flatcar/scripts alpha-4152.0.0

on GitHub

Changes since Alpha 4116.0.0

Security fixes:

• Linux (CVE-2024-50179, CVE-2024-50176, CVE-2024-50175, CVE-2024-50012, CVE-2024-50008, CVE-2024-50007, CVE-2024-50006, CVE-2024-50005, CVE-2024-50016, CVE-2024-50015, CVE-2024-50013, CVE-2024-50003, CVE-2024-50002, CVE-2024-50001, CVE-2024-50000, CVE-2024-49997, CVE-2024-49996, CVE-2024-49995, CVE-2024-49955, CVE-2024-49963, CVE-2024-49962, CVE-2024-49961, CVE-2024-49960, CVE-2024-49959, CVE-2024-49993, CVE-2024-49992, CVE-2024-49991, CVE-2024-49989, CVE-2024-49988, CVE-2024-49987, CVE-2024-49986, CVE-2024-49985, CVE-2024-49958, CVE-2024-49983, CVE-2024-49982, CVE-2024-49981, CVE-2024-49980, CVE-2024-49978, CVE-2024-49977, CVE-2024-49976, CVE-2024-49975, CVE-2024-49957, CVE-2024-49973, CVE-2024-49969, CVE-2024-49967, CVE-2024-49966, CVE-2024-49965, CVE-2024-49924, CVE-2024-49954, CVE-2024-49953, CVE-2024-49952, CVE-2024-49951, CVE-2024-49950, CVE-2024-49949, CVE-2024-49948, CVE-2024-49947, CVE-2024-49946, CVE-2024-49944, CVE-2024-49939, CVE-2024-49938, CVE-2024-49937, CVE-2024-49936, CVE-2024-49935, CVE-2024-49933, CVE-2024-49931, CVE-2024-49930, CVE-2024-49929, CVE-2024-49927, CVE-2024-49925, CVE-2024-49875, CVE-2024-49884, CVE-2024-49883, CVE-2024-49882, CVE-2024-49881, CVE-2024-49879, CVE-2024-49913, CVE-2024-49912, CVE-2024-49907, CVE-2024-49905, CVE-2024-49878, CVE-2024-49903, CVE-2024-49902, CVE-2024-49901, CVE-2024-49900, CVE-2024-49896, CVE-2024-49895, CVE-2024-49877, CVE-2024-49894, CVE-2024-49892, CVE-2024-49890, CVE-2024-49889, CVE-2024-49886, CVE-2024-49863, CVE-2024-49871, CVE-2024-49870, CVE-2024-49868, CVE-2024-49867, CVE-2024-49866, CVE-2024-49874, CVE-2024-49864, CVE-2024-47704, CVE-2024-50191, CVE-2024-50189, CVE-2024-50188, CVE-2024-50187, CVE-2024-50186, CVE-2024-50185, CVE-2024-50184, CVE-2024-50183, CVE-2024-50182, CVE-2024-50180, CVE-2024-50181, CVE-2024-50097, CVE-2024-50096, CVE-2024-50095, CVE-2024-50093, CVE-2024-50089, CVE-2024-50058, CVE-2024-50065, CVE-2024-50064, CVE-2024-50063, CVE-2024-50062, CVE-2024-50061, CVE-2024-50060, CVE-2024-50059, CVE-2024-50026, CVE-2024-50024, CVE-2024-50023, CVE-2024-50057, CVE-2024-50055, CVE-2024-50049, CVE-2024-50022, CVE-2024-50048, CVE-2024-50047, CVE-2024-50046, CVE-2024-50045, CVE-2024-50044, CVE-2024-50041, CVE-2024-50040, CVE-2024-50039, CVE-2024-50038, CVE-2024-50036, CVE-2024-50035, CVE-2024-50033, CVE-2024-50032, CVE-2024-50031, CVE-2024-50029, CVE-2024-50019, CVE-2024-50201, CVE-2024-50202, CVE-2024-50101, CVE-2024-50098, CVE-2024-50099, CVE-2024-50088, CVE-2024-50087, CVE-2024-50086, CVE-2024-50085, CVE-2024-50084, CVE-2024-50083, CVE-2024-50082, CVE-2024-50080, CVE-2024-50077, CVE-2024-50076, CVE-2024-50075, CVE-2024-50074, CVE-2024-50073, CVE-2024-50072, CVE-2024-50070, CVE-2024-50078, CVE-2024-50069, CVE-2024-50066, CVE-2024-50211, CVE-2024-50210, CVE-2024-50209, CVE-2024-50208, CVE-2024-50205, CVE-2024-50155, CVE-2024-50164, CVE-2024-50163, CVE-2024-50162, CVE-2024-50160, CVE-2024-50159, CVE-2024-50158, CVE-2024-50172, CVE-2024-50171, CVE-2024-50170, CVE-2024-50169, CVE-2024-50168, CVE-2024-50167, CVE-2024-50166, CVE-2024-50156, CVE-2024-50148, CVE-2024-50147, CVE-2024-50145, CVE-2024-50143, CVE-2024-50142, CVE-2024-50141, CVE-2024-50154, CVE-2024-50153, CVE-2024-50152, CVE-2024-50151, CVE-2024-50150, CVE-2024-50139, CVE-2024-50140, CVE-2024-50128, CVE-2024-50136, CVE-2024-50135, CVE-2024-50134, CVE-2024-50133, CVE-2024-50131, CVE-2024-50130, CVE-2024-50111, CVE-2024-50110, CVE-2024-50108, CVE-2024-50127, CVE-2024-50126, CVE-2024-50125, CVE-2024-50124, CVE-2024-50121, CVE-2024-50120, CVE-2024-50117, CVE-2024-50116, CVE-2024-50115, CVE-2024-50112, CVE-2024-50103, CVE-2024-50262, CVE-2024-50259, CVE-2024-50261, CVE-2024-50226, CVE-2024-50235, CVE-2024-50234, CVE-2024-50233, CVE-2024-50232, CVE-2024-50231, CVE-2024-50230, CVE-2024-50258, CVE-2024-50257, CVE-2024-50256, CVE-2024-50229, CVE-2024-50255, CVE-2024-50252, CVE-2024-50251, CVE-2024-50250, CVE-2024-50249, CVE-2024-50248, CVE-2024-50247, CVE-2024-50246, CVE-2024-50228, CVE-2024-50245, CVE-2024-50244, CVE-2024-50243, CVE-2024-50242, CVE-2024-50240, CVE-2024-50239, CVE-2024-50237, CVE-2024-50236, CVE-2024-50219, CVE-2024-50218, CVE-2024-50216, CVE-2024-50215, CVE-2024-50224, CVE-2024-50223, CVE-2024-50222)
• curl (CVE-2024-8096)
• libarchive (CVE-2024-26256, CVE-2024-48957, CVE-2024-48958)
• nvidia-drivers (CVE-2023-31022, CVE-2024-0074, CVE-2024-0075, CVE-2024-0078, CVE-2024-0126)
• openssh (CVE-2024-39894)
• sysext-podman: containers-common (CVE-2024-9341)
• sysext-podman: containers-image (CVE-2024-3727)
• sysext-podman: podman (CVE-2024-9407)

Changes:

• Added Proxmox Virtual Environment images (scripts#1783)
• The UEFI firmware has changed from raw (.fd) format to QCOW2 format. In addition, the amd64 firmware variables are now held in a 4MB image rather than a 2MB image. Note that this firmware is only intended for testing with QEMU. Do not use it in production. (scripts#2434)
• The arm64 UEFI firmware now supports Secure Boot. Be aware that this is not considered secure due to the lack of an SMM implementation, which is needed to protect the variable store. As above, this firmware should not be used in production anyway. (scripts#2434)
• grub 2.12-flatcar3: GRUB now includes many patches from Red Hat to support Secure Boot, as well as Flatcar's own patches. The version string includes a numbered "flatcar" suffix to track changes to these additional patches. This string can be seen in the GRUB menu. (scripts#2431)
• Disable CONFIG_NFS_V4_2_READ_PLUS kernel config to fix nfs-ganesha (flatcar/scripts#2390)

Updates:

• Ignition (2.20.0)
• Linux (6.6.60 (includes 6.6.59, 6.6.58, 6.6.57, 6.6.56, 6.6.55))
• Linux Firmware (20241017)
• SDK: Go (1.22.9)
• SDK: catalyst (4.0.0)
• SDK: crossdev (20240921)
• SDK: edk2-bin (202408 (includes 202405, 202402, 202311, 202308, 202305, 202302, 202211, 202208, 202205))
• SDK: meson (1.5.2)
• SDK: rust (1.81.0)
• azure: chrony (4.6)
• base, dev: azure-vm-utils (0.3.0)
• base, dev: binutils-config (5.5.2)
• base, dev: btrfs-progs (6.10.1 (includes 6.10))
• base, dev: c-ares (1.33.1 (includes 1.33.0, 1.32.3, 1.32.2, 1.32.1, 1.32.0, 1.31.0, 1.30.0))
• base, dev: cracklib (2.10.2 (includes 2.10.1, 2.10.0))
• base, dev: cryptsetup (2.7.5 (includes 2.7.4, 2.7.3))
• base, dev: curl (8.10.1 (includes 8.10.0))
• base, dev: efivar (39)
• base, dev: gettext (0.22.5)
• base, dev: git (2.45.2 (includes 2.45.1, 2.45.0))
• base, dev: gnutls (3.8.7.1 (includes 3.8.6))
• base, dev: gptfdisk (1.0.10)
• base, dev: intel-microcode (20240910_p20240915)
• base, dev: kmod (33)
• base, dev: ldb (2.8.1 (includes 2.8.0))
• base, dev: libarchive (3.7.6 (includes 3.7.5))
• base, dev: libassuan (3.0.0)
• base, dev: libgcrypt (1.11.0)
• base, dev: libgpg-error (1.50)
• base, dev: libnl (3.10.0)
• base, dev: libnvme (1.10)
• base, dev: liburing (2.7 (includes 2.6, 2.5, 2.4))
• base, dev: nvme-cli (2.10.2 (includes 2.10.1, 2.10))
• base, dev: oniguruma (6.9.9)
• base, dev: openssh (9.8_p1)
• base, dev: pinentry (1.3.1)
• base, dev: pkgconf (2.3.0)
• base, dev: samba (4.19.7)
• base, dev: selinux-base (2.20240916)
• base, dev: selinux-base-policy (2.20240916)
• base, dev: selinux-container (2.20240916)
• base, dev: selinux-dbus (2.20240916)
• base, dev: selinux-policykit (2.20240916)
• base, dev: selinux-sssd (2.20240916)
• base, dev: selinux-unconfined (2.20240916)
• base, dev: socat (1.8.0.0)
• base, dev: sqlite (3.46.1)
• base, dev: talloc (2.4.2)
• base, dev: tcpdump (4.99.5)
• base, dev: tdb (1.4.10)
• base, dev: tevent (0.16.1 (includes 0.16.0))
• base, dev: userspace-rcu (0.14.1)
• ca-certificates (3.106)
• containerd (1.7.23)
• dev: gdb (15.2)
• dev: gnuconfig (20240728)
• dev: iperf (3.17.1 (includes 3.17))
• dev: libpipeline (1.5.8)
• dev: man-db (2.13.0)
• nvidia-drivers (535.216.01)
• sysext-podman: aardvark-dns (1.12.2 (includes 1.12.1, 1.12.0))
• sysext-podman: containers-common (0.60.4 (includes 0.60.3, 0.60.2, 0.60.1, 0.60.0, 0.59.2))
• sysext-podman: containers-image (5.32.2 (includes 5.32.1, 5.32.0, 5.31.0, 5.30.2, 5.30.1))
• sysext-podman: containers-storage (1.55.0 (includes 1.54.0))
• sysext-podman: crun (1.17 (includes 1.16.1, 1.16, 1.15, 1.14.4))
• sysext-podman: fuse-overlayfs (1.14)
• sysext-podman: netavark (1.12.2 (includes 1.12.1, 1.12.0, 1.11.0))
• sysext-podman: passt (2024.09.06)
• sysext-podman: podman (5.2.4 (includes 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1.2, 5.1.1, 5.1.0))
• sysext-python: idna (3.10)
• sysext-python: more-itertools (10.5.0)
• sysext-python: msgpack (1.1.0)
• sysext-python: platformdirs (4.3.6)
• sysext-python: rich (13.8.1)
• sysext-python: setuptools (74.1.3)
• sysext-python: trove-classifiers (2024.9.12)
• sysext-python: urllib3 (2.2.3)
• vmware: open-vm-tools (12.5.0)
• vmware: xmlsec (1.3.4)