Releases: flatcar/scripts
Releases · flatcar/scripts
beta-3374.1.1
alpha-3402.0.1
beta-3374.1.0
New Beta Release 3374.1.0
Changes since Beta 3346.1.0
Security fixes:
- Linux (CVE-2022-2308, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722)
- Docker (CVE-2022-36109)
- GNU Libtasn1 (Gentoo#866237)
- intel-microcode (CVE-2022-21233)
- libxml2 (CVE-2016-3709, CVE-2022-2309)
- polkit (CVE-2021-4115)
- rsync (CVE-2022-29154)
- unzip (CVE-2022-0529, CVE-2022-0530, CVE-2021-4217)
- zlib (CVE-2022-37434)
Changes:
- OpenStack: enabled
[email protected]to provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246)
Updates:
- Linux (5.15.74 (includes 5.15.71, 5.15.72, 5.15.73))
- Linux Firmware (20220913)
- ca-certificates (3.84)
- Docker (20.10.18)
- GNU Libtasn1 (4.19.0)
- intel-microcode (20220809)
- libxml2 (2.10.2)
- polkit (121)
- rsync (3.2.6)
- runc (1.1.4)
- unzip (6.0_p27)
- SDK: libxslt (1.1.35)
Changes since Alpha 3374.0.0
Security fixes:
- Linux (CVE-2022-2308, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722)
Changes:
- OpenStack: enabled
[email protected]to provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246)
Updates:
alpha-3402.0.0
New Alpha Release 3402.0.0
Changes since Alpha 3374.0.0
Security fixes:
- Linux (CVE-2022-2308, CVE-2022-3621, CVE-2022-3646, CVE-2022-3649, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722)
- bind-tools (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- curl (CVE-2022-35252)
- dbus (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012)
- go (CVE-2022-41715, CVE-2022-2880, CVE-2022-2879)
- libxml2 (CVE-2022-40303, CVE-2022-40304)
- logrotate (CVE-2022-1348)
- vim (CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-1725, CVE-2022-3234, CVE-2022-3235, CVE-2022-3278, CVE-2022-3256, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352)
- SDK: rust (CVE-2022-36113, CVE-2022-36114)
Bug fixes:
- Enabled IOMMU on arm64 kernels, the lack of which prevented some systems from booting (coreos-overlay#2235)
Changes:
- Added
CONFIG_NF_CONNTRACK_BRIDGE(for nf_conntrack_bridge) andCONFIG_NFT_BRIDGE_META(for nft_meta_bridge) to the kernel config to allow using conntrack rules for bridges in nftables and to match on bridge interface names (coreos-overlay#2207) - Change CONFIG_WIREGUARD kernel option to module to save space on boot partition (coreos-overlay#2239)
- Disable several arch specific arm64 kernel config options for unsupported platforms to save space on boot partition (coreos-overlay#2239)
- OpenStack: enabled
[email protected]to provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246) - Switched from
--strip-unneededto--strip-debugwhen installing kernel modules, which makes kernel stacktraces more accurate and makes debugging issues easier (coreos-overlay#2196) - The flatcar-update tool got two new flags to customize ports used on the host while updating flatcar (init#81)
- Add qemu-guest-agent to all amd64 images, it will be automatically enabled when qemu-ga virtio-port is detected (coreos-overlay#2240, portage-stable#373)
Updates:
- Linux (5.15.74 (includes 5.15.71, 5.15.72, 5.15.73))
- Linux Firmware (20221012)
- bind-tools (9.16.33)
- bpftool (5.19.2)
- ca-certificates (3.84)
- curl (7.85)
- dbus (1.14.4)
- Docker (20.10.20)
- git (2.37.3)
- glibc (2.34)
- Go (1.18.7)
- libxml2 (2.10.3)
- logrotate (3.20.1)
- nmap (7.93)
- pahole (1.23)
- strace (5.19)
- vim (9.0.0655)
- wireguard-tools (1.0.20210914)
- zlib (1.2.13)
- SDK: catalyst (3.0.21)
- SDK: cmake (3.23.3)
- SDK: libxslt (1.1.37)
- SDK: meson (0.62.2)
- SDK: ninja (1.11.0)
- SDK: Rust (1.64.0)
lts-3033.3.6
0d467b8
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
Changes since LTS 3033.3.5
Security fixes:
- Linux (CVE-2022-2905, CVE-2022-3028, CVE-2022-39190)
- torcx (CVE-2021-38561, CVE-2021-43565, CVE-2022-27191)
Bug fixes:
- Equinix Metal: Fixed serial console settings for the
m3.small.x86instance by expanding the GRUB check fori386tox86_64coreos-overlay#2122
Changes:
- emerge-gitclone: Migrate emerge-gitclone to use scripts repo tags and submodule refs
Updates:
lts-2605.32.1
lts-2605.32.1
This tag was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
f7d7ade
This commit was signed with the committer’s verified signature.
sayanchowdhury
Sayan Chowdhury
stable-3227.2.3
Changes since Stable 3227.2.2
Security fixes:
- Linux (CVE-2022-0171, CVE-2022-2663, CVE-2022-2905, CVE-2022-3028, CVE-2022-3061, CVE-2022-3176, CVE-2022-3303, CVE-2022-39190, CVE-2022-39842, CVE-2022-40307)
- Go (CVE-2022-32189)
- torcx (CVE-2022-27191)
- expat (CVE-2022-40674)
Bug fixes:
- Added back
gettextto the OS (Flatcar#849) - Added merging of Ignition systemd duplicated units when auto-translating from Ignition 2 to Ignition 3. (coreos-overlay#2187)
- Equinix Metal: Fixed serial console settings for the
m3.small.x86instance by expanding the GRUB check fori386tox86_64coreos-overlay#2122
Changes:
- emerge-gitclone: Migrate emerge-gitclone to use scripts repo tags and submodule refs
Updates:
beta-3346.1.0
Changes since Beta 3277.1.2
Security fixes:
- Linux (CVE-2022-0171, CVE-2022-2663, CVE-2022-2905, CVE-2022-3028, CVE-2022-3061, CVE-2022-3176, CVE-2022-3303, CVE-2022-39190, CVE-2022-39842, CVE-2022-40307)
- Go (CVE-2022-27664, CVE-2022-32190, (CVE-2022-32189))
- binutils (CVE-2021-45078)
- cifs-utils (CVE-2022-27239, CVE-2022-29869)
- curl (CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208)
- expat (CVE-2022-40674)
- git (CVE-2022-29187)
- gnupg (CVE-2022-34903)
- gnutls (CVE-2022-2509)
- libtirpc (CVE-2021-46828)
- oniguruma (oniguruma-20220430)
- open-vm-tools (CVE-2022-31676)
- shadow (CVE-2013-4235)
- vim (CVE-2022-0629, CVE-2022-0685, CVE-2022-0714, CVE-2022-0729, CVE-2022-0943, CVE-2022-1154, CVE-2022-1160, CVE-2022-1381, CVE-2022-1420, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735, CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796, CVE-2022-1897, CVE-2022-1898, CVE-2022-1886, CVE-2022-1851, CVE-2022-1927, CVE-2022-1942, CVE-2022-1968, CVE-2022-2000)
Bug fixes:
- Added back
gettextto the OS (Flatcar#849) - Added merging of Ignition systemd duplicated units when auto-translating from Ignition 2 to Ignition 3. (coreos-overlay#2187)
- Equinix Metal: Fixed serial console settings for the
m3.small.x86instance by expanding the GRUB check fori386tox86_64(coreos-overlay#2122) - Removed outdated LTS channel information printed on login (init#75)
Changes:
- Added symlink from
nctoncat.-qoption is not yet supported (flatcar#545) - emerge-gitclone: Migrate emerge-gitclone to use scripts repo tags and submodule refs
Updates:
- Linux (5.15.70 (includes 5.15.69, 5.15.68, 5.15.67, 5.15.66, 5.15.65, 5.15.64, 5.15.51))
- Linux Firmware (20220815 (includes 20220708))
- Go (1.18.6)
- adcli (0.9.1)
- automake (1.16.5)
- binutils (2.38)
- bison (3.8.2)
- boost (1.79)
- ca-certificates (3.83)
- cifs-utils (6.15)
- containerd (1.6.8 (includes 1.6.7))
- curl (7.84.0)
- Cyrus SASL (2.1.28)
- expat (2.4.9)
- gcc (11.3.0)
- gdb (11.2)
- gettext (0.21)
- git (2.37.1)
- glib (2.72.3)
- gnupg (2.2.35)
- gnutls (3.7.7)
- libtool (2.4.7)
- locksmith(0.7.0)
- oniguruma (6.9.8)
- perl (5.34.1)
- pkgconf (1.8.0)
- shadow (4.12.3)
- sudo (1.9.10)
- vim (8.2.5066)
- SDK: Rust (1.63.0 (includes 1.62.1, 1.62.0))
- VMware: open-vm-tools (12.1.0)
Changes since Alpha 3346.0.0
Security fixes:
- Linux (CVE-2022-0171, CVE-2022-2663, CVE-2022-2905, CVE-2022-3028, CVE-2022-3061, CVE-2022-3176, CVE-2022-3303, CVE-2022-39190, CVE-2022-39842, CVE-2022-40307)
- Go (CVE-2022-27664, CVE-2022-32190)
- expat (CVE-2022-40674)
Bug fixes:
- Added back
gettextto the OS (Flatcar#849) - Added merging of Ignition systemd duplicated units when auto-translating from Ignition 2 to Ignition 3. (coreos-overlay#2187)
- Equinix Metal: Fixed serial console settings for the
m3.small.x86instance by expanding the GRUB check fori386tox86_64(coreos-overlay#2122)
Changes:
- emerge-gitclone: Migrate emerge-gitclone to use scripts repo tags and submodule refs
Updates:
alpha-3374.0.0
Changes since Alpha 3346.0.0
Security fixes:
- Linux (CVE-2022-0171, CVE-2022-2663, CVE-2022-2905, CVE-2022-3028, CVE-2022-3061, CVE-2022-3176, CVE-2022-3303, CVE-2022-39190, CVE-2022-39842, CVE-2022-40307)
- Go (CVE-2022-27664, CVE-2022-32190)
- Docker (CVE-2022-36109)
- expat (CVE-2022-40674)
- intel-microcode (CVE-2022-21233)
- GNU Libtasn1 (Gentoo#866237)
- libxml2 (CVE-2016-3709, CVE-2022-2309)
- polkit (CVE-2021-4115)
- rsync (CVE-2022-29154)
- unzip (CVE-2022-0529, CVE-2022-0530, CVE-2021-4217)
- zlib (CVE-2022-37434)
Bug fixes:
- Added back
gettextto the OS (Flatcar#849) - Added merging of Ignition systemd duplicated units when auto-translating from Ignition 2 to Ignition 3. (coreos-overlay#2187)
- Equinix Metal: Fixed serial console settings for the
m3.small.x86instance by expanding the GRUB check fori386tox86_64(coreos-overlay#2122)
Changes:
- emerge-gitclone: Migrate emerge-gitclone to use scripts repo tags and submodule refs
Updates:
- Linux (5.15.70 (includes 5.15.69, 5.15.68, 5.15.67, 5.15.66, 5.15.65, 5.15.64))
- Linux Firmware (20220913)
- Go (1.18.6)
- ca-certificates (3.83)
- Docker (20.10.18)
- expat (2.4.9)
- gettext (0.21)
- intel-microcode (20220809)
- GNU Libtasn1 (4.19.0)
- libxml2 (2.10.2)
- locksmith(0.7.0)
- polkit (121)
- rsync (3.2.6)
- runc (1.1.4)
- unzip (6.0_p27)
- SDK: libxslt (1.1.35)