Skip to content

chore(deps): refresh rpm lockfiles [SECURITY]#3052

Merged
red-hat-konflux[bot] merged 1 commit intomasterfrom
konflux/mintmaker/master/lock-file-maintenance-vulnerability
Mar 10, 2026
Merged

chore(deps): refresh rpm lockfiles [SECURITY]#3052
red-hat-konflux[bot] merged 1 commit intomasterfrom
konflux/mintmaker/master/lock-file-maintenance-vulnerability

Conversation

@red-hat-konflux
Copy link
Contributor

@red-hat-konflux red-hat-konflux bot commented Mar 10, 2026
edited
Loading

This PR contains the following updates:

File rpms.in.yaml:

Package Change
python-unversioned-command 3.9.25-3.el9_7 -> 3.9.25-3.el9_7.1
gnutls 3.8.3-9.el9 -> 3.8.3-10.el9_7
python3 3.9.25-3.el9_7 -> 3.9.25-3.el9_7.1
python3-libs 3.9.25-3.el9_7 -> 3.9.25-3.el9_7.1

cpython: IMAP command injection in user-controlled commands

CVE-2025-15366

More information

Details

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server.

Severity

Moderate

References

cpython: email header injection due to unquoted newlines

CVE-2026-1299

More information

Details

A flaw was found in the email module in the Python standard library. When serializing an email message, the BytesGenerator class fails to properly quote newline characters for email headers. This issue is exploitable when the LiteralHeader class is used as it does not respect email folding rules, allowing an attacker to inject email headers and potentially modify message recipients or the email body, and spoof sender information.

Severity

Moderate

References

cpython: POP3 command injection in user-controlled commands

CVE-2025-15367

More information

Details

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server.

Severity

Moderate

References

🔧 This Pull Request updates lock files to use the latest dependency versions.

Configuration

📅 Schedule: Branch creation - "" in timezone Etc/UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux red-hat-konflux bot requested a review from rhacs-bot as a code owner March 10, 2026 18:20
@red-hat-konflux red-hat-konflux bot requested a review from a team as a code owner March 10, 2026 18:20
@red-hat-konflux red-hat-konflux bot requested a review from a team as a code owner March 10, 2026 18:20
@red-hat-konflux red-hat-konflux bot added the rebuild-test-container Rebuild the collector-tests container. label Mar 10, 2026
@red-hat-konflux red-hat-konflux bot enabled auto-merge (squash) March 10, 2026 18:20
rhacs-bot
rhacs-bot approved these changes Mar 10, 2026
View reviewed changes
Copy link
Contributor

@rhacs-bot rhacs-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto-approved by automation.

@codecov-commenter
Copy link

codecov-commenter commented Mar 10, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 27.38%. Comparing base (9c3a9c1) to head (45915a0).
⚠️ Report is 1 commits behind head on master.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #3052   +/-   ##
=======================================
  Coverage   27.38%   27.38%           
=======================================
  Files          95       95           
  Lines        5427     5427           
  Branches     2548     2548           
=======================================
  Hits         1486     1486           
  Misses       3214     3214           
  Partials      727      727
Flag Coverage Δ
collector-unit-tests 27.38% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@red-hat-konflux
chore(deps): refresh rpm lockfiles [SECURITY]
45915a0 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/master/lock-file-maintenance-vulnerability branch from 8d4c780 to 45915a0 Compare March 10, 2026 22:10
@red-hat-konflux red-hat-konflux bot merged commit 69289b6 into master Mar 10, 2026
73 checks passed
@red-hat-konflux red-hat-konflux bot deleted the konflux/mintmaker/master/lock-file-maintenance-vulnerability branch March 10, 2026 23:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rhacs-bot rhacs-bot rhacs-bot approved these changes

Assignees

No one assigned

Labels

auto-approve build-builder-image rebuild-test-container Rebuild the collector-tests container.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@codecov-commenter @rhacs-bot