Skip to content

chore(deps): refresh rpm lockfiles [SECURITY] #2742

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ksurabhi91 merged 1 commit into from
Jan 23, 2026
Merged

chore(deps): refresh rpm lockfiles [SECURITY] #2742

ksurabhi91 merged 1 commit into from
Jan 23, 2026

Conversation

@red-hat-konflux
Copy link
Contributor

@red-hat-konflux red-hat-konflux bot commented Dec 18, 2025
edited
Loading

This PR contains the following updates:

File rpms.in.yaml:

Package Change
glib2 2.56.4-167.el8_10 -> 2.56.4-168.el8_10

glib: Integer overflow in in g_escape_uri_string()

CVE-2025-13601

More information

Details

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Severity

Moderate

References

🔧 This Pull Request updates lock files to use the latest dependency versions.

Configuration

📅 Schedule: Branch creation - "" in timezone Etc/UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux red-hat-konflux bot requested a review from rhacs-bot as a code owner December 18, 2025 00:58
@red-hat-konflux red-hat-konflux bot added the rebuild-test-container Rebuild the collector-tests container. label Dec 18, 2025
@red-hat-konflux red-hat-konflux bot requested review from a team as code owners December 18, 2025 00:58
@codecov-commenter
Copy link

codecov-commenter commented Dec 18, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 27.61%. Comparing base (b0caa13) to head (87e766e).
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@              Coverage Diff              @@
##           release-3.23    #2742   +/-   ##
=============================================
  Coverage         27.61%   27.61%           
=============================================
  Files                96       96           
  Lines              5424     5424           
  Branches           2523     2523           
=============================================
  Hits               1498     1498           
  Misses             3214     3214           
  Partials            712      712
Flag Coverage Δ
collector-unit-tests 27.61% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.23/lock-file-maintenance-vulnerability branch 7 times, most recently from 92cb1d6 to 674896c Compare December 22, 2025 21:03
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.23/lock-file-maintenance-vulnerability branch 8 times, most recently from 47b20b4 to 6afeec1 Compare January 8, 2026 17:06
@github-actions
Copy link

github-actions bot commented Jan 8, 2026

/retest collector-on-push

@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.23/lock-file-maintenance-vulnerability branch 4 times, most recently from 717e352 to 229ac85 Compare January 12, 2026 05:07
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.23/lock-file-maintenance-vulnerability branch from 229ac85 to a887bad Compare January 13, 2026 01:33
@github-actions
Copy link

github-actions bot commented Jan 13, 2026

/retest collector-on-push

@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.23/lock-file-maintenance-vulnerability branch 12 times, most recently from 63c2bf8 to 03b2b67 Compare January 20, 2026 01:15
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.23/lock-file-maintenance-vulnerability branch from 03b2b67 to c815205 Compare January 20, 2026 17:15
@red-hat-konflux
chore(deps): refresh rpm lockfiles [SECURITY]
87e766e 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.23/lock-file-maintenance-vulnerability branch from c815205 to 87e766e Compare January 22, 2026 20:56
@ksurabhi91 ksurabhi91 merged commit 9819ee5 into release-3.23 Jan 23, 2026
97 of 98 checks passed
@ksurabhi91 ksurabhi91 deleted the konflux/mintmaker/release-3.23/lock-file-maintenance-vulnerability branch January 23, 2026 06:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ksurabhi91 ksurabhi91 ksurabhi91 approved these changes

@rhacs-bot rhacs-bot Awaiting requested review from rhacs-bot rhacs-bot is a code owner

Assignees

No one assigned

Labels

auto-approve build-builder-image rebuild-test-container Rebuild the collector-tests container.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@codecov-commenter @ksurabhi91