Skip to content

[AUTOPATCHER-CORE] Upgrade freeipmi to 1.6.17 for CVE-2026-33554#16429

Merged
jslobodzian merged 3 commits intofasttrack/3.0from
cblmargh/freeipmi-upgrade-to-1.6.17-fasttrack/3.0
Apr 7, 2026
Merged

[AUTOPATCHER-CORE] Upgrade freeipmi to 1.6.17 for CVE-2026-33554#16429
jslobodzian merged 3 commits intofasttrack/3.0from
cblmargh/freeipmi-upgrade-to-1.6.17-fasttrack/3.0

Conversation

@CBL-Mariner-Bot
Copy link
Copy Markdown
Collaborator

@CBL-Mariner-Bot CBL-Mariner-Bot commented Apr 2, 2026

[AUTOPATCHER-CORE] Upgrade freeipmi to 1.6.17 for CVE-2026-33554
Upgrade pipeline run -> https://dev.azure.com/mariner-org/mariner/_build/results?buildId=1085293&view=results

@CBL-Mariner-Bot CBL-Mariner-Bot requested a review from a team as a code owner April 2, 2026 12:15
@Kanishk-Bansal Kanishk-Bansal added security CVE-fixed-by-upgrade CVE fixed by package upgrade labels Apr 2, 2026
@Kanishk-Bansal
Copy link
Copy Markdown
Contributor

Kanishk-Bansal commented Apr 2, 2026

Based on the available information from the official GNU/Savannah sources, here's a summary of changes between FreeIPMI 1.6.11 → 1.6.17:

Breaking Changes & Notable Updates

There are no major breaking API/CLI changes documented between 1.6.11 and 1.6.17. The releases in this range are primarily bug fixes, build fixes, and minor enhancements. Here's the version-by-version breakdown:

1.6.12 (Nov 2023)

  • Switched from select() to poll() to avoid file descriptor limits in the openipmi driver.
  • Fixed portability issues on systems without cbrt().

1.6.13 (Jan 2024)

  • Fixed build issues with inb/outb inline assembly declarations.
  • Added additional sensor/event interpretations.

1.6.14

  • Details not publicly available in online sources (check the NEWS file in the tarball).

1.6.15 (Jan 2025)

  • Fix: Incorrect output of IPv6_Dynamic_Address_Source_Type in ipmi-config⚠️ if you parse this output, your scripts may see different values after upgrading.
  • Increased precision of Dell cumulative energy output in ipmi-oem⚠️ could affect parsing if you rely on a specific numeric format.
  • Removed advertising of options only available with special debug builds.
  • Fixed build errors with -Werror=implicit-function-declaration.
  • libfreeipmi: Removed unnecessary/duplicate parameter checks.
  • Fixed gcc 14.x build failures.

1.6.16 (Sep 2025)

  • Important fix: Potential sensor reading miscalculation on systems where char is unsigned (e.g., ARM) vs signed (e.g., x86) — ⚠️ if you're on ARM, sensor readings may change (become correct) after upgrading.
  • Fixed gcc 15 compilation errors.

1.6.17

  • Detailed release notes not yet publicly available online.

Overall, the upgrade from 1.6.11 to 1.6.17 should be safe and non-breaking for most users

lisc check fix
38c18d1 
Signed-off-by: Kanishk Bansal <kanbansal@microsoft.com>
@Kanishk-Bansal Kanishk-Bansal force-pushed the cblmargh/freeipmi-upgrade-to-1.6.17-fasttrack/3.0 branch from 287e82a to 38c18d1 Compare April 2, 2026 16:23
@Kanishk-Bansal Kanishk-Bansal added the CVEFixReadyForMaintainerReview When a CVE fix has been reviewed by release manager and is ready for stable maintainer review label Apr 2, 2026
@jslobodzian jslobodzian merged commit 7bd3646 into fasttrack/3.0 Apr 7, 2026
17 of 22 checks passed
@jslobodzian jslobodzian deleted the cblmargh/freeipmi-upgrade-to-1.6.17-fasttrack/3.0 branch April 7, 2026 16:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jslobodzian jslobodzian jslobodzian approved these changes

Assignees

No one assigned

Labels

Automatic PR AutoUpgrade Core CVE-fixed-by-upgrade CVE fixed by package upgrade CVEFixReadyForMaintainerReview When a CVE fix has been reviewed by release manager and is ready for stable maintainer review fasttrack/3.0 PRs Destined for Azure Linux 3.0 Packaging security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@CBL-Mariner-Bot @Kanishk-Bansal @jslobodzian