alpha-4152.0.0
·
227 commits
to main
since this release
alpha-4152.0.0
tormath1
Mathieu Tortuyaux
This tag was signed with the committer’s verified signature.
The key has expired.
tormath1
Mathieu Tortuyaux
Changes since Alpha 4116.0.0
Security fixes:
- Linux (CVE-2024-50179, CVE-2024-50176, CVE-2024-50175, CVE-2024-50012, CVE-2024-50008, CVE-2024-50007, CVE-2024-50006, CVE-2024-50005, CVE-2024-50016, CVE-2024-50015, CVE-2024-50013, CVE-2024-50003, CVE-2024-50002, CVE-2024-50001, CVE-2024-50000, CVE-2024-49997, CVE-2024-49996, CVE-2024-49995, CVE-2024-49955, CVE-2024-49963, CVE-2024-49962, CVE-2024-49961, CVE-2024-49960, CVE-2024-49959, CVE-2024-49993, CVE-2024-49992, CVE-2024-49991, CVE-2024-49989, CVE-2024-49988, CVE-2024-49987, CVE-2024-49986, CVE-2024-49985, CVE-2024-49958, CVE-2024-49983, CVE-2024-49982, CVE-2024-49981, CVE-2024-49980, CVE-2024-49978, CVE-2024-49977, CVE-2024-49976, CVE-2024-49975, CVE-2024-49957, CVE-2024-49973, CVE-2024-49969, CVE-2024-49967, CVE-2024-49966, CVE-2024-49965, CVE-2024-49924, CVE-2024-49954, CVE-2024-49953, CVE-2024-49952, CVE-2024-49951, CVE-2024-49950, CVE-2024-49949, CVE-2024-49948, CVE-2024-49947, CVE-2024-49946, CVE-2024-49944, CVE-2024-49939, CVE-2024-49938, CVE-2024-49937, CVE-2024-49936, CVE-2024-49935, CVE-2024-49933, CVE-2024-49931, CVE-2024-49930, CVE-2024-49929, CVE-2024-49927, CVE-2024-49925, CVE-2024-49875, CVE-2024-49884, CVE-2024-49883, CVE-2024-49882, CVE-2024-49881, CVE-2024-49879, CVE-2024-49913, CVE-2024-49912, CVE-2024-49907, CVE-2024-49905, CVE-2024-49878, CVE-2024-49903, CVE-2024-49902, CVE-2024-49901, CVE-2024-49900, CVE-2024-49896, CVE-2024-49895, CVE-2024-49877, CVE-2024-49894, CVE-2024-49892, CVE-2024-49890, CVE-2024-49889, CVE-2024-49886, CVE-2024-49863, CVE-2024-49871, CVE-2024-49870, CVE-2024-49868, CVE-2024-49867, CVE-2024-49866, CVE-2024-49874, CVE-2024-49864, CVE-2024-47704, CVE-2024-50191, CVE-2024-50189, CVE-2024-50188, CVE-2024-50187, CVE-2024-50186, CVE-2024-50185, CVE-2024-50184, CVE-2024-50183, CVE-2024-50182, CVE-2024-50180, CVE-2024-50181, CVE-2024-50097, CVE-2024-50096, CVE-2024-50095, CVE-2024-50093, CVE-2024-50089, CVE-2024-50058, CVE-2024-50065, CVE-2024-50064, CVE-2024-50063, CVE-2024-50062, CVE-2024-50061, CVE-2024-50060, CVE-2024-50059, CVE-2024-50026, CVE-2024-50024, CVE-2024-50023, CVE-2024-50057, CVE-2024-50055, CVE-2024-50049, CVE-2024-50022, CVE-2024-50048, CVE-2024-50047, CVE-2024-50046, CVE-2024-50045, CVE-2024-50044, CVE-2024-50041, CVE-2024-50040, CVE-2024-50039, CVE-2024-50038, CVE-2024-50036, CVE-2024-50035, CVE-2024-50033, CVE-2024-50032, CVE-2024-50031, CVE-2024-50029, CVE-2024-50019, CVE-2024-50201, CVE-2024-50202, CVE-2024-50101, CVE-2024-50098, CVE-2024-50099, CVE-2024-50088, CVE-2024-50087, CVE-2024-50086, CVE-2024-50085, CVE-2024-50084, CVE-2024-50083, CVE-2024-50082, CVE-2024-50080, CVE-2024-50077, CVE-2024-50076, CVE-2024-50075, CVE-2024-50074, CVE-2024-50073, CVE-2024-50072, CVE-2024-50070, CVE-2024-50078, CVE-2024-50069, CVE-2024-50066, CVE-2024-50211, CVE-2024-50210, CVE-2024-50209, CVE-2024-50208, CVE-2024-50205, CVE-2024-50155, CVE-2024-50164, CVE-2024-50163, CVE-2024-50162, CVE-2024-50160, CVE-2024-50159, CVE-2024-50158, CVE-2024-50172, CVE-2024-50171, CVE-2024-50170, CVE-2024-50169, CVE-2024-50168, CVE-2024-50167, CVE-2024-50166, CVE-2024-50156, CVE-2024-50148, CVE-2024-50147, CVE-2024-50145, CVE-2024-50143, CVE-2024-50142, CVE-2024-50141, CVE-2024-50154, CVE-2024-50153, CVE-2024-50152, CVE-2024-50151, CVE-2024-50150, CVE-2024-50139, CVE-2024-50140, CVE-2024-50128, CVE-2024-50136, CVE-2024-50135, CVE-2024-50134, CVE-2024-50133, CVE-2024-50131, CVE-2024-50130, CVE-2024-50111, CVE-2024-50110, CVE-2024-50108, CVE-2024-50127, CVE-2024-50126, CVE-2024-50125, CVE-2024-50124, CVE-2024-50121, CVE-2024-50120, CVE-2024-50117, CVE-2024-50116, CVE-2024-50115, CVE-2024-50112, CVE-2024-50103, CVE-2024-50262, CVE-2024-50259, CVE-2024-50261, CVE-2024-50226, CVE-2024-50235, CVE-2024-50234, CVE-2024-50233, CVE-2024-50232, CVE-2024-50231, CVE-2024-50230, CVE-2024-50258, CVE-2024-50257, CVE-2024-50256, CVE-2024-50229, CVE-2024-50255, CVE-2024-50252, CVE-2024-50251, CVE-2024-50250, CVE-2024-50249, CVE-2024-50248, CVE-2024-50247, CVE-2024-50246, CVE-2024-50228, CVE-2024-50245, CVE-2024-50244, CVE-2024-50243, CVE-2024-50242, CVE-2024-50240, CVE-2024-50239, CVE-2024-50237, CVE-2024-50236, CVE-2024-50219, CVE-2024-50218, CVE-2024-50216, CVE-2024-50215, CVE-2024-50224, CVE-2024-50223, CVE-2024-50222)
- curl (CVE-2024-8096)
- libarchive (CVE-2024-26256, CVE-2024-48957, CVE-2024-48958)
- nvidia-drivers (CVE-2023-31022, CVE-2024-0074, CVE-2024-0075, CVE-2024-0078, CVE-2024-0126)
- openssh (CVE-2024-39894)
- sysext-podman: containers-common (CVE-2024-9341)
- sysext-podman: containers-image (CVE-2024-3727)
- sysext-podman: podman (CVE-2024-9407)
Changes:
- Added Proxmox Virtual Environment images (scripts#1783)
- The UEFI firmware has changed from raw (.fd) format to QCOW2 format. In addition, the amd64 firmware variables are now held in a 4MB image rather than a 2MB image. Note that this firmware is only intended for testing with QEMU. Do not use it in production. (scripts#2434)
- The arm64 UEFI firmware now supports Secure Boot. Be aware that this is not considered secure due to the lack of an SMM implementation, which is needed to protect the variable store. As above, this firmware should not be used in production anyway. (scripts#2434)
- grub 2.12-flatcar3: GRUB now includes many patches from Red Hat to support Secure Boot, as well as Flatcar's own patches. The version string includes a numbered "flatcar" suffix to track changes to these additional patches. This string can be seen in the GRUB menu. (scripts#2431)
- Disable CONFIG_NFS_V4_2_READ_PLUS kernel config to fix nfs-ganesha (flatcar/scripts#2390)
Updates:
- Ignition (2.20.0)
- Linux (6.6.60 (includes 6.6.59, 6.6.58, 6.6.57, 6.6.56, 6.6.55))
- Linux Firmware (20241017)
- SDK: Go (1.22.9)
- SDK: catalyst (4.0.0)
- SDK: crossdev (20240921)
- SDK: edk2-bin (202408 (includes 202405, 202402, 202311, 202308, 202305, 202302, 202211, 202208, 202205))
- SDK: meson (1.5.2)
- SDK: rust (1.81.0)
- azure: chrony (4.6)
- base, dev: azure-vm-utils (0.3.0)
- base, dev: binutils-config (5.5.2)
- base, dev: btrfs-progs (6.10.1 (includes 6.10))
- base, dev: c-ares (1.33.1 (includes 1.33.0, 1.32.3, 1.32.2, 1.32.1, 1.32.0, 1.31.0, 1.30.0))
- base, dev: cracklib (2.10.2 (includes 2.10.1, 2.10.0))
- base, dev: cryptsetup (2.7.5 (includes 2.7.4, 2.7.3))
- base, dev: curl (8.10.1 (includes 8.10.0))
- base, dev: efivar (39)
- base, dev: gettext (0.22.5)
- base, dev: git (2.45.2 (includes 2.45.1, 2.45.0))
- base, dev: gnutls (3.8.7.1 (includes 3.8.6))
- base, dev: gptfdisk (1.0.10)
- base, dev: intel-microcode (20240910_p20240915)
- base, dev: kmod (33)
- base, dev: ldb (2.8.1 (includes 2.8.0))
- base, dev: libarchive (3.7.6 (includes 3.7.5))
- base, dev: libassuan (3.0.0)
- base, dev: libgcrypt (1.11.0)
- base, dev: libgpg-error (1.50)
- base, dev: libnl (3.10.0)
- base, dev: libnvme (1.10)
- base, dev: liburing (2.7 (includes 2.6, 2.5, 2.4))
- base, dev: nvme-cli (2.10.2 (includes 2.10.1, 2.10))
- base, dev: oniguruma (6.9.9)
- base, dev: openssh (9.8_p1)
- base, dev: pinentry (1.3.1)
- base, dev: pkgconf (2.3.0)
- base, dev: samba (4.19.7)
- base, dev: selinux-base (2.20240916)
- base, dev: selinux-base-policy (2.20240916)
- base, dev: selinux-container (2.20240916)
- base, dev: selinux-dbus (2.20240916)
- base, dev: selinux-policykit (2.20240916)
- base, dev: selinux-sssd (2.20240916)
- base, dev: selinux-unconfined (2.20240916)
- base, dev: socat (1.8.0.0)
- base, dev: sqlite (3.46.1)
- base, dev: talloc (2.4.2)
- base, dev: tcpdump (4.99.5)
- base, dev: tdb (1.4.10)
- base, dev: tevent (0.16.1 (includes 0.16.0))
- base, dev: userspace-rcu (0.14.1)
- ca-certificates (3.106)
- containerd (1.7.23)
- dev: gdb (15.2)
- dev: gnuconfig (20240728)
- dev: iperf (3.17.1 (includes 3.17))
- dev: libpipeline (1.5.8)
- dev: man-db (2.13.0)
- nvidia-drivers (535.216.01)
- sysext-podman: aardvark-dns (1.12.2 (includes 1.12.1, 1.12.0))
- sysext-podman: containers-common (0.60.4 (includes 0.60.3, 0.60.2, 0.60.1, 0.60.0, 0.59.2))
- sysext-podman: containers-image (5.32.2 (includes 5.32.1, 5.32.0, 5.31.0, 5.30.2, 5.30.1))
- sysext-podman: containers-storage (1.55.0 (includes 1.54.0))
- sysext-podman: crun (1.17 (includes 1.16.1, 1.16, 1.15, 1.14.4))
- sysext-podman: fuse-overlayfs (1.14)
- sysext-podman: netavark (1.12.2 (includes 1.12.1, 1.12.0, 1.11.0))
- sysext-podman: passt (2024.09.06)
- sysext-podman: podman (5.2.4 (includes 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.2, 5.1.1, 5.1.0))
- sysext-python: idna (3.10)
- sysext-python: more-itertools (10.5.0)
- sysext-python: msgpack (1.1.0)
- sysext-python: platformdirs (4.3.6)
- sysext-python: rich (13.8.1)
- sysext-python: setuptools (74.1.3)
- sysext-python: trove-classifiers (2024.9.12)
- sysext-python: urllib3 (2.2.3)
- vmware: open-vm-tools (12.5.0)
- vmware: xmlsec (1.3.4)