Skip to content

chore(deps): refresh rpm lockfiles [SECURITY] #36

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: release-5.3
Choose a base branch
from
Open

chore(deps): refresh rpm lockfiles [SECURITY] #36

wants to merge 1 commit into from
+548 −548

Conversation

@konflux-internal-p02
Copy link
Contributor

@konflux-internal-p02 konflux-internal-p02 bot commented Sep 10, 2025
edited
Loading

This PR contains the following updates:

File rpms.in.yaml:

Package Change
bash 4.4.20-5.el8 -> 4.4.20-6.el8_10
ca-certificates 2024.2.69_v8.0.303-80.0.el8_10 -> 2025.2.80_v9.0.304-80.2.el8_10
curl 7.61.1-34.el8_10.3 -> 7.61.1-34.el8_10.8
dbus 1:1.12.8-26.el8 -> 1:1.12.8-27.el8_10
dbus-common 1:1.12.8-26.el8 -> 1:1.12.8-27.el8_10
dbus-daemon 1:1.12.8-26.el8 -> 1:1.12.8-27.el8_10
dbus-libs 1:1.12.8-26.el8 -> 1:1.12.8-27.el8_10
dbus-tools 1:1.12.8-26.el8 -> 1:1.12.8-27.el8_10
file 5.33-26.el8 -> 5.33-27.el8_10
file-libs 5.33-26.el8 -> 5.33-27.el8_10
glib2 2.56.4-166.el8_10 -> 2.56.4-167.el8_10
glibc 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
glibc-all-langpacks 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
glibc-common 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
glibc-gconv-extra 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
gnutls 3.6.16-8.el8_10.3 -> 3.6.16-8.el8_10.4
grub2-common 1:2.02-167.el8_10 -> 1:2.02-169.el8_10
grub2-tools 1:2.02-167.el8_10 -> 1:2.02-169.el8_10
grub2-tools-minimal 1:2.02-167.el8_10 -> 1:2.02-169.el8_10
libarchive 3.3.3-5.el8 -> 3.3.3-6.el8_10
libcom_err 1.45.6-6.el8_10 -> 1.45.6-7.el8_10
libcurl 7.61.1-34.el8_10.3 -> 7.61.1-34.el8_10.8
libgcc 8.5.0-26.el8_10 -> 8.5.0-28.el8_10
libgomp 8.5.0-26.el8_10 -> 8.5.0-28.el8_10
libssh 0.9.6-14.el8 -> 0.9.6-15.el8_10
libssh-config 0.9.6-14.el8 -> 0.9.6-15.el8_10
libstdc++ 8.5.0-26.el8_10 -> 8.5.0-28.el8_10
libxml2 2.9.7-21.el8_10.1 -> 2.9.7-21.el8_10.3
pam 1.3.1-37.el8_10 -> 1.3.1-38.el8_10
platform-python 3.6.8-70.el8_10 -> 3.6.8-71.el8_10
python3-libs 3.6.8-70.el8_10 -> 3.6.8-71.el8_10
sqlite-libs 3.26.0-19.el8_9 -> 3.26.0-20.el8_10
systemd 239-82.el8_10.5 -> 239-82.el8_10.8
systemd-libs 239-82.el8_10.5 -> 239-82.el8_10.8
systemd-pam 239-82.el8_10.5 -> 239-82.el8_10.8
systemd-udev 239-82.el8_10.5 -> 239-82.el8_10.8
which 2.21-20.el8 -> 2.21-21.el8_10
s390utils-base 2:2.29.0-3.el8_10.1 -> 2:2.29.0-3.el8_10.3
s390utils-core 2:2.29.0-3.el8_10.1 -> 2:2.29.0-3.el8_10.3
s390utils-se-data 2:2.29.0-3.el8_10.1 -> 2:2.29.0-3.el8_10.3
tar 2:1.30-10.el8_10 -> 2:1.30-11.el8_10

glibc: Double free in glibc

CVE-2025-8058

More information

Severity

Moderate

References

gnutls: Vulnerability in GnuTLS otherName SAN export

CVE-2025-32988

More information

Severity

Moderate

References

gnutls: Vulnerability in GnuTLS certtool template parsing

CVE-2025-32990

More information

Severity

Moderate

References

gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()

CVE-2025-6395

More information

Severity

Moderate

References

libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c

CVE-2025-5914

More information

Severity

Important

References

libssh: out-of-bounds read in sftp_handle()

CVE-2025-5318

More information

Severity

Moderate

References

libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

CVE-2025-32415

More information

Severity

Moderate

References

libxslt: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr

CVE-2025-7425

More information

Severity

Important

References

linux-pam: Incomplete fix for CVE-2025-6020

CVE-2025-8941

More information

Severity

Important

References

linux-pam: Linux-pam directory Traversal

CVE-2025-6020

More information

Severity

Important

References

cpython: Cpython infinite loop when parsing a tarfile

CVE-2025-8194

More information

Severity

Moderate

References

sqlite: Integer Truncation in SQLite

CVE-2025-6965

More information

Severity

Important

References

🔧 This Pull Request updates lock files to use the latest dependency versions.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 3 times, most recently from 50ab49d to ad96c47 Compare September 16, 2025 08:13
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 6 times, most recently from c2b8517 to bf3ba76 Compare September 26, 2025 00:28
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 4 times, most recently from dca4742 to 7debb36 Compare October 1, 2025 16:16
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 5 times, most recently from a08e216 to d0d4fe4 Compare October 13, 2025 16:20
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 3 times, most recently from 33001ee to 48f028c Compare October 20, 2025 04:20
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 6 times, most recently from 0d8434d to cce3112 Compare October 29, 2025 12:18
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 3 times, most recently from 7294b6c to 581fde6 Compare November 3, 2025 12:16
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 8 times, most recently from a6d7ff4 to e28093f Compare November 10, 2025 16:18
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch 5 times, most recently from f3d3d2e to b32208a Compare November 13, 2025 16:20
@konflux-internal-p02
chore(deps): refresh rpm lockfiles [SECURITY]
38f51e9 
Signed-off-by: konflux-internal-p02 <170854209+konflux-internal-p02[bot]@users.noreply.github.com>
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-5.3/lock-file-maintenance-vulnerability branch from b32208a to 38f51e9 Compare November 14, 2025 04:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant