Releases: flatcar/scripts
Releases · flatcar/scripts
lts-3033.3.10
lts-3033.3.10
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
49f4578
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since LTS 3033.3.9
Security fixes:
- Linux (CVE-2022-2196, CVE-2022-3707, CVE-2022-4129, CVE-2022-4382, CVE-2023-1073, CVE-2023-1074, CVE-2023-1078, CVE-2023-22998, CVE-2023-23559, CVE-2023-26545)
Updates:
beta-3510.1.0
beta-3510.1.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
7881173
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Beta 3493.1.0
Security fixes:
- Linux (CVE-2022-2196, CVE-2022-27672, CVE-2022-3707, CVE-2023-1078, CVE-2023-26545)
- curl (CVE-2022-43551, CVE-2022-43552)
- sudo (CVE-2023-22809)
- vim (CVE-2023-0049, CVE-2023-0051, CVE-2023-0054)
- SDK: qemu (CVE-2022-4172)
Bug fixes:
- Excluded the special Kubernetes network interfaces
nodelocaldnsandkube-ipvs0from being managed with systemd-networkd which interfered with the setup (init#89).
Updates:
- Linux (5.15.98 (includes 5.15.97, 5.15.96, 5.15.95, 5.15.94, 5.15.93))
- Docker (20.10.23)
- bind tools (9.16.36 (includes 9.16.34 and 9.16.35))
- bpftool (5.19.12)
- ca-certificates (3.88.1)
- containerd (1.6.16)
- curl (7.87.0)
- git (2.39.1 (includes 2.39.0))
- iptables (1.8.8)
- sudo (1.9.12_p2)
- systemd (252.5)
- vim (9.0.1157)
- XZ utils (5.4.1 (includes 5.4.0))
- SDK: boost (1.81.0)
- SDK: file (5.44)
- SDK: portage (3.0.43 (includes 3.0.42))
- SDK: qemu (7.2.0)
- SDK: Rust (1.67.0)
Changes since Alpha 3510.0.0
Security fixes:
Bug fixes:
- Excluded the special Kubernetes network interfaces
nodelocaldnsandkube-ipvs0from being managed with systemd-networkd which interfered with the setup (init#89).
Updates:
alpha-3535.0.0
alpha-3535.0.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
c435fd8
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Alpha 3510.0.0
Security fixes:
- Linux (CVE-2022-2196, CVE-2022-27672, CVE-2022-3707, CVE-2023-1078, CVE-2023-26545)
- Go (CVE-2022-41723, CVE-2022-41724, CVE-2022-41725)
- OpenSSH (CVE-2023-25136)
- OpenSSL (CVE-2022-4203, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0286, CVE-2023-0401)
- containerd (CVE-2023-25153, CVE-2023-25173)
- e2fsprogs (CVE-2022-1304)
- intel-microcode (CVE-2022-21216, CVE-2022-33196, CVE-2022-38090)
- less (CVE-2022-46663)
- torcx (CVE-2022-32149)
- SDK: dnsmasq (CVE-2022-0934)
Bug fixes:
- Excluded the special Kubernetes network interfaces
nodelocaldnsandkube-ipvs0from being managed with systemd-networkd which interfered with the setup (init#89).
Changes:
- Added a new
flatcar-resettool and boot logic for selective OS resets to reconfigure the system with Ignition while avoiding config drift (bootengine#55, init#91) - On boot any files in
/etcthat are the same as provided by the booted/usr/share/flatcar/etcdefault for the overlay mount on/etcare deleted to ensure that future updates of/usr/share/flatcar/etcare propagated - to opt out create/etc/.no-dup-updatein case you want to keep an unmodified config file as is or because you fear that a future Flatcar version may use the same file as you at which point your copy is cleaned up and any other future Flatcar changes would be applied (bootengine#54) - Switched systemd log reporting to the combined format of both unit description, as before, and now the unit name to easily find the unit (coreos-overlay#2436)
/etcis now set up as overlayfs with the original/etcfolder being the store for changed files/directories and/usr/share/flatcar/etcproviding the lower default directory tree (bootengine#53, scripts#666)
Updates:
- Linux (5.15.98 (includes 5.15.97, 5.15.96, 5.15.95, 5.15.94, 5.15.93))
- Go (1.19.6)
- Linux Firmware (20230210)
- OpenSSH (9.2)
- OpenSSL (3.0.8)
- btrfs-progs (6.0.2, includes 6.0)
- containerd (1.6.19 (includes 1.6.18))
- e2fsprogs (1.46.6)
- findutils (4.9.0)
- ignition (2.15.0)
- intel-microcode (20230214)
- iputils (20221126)
- less (608)
- libpcre2 (10.42)
- strace (6.1)
- SDK: cmake (3.25.2)
- SDK: dnsmasq (2.89)
- SDK: python (3.10.9 (includes 3.10))
- SDK: Rust (1.67.1)
stable-3374.2.4
Changes since Stable 3374.2.3
Security fixes:
- Linux (CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0179, CVE-2023-0210, CVE-2023-0266, CVE-2023-0394, CVE-2023-23454, CVE-2023-23455)
Updates:
alpha-3510.0.0
Changes since Alpha 3493.0.0
Security fixes:
- Linux (CVE-2022-4842)
- curl (CVE-2022-43551, CVE-2022-43552)
- sudo (CVE-2023-22809)
- vim (CVE-2023-0049, CVE-2023-0051, CVE-2023-0054)
- SDK: qemu (CVE-2022-4172)
Bug fixes:
Changes:
Updates:
- Linux (5.15.92 (includes 5.15.91, 5.15.90))
- bind tools (9.16.36 (includes 9.16.34 and 9.16.35))
- bpftool (5.19.12)
- containerd (1.6.16)
- cri-tools (1.24.2)
- curl (7.87.0)
- Docker (20.10.23)
- git (2.39.1 (includes 2.39.0))
- iptables (1.8.8)
- sudo (1.9.12_p2)
- systemd (252.5 (includes 252))
- XZ utils (5.4.1 (includes 5.4.0))
- vim (9.0.1157)
- SDK: boost (1.81.0)
- SDK: file (5.44)
- SDK: portage (3.0.43 (includes 3.0.42))
- SDK: qemu (7.2.0)
- SDK: Rust (1.67.0)
stable-3374.2.3
Changes since Stable 3374.2.2
Security fixes:
- Linux (CVE-2022-3169, CVE-2022-3344, CVE-2022-3424, CVE-2022-3521, CVE-2022-3534, CVE-2022-3545, CVE-2022-3643, CVE-2022-4378, CVE-2022-45869, CVE-2022-45934, CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521)
- git (CVE-2022-23521, CVE-2022-41903)
Bug fixes:
- Fix "ext4 deadlock under heavy I/O load" kernel issue. The patch for this is included provisionally while we stay with Kernel 5.15.86. (Flatcar#847, coreos-overlay#2402)
Changes:
Updates:
lts-3033.3.9
Changes since LTS 3033.3.8
Security fixes:
- Linux (CVE-2022-3424, CVE-2022-3534, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-3643, CVE-2022-41218, CVE-2022-4378, CVE-2022-45934, CVE-2022-47929, CVE-2023-0266, CVE-2023-0394, CVE-2023-23454, CVE-2023-23455)
Bug fixes:
Changes:
Updates:
beta-3446.1.1
Changes since Beta 3446.1.0
Security fixes:
- Linux (CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0210, CVE-2023-0266, CVE-2023-0394, CVE-2023-23454, CVE-2023-23455)
- git (CVE-2022-23521, CVE-2022-41903)
Bug fixes:
- Fixed a regression (in Alpha/Beta) where machines failed to boot if they didn't have the
coreuser or group in/etc/passwdor/etc/group(baselayout#26)
Changes:
Updates:
alpha-3493.0.0
Changes since Alpha 3480.0.0
Security fixes:
- Linux (CVE-2022-36280, CVE-2022-41218, CVE-2022-47929, CVE-2023-0210, CVE-2023-0266, CVE-2023-0394, CVE-2023-23454, CVE-2023-23455)
- git (CVE-2022-23521, CVE-2022-41903)
- glib (fixes to normal form handling in GVariant)
- vim (CVE-2022-3491, CVE-2022-3520, CVE-2022-3591, CVE-2022-4141, CVE-2022-4292, CVE-2022-4293)
- SDK: qemu (CVE-2020-14394, CVE-2022-0216, CVE-2022-3872)
- SDK: Rust (CVE-2022-46176)
Bug fixes:
- Fixed a regression (in Alpha/Beta) where machines failed to boot if they didn't have the
coreuser or group in/etc/passwdor/etc/group(baselayout#26)
Changes:
Updates:
- Linux (5.15.89 (includes 5.15.88, 5.15.87))
- Linux Firmware (20230117)
- Go (1.19.5, 1.18.10)
- adcli (0.9.2)
- binutils (2.39)
- elfutils (0.188 (includes 0.187))
- file (5.43)
- gawk (5.2.1 (contains 5.2.0))
- git (2.38.3)
- glib (2.74.4)
- I2C tools (4.3)
- Intel Microcode Package (20221108)
- libcap-ng (0.8.3)
- libseccomp (2.5.4 (contains 2.5.2, 2.5.3))
- nettle (3.8.1)
- rsync (3.2.7)
- shadow (4.13)
- sqlite (3.40.1 (contains 3.40.0))
- vim (9.0.1000)
- XZ utils (5.2.10)
- Azure: python-oem (3.9.16)
- SDK: libpng (1.6.39 (includes 1.6.38))
- SDK: perl (5.36.0)
- SDK: portage (3.0.41)
- SDK: qemu (7.1.0)
- SDK: Rust (1.66.1)
stable-3374.2.2
stable-3374.2.2
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
d735bfd
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Stable 3374.2.1
Security fixes:
- Linux (CVE-2022-3543, CVE-2022-3564, CVE-2022-3619, CVE-2022-3623, CVE-2022-3628, CVE-2022-42895, CVE-2022-42896)