Skip to content

2.0.20231115

Compare
Choose a tag to compare
@jslobodzian jslobodzian released this 18 Nov 02:54
· 870 commits to 2.0 since this release

Add debug to PR check pipeline to debug intermittent issue
Add kernel-mos with AMDGPU drivers
Add retry workaround when Package Installation fail.
Add tdnf remove cache script and run it for marketplace images
Added CredScan exception for doc and test sample secrets.
Cherry Pick bug and feature template updates to main
Clarify login instructions
Clarify that passwords are not permitted for production use in meta user data configuration file
Cosmetic change with chrony removed references to NetworkManager
Fix safechoot unmount ordering.
Image Customizer: Move partition utils into their own file.
Merge branch 'main' into 2.0
Merge branch 'main' into 2.0
Nopatch kernel CVE-2023-2430, CVE-2023-3338, CVE-2023-39191, CVE-2023-42752 ...
Prepare November 2023 Release
Sparse disk creation bug fix.
Support N+1 goal nodes for scheduler
Switch ccache to using compiler content instead of its modified time.
Toolkit: Add retry to safemount.Close().
Toolkit: Improvements for UpdateFstab and CreateSparseDisk
Toolkit: Move ConfigureDiskBootloader function.
Update multus to v4.0.2
Upgrade blobfuse2 2.1.0 -> 2.1.1
Upgrade kata-containers-cc to 0.6.2
Upgrade kernel-mshv, kernel-uvm, kernel-uvm-cvm
Upgrade moby-containerd-cc to 1.7.2
Use embedded binary resources for grub templates.
Using separate buffer per analyzed spec in rpmssnapshot.go.
Patch frr for CVE-2023-46752 and CVE-2023-46753 - branch main
Patched CVE-2023-46316 for traceroute - branch main.
Patched telegraf CVE-2023-46129. - branch main
Switched to building with fewer CPUs per package. - branch main
Upgrade kured to 1.13.2 for CVEs on vendor code - branch main
Upgrade memcached to v1.6.22: Fixes CVEs 2023-46852 and 2023-46853 - branch main
Upgraded PyYAML to 5.4 to fix CVEs: 2020-1747, CVE-2020-14343. - branch main
Upgrade kernel to version 5.15.137.1 to address CVE-2023-1192 CVE-2023-46813 CVE-2023-5717
containerized-build: Add option to keep container
fix wrong rights for toolkit/imageconfigs/additionalconfigs/configure…
fix wrong rights for toolkit/imageconfigs/postinstallscripts/remove-tdnf-cache.sh
toolkit: fix user instructions on toolchain build error
toolkit: gomod: bump dependencies to address CVEs
toolkit: gomod: upgrade gonum 0.11.0 -> 0.14.0
Upgrade mysql to 8.0.34

Kata-CC: Fixed occasional, sudden node crashes on CC pod start-up (fix in kernel-mshv based on new LSG release)
Kata-CC: Support for container images from private container image registries
Kata-CC: Support for v1 container images for the tardev-snapshotter (still unsupported by the policy feature)
Kata-CC: Support for container image layer sharing between different pod runtime handlers (runc, kernel-isolation, confidential containers)
Kata-CC: Support for updating ConfigMaps/Secrets at pod run time