alpha-3402.0.0
sayanchowdhury
released this
26 Oct 09:25
·
23540 commits
to main
since this release
New Alpha Release 3402.0.0
Changes since Alpha 3374.0.0
Security fixes:
- Linux (CVE-2022-2308, CVE-2022-3621, CVE-2022-3646, CVE-2022-3649, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722)
- bind-tools (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
- curl (CVE-2022-35252)
- dbus (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012)
- go (CVE-2022-41715, CVE-2022-2880, CVE-2022-2879)
- libxml2 (CVE-2022-40303, CVE-2022-40304)
- logrotate (CVE-2022-1348)
- vim (CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-1725, CVE-2022-3234, CVE-2022-3235, CVE-2022-3278, CVE-2022-3256, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352)
- SDK: rust (CVE-2022-36113, CVE-2022-36114)
Bug fixes:
- Enabled IOMMU on arm64 kernels, the lack of which prevented some systems from booting (coreos-overlay#2235)
Changes:
- Added
CONFIG_NF_CONNTRACK_BRIDGE
(for nf_conntrack_bridge) andCONFIG_NFT_BRIDGE_META
(for nft_meta_bridge) to the kernel config to allow using conntrack rules for bridges in nftables and to match on bridge interface names (coreos-overlay#2207) - Change CONFIG_WIREGUARD kernel option to module to save space on boot partition (coreos-overlay#2239)
- Disable several arch specific arm64 kernel config options for unsupported platforms to save space on boot partition (coreos-overlay#2239)
- OpenStack: enabled
[email protected]
to provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246) - Switched from
--strip-unneeded
to--strip-debug
when installing kernel modules, which makes kernel stacktraces more accurate and makes debugging issues easier (coreos-overlay#2196) - The flatcar-update tool got two new flags to customize ports used on the host while updating flatcar (init#81)
- Add qemu-guest-agent to all amd64 images, it will be automatically enabled when qemu-ga virtio-port is detected (coreos-overlay#2240, portage-stable#373)
Updates:
- Linux (5.15.74 (includes 5.15.71, 5.15.72, 5.15.73))
- Linux Firmware (20221012)
- bind-tools (9.16.33)
- bpftool (5.19.2)
- ca-certificates (3.84)
- curl (7.85)
- dbus (1.14.4)
- Docker (20.10.20)
- git (2.37.3)
- glibc (2.34)
- Go (1.18.7)
- libxml2 (2.10.3)
- logrotate (3.20.1)
- nmap (7.93)
- pahole (1.23)
- strace (5.19)
- vim (9.0.0655)
- wireguard-tools (1.0.20210914)
- zlib (1.2.13)
- SDK: catalyst (3.0.21)
- SDK: cmake (3.23.3)
- SDK: libxslt (1.1.37)
- SDK: meson (0.62.2)
- SDK: ninja (1.11.0)
- SDK: Rust (1.64.0)