alpha-4054.0.0
tormath1
released this
07 Aug 10:53
·
1602 commits
to main
since this release
Changes since Alpha 4012.0.1
Security fixes:
- curl (CVE-2024-6197, CVE-2024-6874)
- docker (CVE-2024-29018)
- git (CVE-2024-32002, CVE-2024-32004, CVE-2024-32020, CVE-2024-32021, CVE-2024-32465)
- glib (CVE-2024-34397)
- go (CVE-2023-45288, CVE-2023-45289, CVE-2023-45290, CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24788, CVE-2024-24789, CVE-2024-24790, CVE-2024-24791)
- intel-microcode (CVE-2023-45733, CVE-2023-45745, CVE-2023-46103, CVE-2023-47855)
- libarchive (CVE-2024-26256, CVE-2024-37407)
- libxml2 (CVE-2024-34459)
- mit-krb5 (CVE-2024-26461, CVE-2024-26462, CVE-2024-37370, CVE-2024-37371)
- tpm2-tools (CVE-2024-29038, CVE-2024-29039, CVE-2024-29040)
- SDK: nasm (CVE-2019-6290, CVE-2019-6291, CVE-2019-8343, CVE-2020-21528, CVE-2021-33450, CVE-2021-33452, CVE-2022-44368, CVE-2022-44369, CVE-2022-44370)
- sysext-podman: podman (CVE-2024-3727)
- Linux (CVE-2024-42098, CVE-2024-42097, CVE-2024-42096, CVE-2024-42095, CVE-2024-42093, CVE-2024-42094, CVE-2024-42092, CVE-2024-42090, CVE-2024-42089, CVE-2024-42087, CVE-2024-42086, CVE-2024-42084, CVE-2024-42085, CVE-2024-42070, CVE-2024-42069, CVE-2024-42068, CVE-2024-42067, CVE-2024-42082, CVE-2024-42080, CVE-2024-42079, CVE-2024-42077, CVE-2024-42076, CVE-2024-42074, CVE-2024-42073, CVE-2023-52887, CVE-2024-42063, CVE-2024-41094, CVE-2024-41093, CVE-2024-41092, CVE-2024-41089, CVE-2024-41088, CVE-2024-41087, CVE-2024-41098, CVE-2024-41097, CVE-2024-41096, CVE-2024-41095, CVE-2024-41084, CVE-2024-41009, CVE-2024-39486, CVE-2024-42068, CVE-2024-42067, CVE-2024-42145, CVE-2024-42154, CVE-2024-42153, CVE-2024-42152, CVE-2024-42148, CVE-2024-42230, CVE-2024-42229, CVE-2024-42228, CVE-2024-42226, CVE-2024-42225, CVE-2024-42147, CVE-2024-42224, CVE-2024-42223, CVE-2024-42161, CVE-2024-42160, CVE-2024-42159, CVE-2024-42157, CVE-2024-42110, CVE-2024-42119, CVE-2024-42116, CVE-2024-42115, CVE-2024-42144, CVE-2024-42143, CVE-2024-42142, CVE-2024-42141, CVE-2024-42140, CVE-2024-42113, CVE-2024-42138, CVE-2024-42137, CVE-2024-42136, CVE-2024-42135, CVE-2024-42133, CVE-2024-42132, CVE-2024-42131, CVE-2024-42130, CVE-2024-42128, CVE-2024-42127, CVE-2024-42126, CVE-2024-42124, CVE-2024-42121, CVE-2024-42120, CVE-2023-52888, CVE-2024-42106, CVE-2024-42105, CVE-2024-42104, CVE-2024-42103, CVE-2024-42102, CVE-2024-42101, CVE-2024-42100, CVE-2024-42109, CVE-2024-40947, CVE-2024-41056, CVE-2024-41053, CVE-2024-41055, CVE-2024-41054, CVE-2024-41032, CVE-2024-41031, CVE-2024-41030, CVE-2024-41028, CVE-2024-41027, CVE-2024-41052, CVE-2024-41051, CVE-2024-41050, CVE-2024-41049, CVE-2024-41048, CVE-2024-41047, CVE-2024-41046, CVE-2024-41044, CVE-2024-41025, CVE-2024-41041, CVE-2024-41040, CVE-2024-41039, CVE-2024-41038, CVE-2024-41037, CVE-2024-41036, CVE-2024-41035, CVE-2024-41034, CVE-2024-41024, CVE-2024-41081, CVE-2024-41078, CVE-2024-41079, CVE-2024-41076, CVE-2024-41075, CVE-2024-41074, CVE-2024-41073, CVE-2024-41072, CVE-2024-41070, CVE-2024-41069, CVE-2024-41077, CVE-2024-41068, CVE-2024-41066, CVE-2024-41065, CVE-2024-41064, CVE-2024-41063, CVE-2024-41062, CVE-2024-41060, CVE-2024-41059, CVE-2024-41057, CVE-2024-41058, CVE-2024-41022, CVE-2024-41020, CVE-2024-41019, CVE-2024-41018, CVE-2024-41017, CVE-2024-41015, CVE-2024-41090, CVE-2024-41091)
Bug fixes:
- Fixed bad usage of gpg that prevented flatcar-install from being used with custom signing keys (Flatcar#1471)
- Hetzner: Fixed duplicated prefix in the Afterburn metadata (scripts#2141)
Changes:
- As part of the update to Catalyst 4 (used to build the SDK), the coreos package repository has been renamed to coreos-overlay to match its directory name. This will be reflected in package listings and package manager output. (flatcar/scripts#2115)
- Hetzner: Added
COREOS_HETZNER_PRIVATE_IPV4_0
Afterburn attribute for Hetzner private IPs (scripts#2141) - The kernel security module Landlock is now enabled for programs to sandbox themselves (flatcar/scripts#2158)
Updates:
- Linux (6.6.43 (includes 6.6.42, 6.6.41, 6.6.40, 6.6.39, 6.6.38, 6.6.37))
- Linux Firmware (20240709)
- audit (3.1.2)
- binutils (2.42)
- bpftool (6.9.2 (includes 6.8.2))
- btrfs-progs (6.9.2)
- c-ares (1.29.0 (includes 1.28.1, 1.28.0))
- cJSON (1.7.18)
- ca-certificates (3.103 (includes 3.102, 3.102.1, 3.101.1))
- containerd (1.7.20 (includes 1.7.19))
- containers-common (0.59.1)
- cryptsetup (2.7.2 (includes 2.7.1 and 2.7.0))
- curl (8.9.0 (includes 8.8.0))
- docker (26.1.0, includes changes from 25.0)
- e2fsprogs (1.47.1)
- ethtool (6.9)
- findutils (4.10.0)
- gcc (13.3.1_p20240614)
- git (2.44.2 (includes 2.44.1, 2.44.0))
- glib (2.78.6 (includes 2.78.5, 2.78.4))
- gnupg (2.4.5)
- hwdata (0.383 (includes 0.382))
- intel-microcode (20240514_p20240514)
- iproute2 (6.8.0 (includes 6.7.0))
- ipset (7.22)
- kexec-tools (2.0.28)
- kmod (32)
- libarchive (3.7.4 (includes 3.7.3))
- libassuan (2.5.7)
- libcap (2.70)
- libcap-ng (0.8.5)
- libdnet (1.18.0)
- libgpg-error (1.49)
- libksba (1.6.7)
- libnl (3.9.0)
- libnvme (1.9)
- libpcre2 (10.43)
- libunwind (1.8.1 (includes 1.8.0))
- libusb (1.0.27)
- libxml2 (2.12.7 (includes 2.12.6))
- linux-pam (1.5.3)
- lshw (02.20.2b)
- mit-krb5 (1.21.3)
- multipath-tools (0.9.8)
- nmap (7.95)
- nvme-cli (2.9.1 (includes 2.9))
- pciutils (3.13.0 (includes 3.12.0))
- qemu-guest-agent (8.2.0)
- rsync (3.3.0)
- runc (1.1.13)
- sqlite (3.46.0 (includes 3.45.3))
- strace (6.9)
- systemd (255.8)
- talloc (2.4.1)
- tdb (1.4.9)
- tevent (0.15.0)
- tpm2-tools (5.7 (includes 5.6.1, 5.6))
- tpm2-tss (4.1.3 (includes 4.0.2))
- util-linux (2.39.4)
- vim (9.1.0366 (includes 9.1))
- wget (1.24.5)
- whois (5.5.21)
- xfsprogs (6.8.0 (includes 6.6.0))
- xz-utils (5.6.2)
- zlib (1.3.1)
- zstd (1.5.6)
- SDK: Rust (1.80.0)
- SDK: go (1.21.12 includes changes from 1.21)
- SDK: nasm (2.16.01)
- SDK: portage (3.0.65 (includes 3.0.63))
- SDK: qemu (8.2.3)
- sysext-podman: aardvark-dns (1.11.0)
- sysext-podman: podman (5.0.3)
- sysext-python: jaraco-text (3.12.1)
- sysext-python: setuptools (70.3.0 (includes 70.1.1, 70.1.0, 70.0.0, 69.5.1, 69.5.0, 69.4.2, 69.4.1, 69.4.0, 69.3.1, 69.3.0, 69.2.0))
- sysext-python: trove-classifiers (2024.7.2)
- sysext-zfs: zfs (2.2.3)
- VMware: open-vm-tools (12.4.5)