Skip to content

chore(deps): refresh rpm lockfiles [SECURITY] #69

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: release-9.0
Choose a base branch
from
Open

chore(deps): refresh rpm lockfiles [SECURITY] #69

wants to merge 1 commit into from

Conversation

@konflux-internal-p02
Copy link
Contributor

@konflux-internal-p02 konflux-internal-p02 bot commented Nov 11, 2025
edited
Loading

This PR contains the following updates:

File rpms.in.yaml:

Package Change
audit-libs 4.0.3-1.el10 -> 4.0.3-4.el10
filesystem 3.18-16.el10 -> 3.18-17.el10
glibc 2.39-46.el10_0.4 -> 2.39-58.el10_1.2
glibc-common 2.39-46.el10_0.4 -> 2.39-58.el10_1.2
glibc-gconv-extra 2.39-46.el10_0.4 -> 2.39-58.el10_1.2
glibc-minimal-langpack 2.39-46.el10_0.4 -> 2.39-58.el10_1.2
libgcc 14.2.1-7.el10 -> 14.3.1-2.1.el10
libselinux 3.8-2.el10_0 -> 3.9-1.el10
libsemanage 3.8.1-1.el10_0 -> 3.9-1.el10
libsepol 3.8-1.el10 -> 3.9-1.el10
pam-libs 1.6.1-7.el10 -> 1.6.1-8.el10
redhat-release 10.0-30.el10 -> 10.1-17.el10
redhat-release-eula 10.0-30.el10 -> 10.1-17.el10
setup 2.14.5-4.el10 -> 2.14.5-7.el10
shadow-utils 2:4.15.0-5.el10 -> 2:4.15.0-8.el10
tzdata 2025b-1.el10 -> 2025b-2.el10

linux-pam: Linux-pam directory Traversal

CVE-2025-6020

More information

Details

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Severity

Important

References

🔧 This Pull Request updates lock files to use the latest dependency versions.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-9.0/lock-file-maintenance-vulnerability branch from 6fd6c7a to c954642 Compare November 13, 2025 12:13
@rakshithakamath94
Copy link

rakshithakamath94 commented Nov 19, 2025

/retest

@konflux-internal-p02
chore(deps): refresh rpm lockfiles [SECURITY]
668b4c9 
Signed-off-by: konflux-internal-p02 <170854209+konflux-internal-p02[bot]@users.noreply.github.com>
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-9.0/lock-file-maintenance-vulnerability branch from c954642 to 668b4c9 Compare November 19, 2025 16:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rakshithakamath94 rakshithakamath94 rakshithakamath94 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rakshithakamath94