Skip to content

Commit d6a9cc5

Browse files
CBL-Mariner-BotCBL-Mariner-Bot
authored
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade erlang to 26.2.5.9 for CVE-2025-26618 [High] - branch 3.0-dev (#12614)
1 parent 041cdb6 commit d6a9cc5

File tree

3 files changed

+8
-5
lines changed

3 files changed

+8
-5
lines changed

SPECS/erlang/erlang.signatures.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
22
"Signatures": {
3-
"erlang-26.2.5.6.tar.gz": "371e59b98de59822e45fdbe50c18c8d8dd4c872990e7aaaba8a819e167186d03"
3+
"erlang-26.2.5.9.tar.gz": "730b937d31c899db5a14567d23452d1cee2f058aea4a42becbb4cb926a286927"
44
}
5-
}
5+
}

SPECS/erlang/erlang.spec

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
%define debug_package %{nil}
22
Summary: erlang
33
Name: erlang
4-
Version: 26.2.5.6
4+
Version: 26.2.5.9
55
Release: 1%{?dist}
66
License: Apache-2.0
77
Vendor: Microsoft Corporation
@@ -53,6 +53,9 @@ export ERL_TOP=`pwd`
5353
%{_libdir}/erlang/*
5454

5555
%changelog
56+
* Tue Feb 25 2025 CBL-Mariner Servicing Account <[email protected]> - 26.2.5.9-1
57+
- Auto-upgrade to 26.2.5.9 - for CVE-2025-26618
58+
5659
* Fri Dec 13 2024 Ahmed Badawi <[email protected]> - 26.2.5.6-1
5760
- Upgrade to 26.2.5.6 - fix cve CVE-2024-53846. Removed previous patch below as vulnerability is addressed in new version
5861

cgmanifest.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3338,8 +3338,8 @@
33383338
"type": "other",
33393339
"other": {
33403340
"name": "erlang",
3341-
"version": "26.2.5.6",
3342-
"downloadUrl": "https://github.com/erlang/otp/archive/OTP-26.2.5.6/otp-OTP-26.2.5.6.tar.gz"
3341+
"version": "26.2.5.9",
3342+
"downloadUrl": "https://github.com/erlang/otp/archive/OTP-26.2.5.9/otp-OTP-26.2.5.9.tar.gz"
33433343
}
33443344
}
33453345
},

0 commit comments

Comments
 (0)