From 46e06ff31e3465666bab6f0d0d000096cfdc6daf Mon Sep 17 00:00:00 2001 From: CBL-Mariner Servicing Account Date: Wed, 27 May 2026 19:55:31 +0000 Subject: [PATCH] Upgrade libusb to 1.0.30 for CVE-2026-23679, CVE-2026-47104 --- SPECS/libusb/libusb.signatures.json | 2 +- SPECS/libusb/libusb.spec | 5 ++++- cgmanifest.json | 4 ++-- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/SPECS/libusb/libusb.signatures.json b/SPECS/libusb/libusb.signatures.json index 8c9a280033c..7001c0d3580 100644 --- a/SPECS/libusb/libusb.signatures.json +++ b/SPECS/libusb/libusb.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libusb-1.0.26.tar.bz2": "12ce7a61fc9854d1d2a1ffe095f7b5fac19ddba095c259e6067a46500381b5a5" + "libusb-1.0.30.tar.bz2": "fea36f34f9156400209595e300840767ab1a385ede1dc7ee893015aea9c6dbaf" } } diff --git a/SPECS/libusb/libusb.spec b/SPECS/libusb/libusb.spec index 455cac04e07..323eb7a1413 100644 --- a/SPECS/libusb/libusb.spec +++ b/SPECS/libusb/libusb.spec @@ -1,6 +1,6 @@ Summary: A library which allows userspace access to USB devices Name: libusb -Version: 1.0.26 +Version: 1.0.30 Release: 1%{?dist} License: LGPLv2+ Vendor: Microsoft Corporation @@ -59,6 +59,9 @@ popd %{_libdir}/pkgconfig/* %changelog +* Wed May 27 2026 CBL-Mariner Servicing Account - 1.0.30-1 +- Auto-upgrade to 1.0.30 - for CVE-2026-23679, CVE-2026-47104 + * Fri Oct 27 2023 CBL-Mariner Servicing Account - 1.0.26-1 - Auto-upgrade to 1.0.26 - Azure Linux 3.0 - package upgrades diff --git a/cgmanifest.json b/cgmanifest.json index 44e289729d5..2f010ba2a5c 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -11661,8 +11661,8 @@ "type": "other", "other": { "name": "libusb", - "version": "1.0.26", - "downloadUrl": "https://github.com/libusb/libusb/releases/download/v1.0.26/libusb-1.0.26.tar.bz2" + "version": "1.0.30", + "downloadUrl": "https://github.com/libusb/libusb/releases/download/v1.0.30/libusb-1.0.30.tar.bz2" } } },