Releases: flatcar/scripts
Releases · flatcar/scripts
alpha-3637.0.0
alpha-3637.0.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
9295eff
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Alpha 3619.0.0
Security fixes:
- Go (CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405)
- c-ares (CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067)
- sudo (CVE-2023-27320, CVE-2023-28486, CVE-2023-28487)
- VMware: open-vm-tools (CVE-2023-20867)
Bug fixes:
- Resolved the conflicting FD usage of libselinux and systemd which caused, e.g., a systemd crash on certain watchdog interaction during shutdown (patch in systemd 252.11)
Changes:
- Added TLS Kernel module (scripts#865)
- Added support for multipart MIME userdata in coreos-cloudinit. Ignition now detects multipart userdata and delegates execution to coreos-cloudinit. (scripts#873)
- Enabled the virtio GPU driver (scripts#830)
- Migrate to Type=notify in containerd.service. Changed the unit to Type=notify, utilizing the existing containerd support for sd_notify call after socket setup. (scripts#866)
- Migrated the NVIDIA installer from the Azure/AWS OEM partition to
/usrto make it available on all platforms (scripts#932, Flatcar#1077) - Azure and QEMU OEM images now use systemd-sysext images for layering additional platform-specific software on top of
/usr. For Azure images this also means that the image has a normal Python installation available through the sysext image. The OEM software is still not updated but this will be added soon. - Moved a mountpoint of the OEM partition from
/usr/share/oemto/oem./usr/share/oembecame a symlink to/oemfor backward compatibility. Despite the move, the initrd images providing files through/usr/share/oemshould keep using/usr/share/oem. The move was done to enable activating the OEM sysext images that are placed in the OEM partition.
Updates:
- Linux (6.1.34 (includes 6.1.33, 6.1.32, 6.1.31))
- Go (1.20.5)
- c-ares (1.19.1)
- ca-certificates (3.90)
- coreutils (9.1)
- debianutils (5.7)
- ethtool (6.2)
- grep (3.8)
- hwdata (0.367)
- iproute (6.2)
- kbd (2.5.1)
- kexec-tools (2.0.24)
- kmod (30)
- less (632)
- nvme-cli (2.3)
- pciutils (3.9.0)
- sed (4.9)
- smartmontools (7.3)
- strace (6.2)
- sudo (1.9.13p3)
- systemd (252.11 (from 252.5))
- usbutils (015)
- util-linux (2.38.1)
- SDK: Rust (1.70.0)
- SDK: man-db (2.11.2)
- SDK: man-pages (6.03)
- VMware: open-vm-tools (12.2.5)
stable-3510.2.3
stable-3510.2.3
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
96cd6b3
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
lts-3033.3.14
lts-3033.3.14
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
4a35ad7
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
beta-3602.1.1
beta-3602.1.1
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
7c81315
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Beta 3602.1.0
Bug fixes:
- Resolved the conflicting FD usage of libselinux and systemd which caused, e.g., a systemd crash on certain watchdog interaction during shutdown (patch in systemd 252.11)
Updates:
stable-3510.2.2
stable-3510.2.2
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
e2914b7
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Stable 3510.2.1
Security fixes:
Bug fixes:
Changes:
Updates:
lts-3033.3.13
lts-3033.3.13
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
49bbd26
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since LTS 3033.3.12
Security fixes:
- Linux (CVE-2022-39189, CVE-2023-1380, CVE-2023-2002, CVE-2023-2269, CVE-2023-2513, CVE-2023-31436, CVE-2023-32233)
Bug fixes:
Changes:
Updates:
beta-3602.1.0
beta-3602.1.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
d149ebf
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Beta 3572.1.0
Security fixes:
- Linux (CVE-2022-48425)
- Go (CVE-2023-24539, CVE-2023-24540, CVE-2023-29400)
- OpenSSH (CVE-2023-28531)
- OpenSSL (CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255)
- bash (CVE-2022-3715)
- c-ares (CVE-2022-4904)
- curl (CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538)
- libxml2 (CVE-2023-28484, CVE-2023-29469)
Bug fixes:
- Restored the reboot warning and delay for non-SSH console sessions (locksmith#21)
Changes:
- Changed coreos-cloudinit to now set the short hostname instead of the FQDN when fetched from the metadata service (coreos-cloudinit#19)
Updates:
- Linux (5.15.113 (includes 5.15.112))
- Go (1.19.9)
- OpenSSH (9.3)
- bash (5.2)
- bpftool (6.2.1)
- c-ares (1.19.0)
- containerd (1.6.21)
- curl (8.0.1)
- e2fsprogs (1.47.0)
- gdb (13.1.90)
- GLib (2.74.6)
- libarchive (3.6.2)
- libxml2 (2.10.4)
- multipath-tools (0.9.4)
- pinentry (1.2.1)
- readline (8.2)
- runc (1.1.7)
- sqlite (3.41.2)
- XZ utils (5.4.2)
- SDK: nano (7.2)
Changes since Alpha 3602.0.0
Security fixes:
- Linux (CVE-2022-48425)
Bug fixes:
Changes:
Updates:
alpha-3619.0.0
alpha-3619.0.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
92b29fd
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
NOTE: this release has an issue with Equinix Metal arm64. Specific instances like c3.large.arm64 (Ampere Altra systems) do not boot with Kernel 6.1, due to soft lockup. In case of the systems, please stay with the previous version 3602.0.0 with Kernel 5.15. No other cloud provider is affected by the issue. The amd64 systems are also not affected.
Changes since Alpha 3602.0.0
Security fixes:
- Linux (CVE-2020-36516, CVE-2021-26401, CVE-2021-33135, CVE-2021-33655, CVE-2021-3923, CVE-2021-4155, CVE-2021-4197, CVE-2021-43976, CVE-2021-44879, CVE-2021-45469, CVE-2022-0001, CVE-2022-0002, CVE-2022-0168, CVE-2022-0185, CVE-2022-0330, CVE-2022-0382, CVE-2022-0433, CVE-2022-0435, CVE-2022-0487, CVE-2022-0492, CVE-2022-0494, CVE-2022-0500, CVE-2022-0516, CVE-2022-0617, CVE-2022-0742, CVE-2022-0847, CVE-2022-0995, CVE-2022-1011, CVE-2022-1012, CVE-2022-1015, CVE-2022-1016, CVE-2022-1048, CVE-2022-1055, CVE-2022-1158, CVE-2022-1184, CVE-2022-1198, CVE-2022-1199, CVE-2022-1204, CVE-2022-1205, CVE-2022-1263, CVE-2022-1353, CVE-2022-1462, CVE-2022-1516, CVE-2022-1651, CVE-2022-1652, CVE-2022-1671, CVE-2022-1679, CVE-2022-1729, CVE-2022-1734, CVE-2022-1789, CVE-2022-1852, CVE-2022-1882, CVE-2022-1943, CVE-2022-1973, CVE-2022-1974, CVE-2022-1975, CVE-2022-1976, CVE-2022-1998, CVE-2022-20008, CVE-2022-20158, CVE-2022-20368, CVE-2022-20369, CVE-2022-20421, CVE-2022-20422, CVE-2022-20423, CVE-2022-20566, CVE-2022-20572, CVE-2022-2078, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21499, CVE-2022-21505, CVE-2022-2153, CVE-2022-2196, CVE-2022-22942, CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042, CVE-2022-2308, CVE-2022-2318, CVE-2022-23222, CVE-2022-2380, CVE-2022-23960, CVE-2022-24448, CVE-2022-24958, CVE-2022-24959, CVE-2022-2503, CVE-2022-25258, CVE-2022-25375, CVE-2022-25636, CVE-2022-2585, CVE-2022-2586, CVE-2022-2588, CVE-2022-2590, CVE-2022-2602, CVE-2022-26365, CVE-2022-26373, CVE-2022-2639, CVE-2022-26490, CVE-2022-2663, CVE-2022-26966, CVE-2022-27223, CVE-2022-27666, CVE-2022-27672, CVE-2022-2785, CVE-2022-27950, CVE-2022-28356, CVE-2022-28388, CVE-2022-28389, CVE-2022-28390, CVE-2022-2873, CVE-2022-28796, CVE-2022-28893, CVE-2022-2905, CVE-2022-29156, CVE-2022-2938, CVE-2022-29581, CVE-2022-29582, CVE-2022-2959, CVE-2022-2964, CVE-2022-2977, CVE-2022-2978, CVE-2022-29900, CVE-2022-29901, CVE-2022-29968, CVE-2022-3028, CVE-2022-30594, CVE-2022-3077, CVE-2022-3078, CVE-2022-3104, CVE-2022-3105, CVE-2022-3107, CVE-2022-3108, CVE-2022-3110, CVE-2022-3111, CVE-2022-3112, CVE-2022-3113, CVE-2022-3115, CVE-2022-3169, CVE-2022-3202, [CVE-2022-32250](https://nvd.ni...
beta-3572.1.0
beta-3572.1.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
6a8103a
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Beta 3549.1.1
Security fixes:
- Linux (CVE-2023-1380, CVE-2023-2002, CVE-2023-31436)
- Docker (CVE-2023-28840, CVE-2023-28841, CVE-2023-28842)
- Go (CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538)
- runc (CVE-2023-25809, CVE-2023-27561, CVE-2023-28642)
- tar (CVE-2022-48303)
- vim (CVE-2023-1127, CVE-2023-1175, CVE-2023-1170)
Bug fixes:
- Fixed a miscompilation of getfacl causing it to dump core when executed (scripts#809)
Changes:
- Improved the OS reset tool to offer preview, backup and restore (init#94)
Updates:
- Linux (5.15.111 (includes 5.15.110, 5.15.109))
- Linux Firmware (20230404)
- ca-certificates (3.89.1)
- containerd (1.6.20)
- docker (20.10.24)
- go (1.19.8)
- iperf (3.13)
- runc (1.1.5)
- vim (9.0.1403)
- zstandard (1.5.4)
- SDK: pahole (1.24)
- SDK: rust (1.68.2)
Changes since Alpha 3572.0.1
Security fixes:
- Linux (CVE-2023-1380, CVE-2023-2002, CVE-2023-31436)
Bug fixes:
- Fixed a miscompilation of getfacl causing it to dump core when executed (scripts#809)
Updates:
alpha-3602.0.0
alpha-3602.0.0
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
b604f6d
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since Alpha 3572.0.1
Security fixes:
- Linux (CVE-2023-1380, CVE-2023-2002, CVE-2023-31436)
- Go (CVE-2023-24539, CVE-2023-24540, CVE-2023-29400)
- OpenSSH (CVE-2023-28531)
- OpenSSL (CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255)
- bash (CVE-2022-3715)
- c-ares (CVE-2022-4904)
- curl (CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538)
- libxml2 (CVE-2023-28484, CVE-2023-29469)
Bug fixes:
- Fixed a miscompilation of getfacl causing it to dump core when executed (scripts#809)
- Restored the reboot warning and delay for non-SSH console sessions (locksmith#21)
Changes:
- Changed coreos-cloudinit to now set the short hostname instead of the FQDN when fetched from the metadata service (coreos-cloudinit#19)
Updates:
- Linux (5.15.111 (includes 5.15.110, 5.15.109))
- bash (5.2)
- bpftool (6.2.1)
- c-ares (1.19.0)
- ca-certificates (3.89.1)
- containerd (1.6.21)
- curl (8.0.1)
- e2fsprogs (1.47.0)
- gdb (13.1.90)
- glib (2.74.6)
- go (1.19.9)
- libarchive (3.6.2)
- libxml2 (2.10.4)
- multipath-tools (0.9.4)
- openSSH (9.3)
- pinentry (1.2.1)
- readline (8.2)
- runc (1.1.7)
- sqlite (3.41.2)
- xz-utils (5.4.2)
- SDK: nano (7.2)