Skip to content

[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2024-43834 CVE-2024-47670 CVE-2021-47482 CVE-2024-46852 CVE-2024-38545 CVE-2024-47671 CVE-2024-50058 CVE-2022-48635 CVE-2024-46859 CVE-2024-46854 CVE-2024-36893 CVE-2024-26875 CVE-2024-43839 CVE-2024-50072 CVE-2024-38538 CVE-2024-41080 CVE-2024-50036 CVE-2024-43849 CVE-2024-47673 CVE-2024-43835 CVE-2023-52913 CVE-2024-46849 CVE-2024-44931 CVE-2024-50086 CVE-2024-36972 CVE-2024-50010 CVE-2024-47672 CVE-2024-46853 CVE-2023-52601 CVE-2024-46695 CVE-2024-46855 CVE-2024-43841 CVE-2024-43846 CVE-2024-39463 CVE-2024-46858 #31204

[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2024-43834 CVE-2024-47670 CVE-2021-47482 CVE-2024-46852 CVE-2024-38545 CVE-2024-47671 CVE-2024-50058 CVE-2022-48635 CVE-2024-46859 CVE-2024-46854 CVE-2024-36893 CVE-2024-26875 CVE-2024-43839 CVE-2024-50072 CVE-2024-38538 CVE-2024-41080 CVE-2024-50036 CVE-2024-43849 CVE-2024-47673 CVE-2024-43835 CVE-2023-52913 CVE-2024-46849 CVE-2024-44931 CVE-2024-50086 CVE-2024-36972 CVE-2024-50010 CVE-2024-47672 CVE-2024-46853 CVE-2023-52601 CVE-2024-46695 CVE-2024-46855 CVE-2024-43841 CVE-2024-43846 CVE-2024-39463 CVE-2024-46858

[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2024-43834 CVE-2024-47670 CVE-2021-47482 CVE-2024-46852 CVE-2024-38545 CVE-2024-47671 CVE-2024-50058 CVE-2022-48635 CVE-2024-46859 CVE-2024-46854 CVE-2024-36893 CVE-2024-26875 CVE-2024-43839 CVE-2024-50072 CVE-2024-38538 CVE-2024-41080 CVE-2024-50036 CVE-2024-43849 CVE-2024-47673 CVE-2024-43835 CVE-2023-52913 CVE-2024-46849 CVE-2024-44931 CVE-2024-50086 CVE-2024-36972 CVE-2024-50010 CVE-2024-47672 CVE-2024-46853 CVE-2023-52601 CVE-2024-46695 CVE-2024-46855 CVE-2024-43841 CVE-2024-43846 CVE-2024-39463 CVE-2024-46858 #31204

Workflow file for this run

# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
name: Spec files check
on:
push:
branches: [main, dev, 1.0*, 2.0*, fasttrack/*]
pull_request:
branches: [main, dev, 1.0*, 2.0*, fasttrack/*]
permissions: read-all
jobs:
spec-check:
name: Spec files check
runs-on: ubuntu-latest
steps:
# Checkout the branch of our repo that triggered this action
- name: Workflow trigger checkout
uses: actions/checkout@v4
# For consistency, we use the same major/minor version of Python that CBL-Mariner ships
- name: Setup Python 3.9
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Get Python dependencies
run: python3 -m pip install -r toolkit/scripts/requirements.txt
- name: Get base commit for PRs
if: ${{ github.event_name == 'pull_request' }}
run: |
git fetch origin ${{ github.base_ref }}
echo "base_sha=$(git rev-parse origin/${{ github.base_ref }})" >> $GITHUB_ENV
echo "Merging ${{ github.sha }} into ${{ github.base_ref }}"
- name: Get base commit for Pushes
if: ${{ github.event_name == 'push' }}
run: |
git fetch origin ${{ github.event.before }}
echo "base_sha=${{ github.event.before }}" >> $GITHUB_ENV
echo "Merging ${{ github.sha }} into ${{ github.event.before }}"
- name: Get the changed files
run: |
echo "Files changed: '$(git diff-tree --no-commit-id --name-only -r ${{ env.base_sha }} ${{ github.sha }})'"
changed_specs=$(git diff-tree --diff-filter=d --no-commit-id --name-only -r ${{ env.base_sha }} ${{ github.sha }} | { grep "SPECS.*/.*\.spec$" || test $? = 1; })
echo "Files to validate: '${changed_specs}'"
echo "updated-specs=$(echo ${changed_specs})" >> $GITHUB_ENV
- name: Main branch checkout
uses: actions/checkout@v4
with:
ref: 'main'
path: 'main-checkout'
- name: Verify .spec files
if: ${{ env.updated-specs != '' }}
run: python3 toolkit/scripts/check_spec_guidelines.py ${{ env.updated-specs }}