Releases: flatcar/scripts
Releases · flatcar/scripts
beta-3402.1.0
beta-3402.1.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
9644358
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Beta 3374.1.1
Security fixes:
- Linux (CVE-2022-2602, CVE-2022-3535, CVE-2022-3542, CVE-2022-3565, CVE-2022-3594)
- bind tools (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- curl (CVE-2022-35252)
- dbus (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012)
- go (CVE-2022-41715, CVE-2022-2880, CVE-2022-2879)
- libxml2 (CVE-2022-40303, CVE-2022-40304)
- logrotate (CVE-2022-1348)
- vim (CVE-2022-1725, CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3278, CVE-2022-3256, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352)
- SDK: rust (CVE-2022-36113, CVE-2022-36114)
Bug fixes:
- Enabled IOMMU on arm64 kernels, the lack of which prevented some systems from booting (coreos-overlay#2235)
Changes:
- Added
CONFIG_NF_CONNTRACK_BRIDGE(for nf_conntrack_bridge) andCONFIG_NFT_BRIDGE_META(for nft_meta_bridge) to the kernel config to allow using conntrack rules for bridges in nftables and to match on bridge interface names (coreos-overlay#2207) - Change CONFIG_WIREGUARD kernel option to module to save space on boot partition (coreos-overlay#2239)
- Disable several arch specific arm64 kernel config options for unsupported platforms to save space on boot partition (coreos-overlay#2239)
- Switched from
--strip-unneededto--strip-debugwhen installing kernel modules, which makes kernel stacktraces more accurate and makes debugging issues easier (coreos-overlay#2196) - The flatcar-update tool got two new flags to customize ports used on the host while updating flatcar (init#81)
- Add qemu-guest-agent to all amd64 images, it will be automatically enabled when qemu-ga virtio-port is detected (coreos-overlay#2240, portage-stable#373)
Updates:
- Linux (5.15.77 (includes 5.15.76, 5.15.75))
- Linux Firmware (20221012)
- Docker (20.10.20)
- Go (1.18.7)
- OpenSSL (3.0.7)
- bind tools (9.16.33)
- bpftool (5.19.2)
- curl (7.85)
- dbus (1.14.4)
- git (2.37.3)
- glibc (2.34)
- libxml2 (2.10.3)
- logrotate (3.20.1)
- nmap (7.93)
- pahole (1.23)
- strace (5.19)
- vim (9.0.0655)
- wireguard-tools (1.0.20210914)
- zlib (1.2.13)
- SDK: catalyst (3.0.21)
- SDK: cmake (3.23.3)
- SDK: libxslt (1.1.37)
- SDK: meson (0.62.2)
- SDK: ninja (1.11.0)
- SDK: Rust (1.64.0)
Changes since Alpha 3402.0.1
Security fixes:
Updates:
alpha-3417.0.0
alpha-3417.0.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
a58c2cd
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Alpha 3402.0.1
Security fixes:
- Linux (CVE-2022-2602, CVE-2022-3535, CVE-2022-3542, CVE-2022-3565, CVE-2022-3594)
- git (CVE-2022-39253, CVE-2022-39260)
- multipath-tools (CVE-2022-41973, CVE-2022-41974)
Changes:
- Toolbox now uses containerd to download and mount the image (toolbox#7)
Updates:
stable-3227.2.4
Changes since Stable 3227.2.3
Security fixes:
- OpenSSL (CVE-2022-3602, CVE-2022-3786)
Changes:
- OpenStack: enabled
coreos-metadata-sshkeys@.serviceto provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246)
Updates:
- ca-certificates (3.84)
beta-3374.1.1
alpha-3402.0.1
beta-3374.1.0
New Beta Release 3374.1.0
Changes since Beta 3346.1.0
Security fixes:
- Linux (CVE-2022-2308, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722)
- Docker (CVE-2022-36109)
- GNU Libtasn1 (Gentoo#866237)
- intel-microcode (CVE-2022-21233)
- libxml2 (CVE-2016-3709, CVE-2022-2309)
- polkit (CVE-2021-4115)
- rsync (CVE-2022-29154)
- unzip (CVE-2022-0529, CVE-2022-0530, CVE-2021-4217)
- zlib (CVE-2022-37434)
Changes:
- OpenStack: enabled
coreos-metadata-sshkeys@.serviceto provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246)
Updates:
- Linux (5.15.74 (includes 5.15.71, 5.15.72, 5.15.73))
- Linux Firmware (20220913)
- ca-certificates (3.84)
- Docker (20.10.18)
- GNU Libtasn1 (4.19.0)
- intel-microcode (20220809)
- libxml2 (2.10.2)
- polkit (121)
- rsync (3.2.6)
- runc (1.1.4)
- unzip (6.0_p27)
- SDK: libxslt (1.1.35)
Changes since Alpha 3374.0.0
Security fixes:
- Linux (CVE-2022-2308, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722)
Changes:
- OpenStack: enabled
coreos-metadata-sshkeys@.serviceto provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246)
Updates:
alpha-3402.0.0
New Alpha Release 3402.0.0
Changes since Alpha 3374.0.0
Security fixes:
- Linux (CVE-2022-2308, CVE-2022-3621, CVE-2022-3646, CVE-2022-3649, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722)
- bind-tools (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- curl (CVE-2022-35252)
- dbus (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012)
- go (CVE-2022-41715, CVE-2022-2880, CVE-2022-2879)
- libxml2 (CVE-2022-40303, CVE-2022-40304)
- logrotate (CVE-2022-1348)
- vim (CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-1725, CVE-2022-3234, CVE-2022-3235, CVE-2022-3278, CVE-2022-3256, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352)
- SDK: rust (CVE-2022-36113, CVE-2022-36114)
Bug fixes:
- Enabled IOMMU on arm64 kernels, the lack of which prevented some systems from booting (coreos-overlay#2235)
Changes:
- Added
CONFIG_NF_CONNTRACK_BRIDGE(for nf_conntrack_bridge) andCONFIG_NFT_BRIDGE_META(for nft_meta_bridge) to the kernel config to allow using conntrack rules for bridges in nftables and to match on bridge interface names (coreos-overlay#2207) - Change CONFIG_WIREGUARD kernel option to module to save space on boot partition (coreos-overlay#2239)
- Disable several arch specific arm64 kernel config options for unsupported platforms to save space on boot partition (coreos-overlay#2239)
- OpenStack: enabled
coreos-metadata-sshkeys@.serviceto provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246) - Switched from
--strip-unneededto--strip-debugwhen installing kernel modules, which makes kernel stacktraces more accurate and makes debugging issues easier (coreos-overlay#2196) - The flatcar-update tool got two new flags to customize ports used on the host while updating flatcar (init#81)
- Add qemu-guest-agent to all amd64 images, it will be automatically enabled when qemu-ga virtio-port is detected (coreos-overlay#2240, portage-stable#373)
Updates:
- Linux (5.15.74 (includes 5.15.71, 5.15.72, 5.15.73))
- Linux Firmware (20221012)
- bind-tools (9.16.33)
- bpftool (5.19.2)
- ca-certificates (3.84)
- curl (7.85)
- dbus (1.14.4)
- Docker (20.10.20)
- git (2.37.3)
- glibc (2.34)
- Go (1.18.7)
- libxml2 (2.10.3)
- logrotate (3.20.1)
- nmap (7.93)
- pahole (1.23)
- strace (5.19)
- vim (9.0.0655)
- wireguard-tools (1.0.20210914)
- zlib (1.2.13)
- SDK: catalyst (3.0.21)
- SDK: cmake (3.23.3)
- SDK: libxslt (1.1.37)
- SDK: meson (0.62.2)
- SDK: ninja (1.11.0)
- SDK: Rust (1.64.0)
lts-3033.3.6
0d467b8
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since LTS 3033.3.5
Security fixes:
- Linux (CVE-2022-2905, CVE-2022-3028, CVE-2022-39190)
- torcx (CVE-2021-38561, CVE-2021-43565, CVE-2022-27191)
Bug fixes:
- Equinix Metal: Fixed serial console settings for the
m3.small.x86instance by expanding the GRUB check fori386tox86_64coreos-overlay#2122
Changes:
- emerge-gitclone: Migrate emerge-gitclone to use scripts repo tags and submodule refs
Updates:
lts-2605.32.1
lts-2605.32.1
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
f7d7ade
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
stable-3227.2.3
Changes since Stable 3227.2.2
Security fixes:
- Linux (CVE-2022-0171, CVE-2022-2663, CVE-2022-2905, CVE-2022-3028, CVE-2022-3061, CVE-2022-3176, CVE-2022-3303, CVE-2022-39190, CVE-2022-39842, CVE-2022-40307)
- Go (CVE-2022-32189)
- torcx (CVE-2022-27191)
- expat (CVE-2022-40674)
Bug fixes:
- Added back
gettextto the OS (Flatcar#849) - Added merging of Ignition systemd duplicated units when auto-translating from Ignition 2 to Ignition 3. (coreos-overlay#2187)
- Equinix Metal: Fixed serial console settings for the
m3.small.x86instance by expanding the GRUB check fori386tox86_64coreos-overlay#2122
Changes:
- emerge-gitclone: Migrate emerge-gitclone to use scripts repo tags and submodule refs