVE-2024-6345, CVE-2024-4032

  #10794 commented on Apr 29, 2025 • 1 new comment

• Upgrade gstreamer1 to 1.24.8

  #10805 commented on May 1, 2025 • 1 new comment

• Upgrade gupnp-av to 0.14.1-1

  #10841 commented on May 1, 2025 • 1 new comment

• Upgrade: paps version to 0.8.0

  #11518 commented on Apr 30, 2025 • 1 new comment

• Upgrades lua-lpeg to version 1.1.0

  #11167 commented on Apr 24, 2025 • 1 new comment

• Adds perl-File-TreeCreate, needed by perl-file-find-object

  #12225 commented on Apr 30, 2025 • 0 new comments

• [Medium] Patch cert-manager for CVE-2025-32386, CVE-2025-32387, CVE-2025-22872

  #13444 commented on Apr 24, 2025 • 0 new comments

• Bump golang.org/x/net from 0.33.0 to 0.38.0 in /toolkit/tools

  #13445 commented on Apr 29, 2025 • 0 new comments

• git: use openssh-clients instead of full openssh package

  #13448 commented on Apr 25, 2025 • 0 new comments

• Patch qemu for CVE-2024-3567 [MEDIUM]

  #13449 commented on Apr 28, 2025 • 0 new comments

• [Medium] patch ntopng for CVE-2021-44964

  #13450 commented on Apr 28, 2025 • 0 new comments

• trustauthority-cli: initial package addition

  #11339 commented on Apr 28, 2025 • 0 new comments

• [Medium] patch memcached for CVE-2021-44964

  #13455 commented on Apr 28, 2025 • 0 new comments

• Update kernel-lpg-innovate to version 6.6.85.1

  #13468 commented on Apr 30, 2025 • 0 new comments

• Upgrades perl-File-MimeInfo to version 0.35

  #13476 commented on Apr 27, 2025 • 0 new comments

• Fixes broken build of perl-File-DesktopEntry

  #13477 commented on Apr 30, 2025 • 0 new comments

• add repo snapshot options to dnf5

  #10947 commented on Apr 28, 2025 • 0 new comments

• [Medium] Patch libxml2 for CVE-2025-32414

  #13497 commented on Apr 29, 2025 • 0 new comments

• Upgrade: openwsman version to 2.7.2

  #13498 commented on Apr 25, 2025 • 0 new comments

• hyphen-pt: Upgrade Version from 0.20021021 -> 0.20140727

  #10907 commented on May 1, 2025 • 0 new comments

• [MEDIUM] Patch gcc for CVE-2021-32256

  #13503 commented on Apr 27, 2025 • 0 new comments

• Upgrade gstreamer1-plugins-base to 1.24.8

  #10828 commented on May 1, 2025 • 0 new comments

• [MEDIUM] Patch packer for CVE-2025-22872

  #13529 commented on Apr 27, 2025 • 0 new comments

• Upgrade: gnome-keyring version to 46.2

  #13572 commented on Apr 30, 2025 • 0 new comments

• Upgrade PyGreSQL version to 6.0.1

  #10544 commented on Apr 25, 2025 • 0 new comments

• WorkItem 49598046: Update MySQL package to be functional, using Fedora packaging as a baseline.

  #13575 commented on Apr 28, 2025 • 0 new comments

• CVE-2024-45338

  #12871 commented on Apr 28, 2025 • 0 new comments

• Remove extended rasqal package as this is very old package and doesn't support pcre2

  #12107 commented on Apr 30, 2025 • 0 new comments

• Upgrade: python-mutagen version to 1.47.0

  #12517 commented on Apr 25, 2025 • 0 new comments

• Added zix package to SPECS-EXTENDED

  #12620 commented on Apr 25, 2025 • 0 new comments

• Upgrade: python-dns version to 2.6.1

  #12631 commented on Apr 25, 2025 • 0 new comments

• Patch edk2 for CVE-2024-6129, CVE-2024-2511, CVE-2024-4603

  #12657 commented on May 1, 2025 • 0 new comments

• virtiofsd: patch CVE-2024-43806

  #11957 commented on May 1, 2025 • 0 new comments

• Upgrade: yelp-tools version to 42.1

  #11950 commented on Apr 25, 2025 • 0 new comments

• Bump golang.org/x/net from 0.33.0 to 0.36.0 in /toolkit/tools

  #12920 commented on Apr 29, 2025 • 0 new comments

• Upgrade: spice-protocol version to 0.14.4

  #11847 commented on Apr 25, 2025 • 0 new comments

• Upgrade nodejs-nodemon version to 3.1.4

  #13026 commented on Apr 30, 2025 • 0 new comments

• Upgrade: libpeas version to 1.36.0

  #13055 commented on Apr 25, 2025 • 0 new comments

• Upgrade: microdnf version to 3.10.1

  #13058 commented on Apr 25, 2025 • 0 new comments

• Upgraded mythes to version 1.2.5

  #11600 commented on Apr 25, 2025 • 0 new comments

• Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 in /toolkit/tools

  #13069 commented on Apr 29, 2025 • 0 new comments

• Upgrade: perl-Test-Script version to 1.29

  #13083 commented on Apr 25, 2025 • 0 new comments

• Set unique names for subpackages in kernel-rt spec

  #13084 commented on Apr 25, 2025 • 0 new comments

• Add configuration for new seed image

  #13145 commented on Apr 30, 2025 • 0 new comments

• [AUTOPATCHER-kernel-rt] Kernel RT upgrade to version 6.6.85.1-rt53 - branch 3.0-dev

  #13281 commented on Apr 26, 2025 • 0 new comments

• Upgrade: perl-Test-TrailingSpace version to 0.0601

  #13316 commented on Apr 25, 2025 • 0 new comments

• Upgrade: perl-File-Find-Object-Rule version to 0.0313

  #13317 commented on Apr 28, 2025 • 0 new comments

• Upgrade gcr version to 3.41.1

  #13344 commented on Apr 30, 2025 • 0 new comments

• Bump golang.org/x/crypto from 0.31.0 to 0.35.0 in /toolkit/tools

  #13386 commented on Apr 29, 2025 • 0 new comments

• [LOW] Patch glib for CVE-2025-3360

  #13427 commented on Apr 28, 2025 • 0 new comments

• [LOW] Patch glib for CVE-2025-3360

  #13428 commented on Apr 28, 2025 • 0 new comments

• [Medium] Patch cert-manager for CVE-2025-32386, CVE-2025-32387, CVE-2025-22872

  #13443 commented on Apr 25, 2025 • 0 new comments