flatcar/scripts alpha-3535.0.0 on GitHub

Changes since Alpha 3510.0.0

Linux (CVE-2022-2196, CVE-2022-27672, CVE-2022-3707, CVE-2023-1078, CVE-2023-26545)
Go (CVE-2022-41723, CVE-2022-41724, CVE-2022-41725)
OpenSSH (CVE-2023-25136)
OpenSSL (CVE-2022-4203, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0286, CVE-2023-0401)
containerd (CVE-2023-25153, CVE-2023-25173)
e2fsprogs (CVE-2022-1304)
intel-microcode (CVE-2022-21216, CVE-2022-33196, CVE-2022-38090)
less (CVE-2022-46663)
torcx (CVE-2022-32149)
SDK: dnsmasq (CVE-2022-0934)

Excluded the special Kubernetes network interfaces nodelocaldns and kube-ipvs0 from being managed with systemd-networkd which interfered with the setup (init#89).

Added a new flatcar-reset tool and boot logic for selective OS resets to reconfigure the system with Ignition while avoiding config drift (bootengine#55, init#91)
On boot any files in /etc that are the same as provided by the booted /usr/share/flatcar/etc default for the overlay mount on /etc are deleted to ensure that future updates of /usr/share/flatcar/etc are propagated - to opt out create /etc/.no-dup-update in case you want to keep an unmodified config file as is or because you fear that a future Flatcar version may use the same file as you at which point your copy is cleaned up and any other future Flatcar changes would be applied (bootengine#54)
Switched systemd log reporting to the combined format of both unit description, as before, and now the unit name to easily find the unit (coreos-overlay#2436)
/etc is now set up as overlayfs with the original /etc folder being the store for changed files/directories and /usr/share/flatcar/etc providing the lower default directory tree (bootengine#53, scripts#666)