alpha-3745.0.0

Changes since Alpha 3732.0.0

Security fixes:

• Linux (CVE-2023-42755)
• curl (CVE-2023-38039)
• glibc (CVE-2023-4527, CVE-2023-4806)
• lua (CVE-2022-33099)
• mit-krb5 (CVE-2023-36054)
• procps (CVE-2023-4016)
• samba (CVE-2021-44142, CVE-2022-1615)

Bug fixes:

• Triggered re-reading of partition table to fix adding partitions to the boot disk (scripts#1202)

Changes:

• Reworked the VMware OEM software to be shipped as A/B updated systemd-sysext image
• Started shipping default ssh client and ssh daemon configs in /etc/ssh/ssh_config and /etc/ssh/sshd_config which include config snippets in /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d, respectively.
• Use qcow2 compressed format instead of additional compression layer in Qemu images (Flatcar#1135, scripts#1132)
• AWS: AWS OEM images now use a systemd-sysext image for layering additional platform-specific software on top of /usr
• SDK: Experimental support for prefix builds to create distro independent, portable, self-contained applications w/ all dependencies included. With contributions from chewi and HappyTobi.
• VMware: The open-vm-tools package in VMware OEM now comes with vmhgfs-fuse, udev rules, pam and vgauth

Updates:

• Linux (6.1.55)
• Linux Firmware (20230919)
• bind-tools (9.16.42)
• checkpolicy (3.5)
• curl (8.3.0)
• gcc (13.2)
• gzip (1.13)
• libgcrypt (1.10.2)
• libselinux (3.5)
• libsemanage (3.5)
• libsepol (3.5)
• lua (5.4.6)
• mit-krb5 (1.21.2)
• openssh (9.4p1)
• policycoreutils (3.5)
• procps (4.0.4 (includes 4.0.3 and 4.0.0))
• rpcsvc-proto (1.4.4)
• samba (4.18.4)
• selinux-base (2.20221101)
• selinux-base-policy (2.20221101)
• selinux-container (2.20221101)
• selinux-sssd (2.20221101)
• selinux-unconfined (2.20221101)
• semodule-utils (3.5)
• SDK: Rust (1.72.1)
• VMWARE: libdnet (1.16.2 (includes 1.16))