Skip to content

chore(deps): refresh rpm lockfiles [SECURITY] #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
konflux-internal-p02 wants to merge 2 commits into
base: release-8.1
Choose a base branch
from
Open

chore(deps): refresh rpm lockfiles [SECURITY] #45

konflux-internal-p02 wants to merge 2 commits into from

Conversation

@konflux-internal-p02
Copy link

@konflux-internal-p02 konflux-internal-p02 bot commented Oct 17, 2025
edited
Loading

This PR contains the following updates:

File rpms.in.yaml:

Package Change
net-snmp-agent-libs 1:5.9.1-17.el9 -> 1:5.9.1-17.el9_7.1
net-snmp-libs 1:5.9.1-17.el9 -> 1:5.9.1-17.el9_7.1
libssh 0.10.4-15.el9_7 -> 0.10.4-17.el9_7
libssh-config 0.10.4-15.el9_7 -> 0.10.4-17.el9_7
openssl 1:3.5.1-4.el9_7 -> 1:3.5.1-5.el9_7
openssl-libs 1:3.5.1-4.el9_7 -> 1:3.5.1-5.el9_7
tzdata 2025b-2.el9 -> 2025c-1.el9

libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend

CVE-2025-5987

More information

Details

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.

Severity

Moderate

References

🔧 This Pull Request updates lock files to use the latest dependency versions.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch 2 times, most recently from 3316d9c to ae1c543 Compare November 4, 2025 04:14
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch 2 times, most recently from 87d5d94 to e0b6441 Compare November 4, 2025 12:13
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch 3 times, most recently from 96d0da3 to 8b0373a Compare November 13, 2025 12:20
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch from 8b0373a to b545d93 Compare November 19, 2025 08:15
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch 3 times, most recently from 7b9092d to 57e068a Compare December 3, 2025 12:15
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch from 57e068a to e2f1a96 Compare December 18, 2025 12:14
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch 3 times, most recently from 94717bb to dbd1b65 Compare January 15, 2026 12:13
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch from dbd1b65 to a0fde7c Compare January 19, 2026 16:17
Rakshitha-Kamath and others added 2 commits January 20, 2026 11:05
Update konflux refs
0ac6e65 
Signed-off-by: Rakshitha-Kamath <Rakshitha.Kamath@ibm.com>
@konflux-internal-p02
chore(deps): refresh rpm lockfiles [SECURITY]
e938b77 
Signed-off-by: konflux-internal-p02 <170854209+konflux-internal-p02[bot]@users.noreply.github.com>
@konflux-internal-p02 konflux-internal-p02 bot force-pushed the konflux/mintmaker/release-8.1/lock-file-maintenance-vulnerability branch from a0fde7c to e938b77 Compare January 20, 2026 08:16
@konflux-internal-p02
Copy link
Author

konflux-internal-p02 bot commented Jan 20, 2026

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant