flatcar/scripts beta-3402.1.0

on GitHub

Changes since Beta 3374.1.1

Security fixes:

• Linux (CVE-2022-2602, CVE-2022-3535, CVE-2022-3542, CVE-2022-3565, CVE-2022-3594)
• bind tools (CVE-2022-2795, CVE-2022-2881, CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, CVE-2022-38178)
• curl (CVE-2022-35252)
• dbus (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012)
• go (CVE-2022-41715, CVE-2022-2880, CVE-2022-2879)
• libxml2 (CVE-2022-40303, CVE-2022-40304)
• logrotate (CVE-2022-1348)
• vim (CVE-2022-1725, CVE-2022-2042, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2182, CVE-2022-2183, CVE-2022-2206, CVE-2022-2207, CVE-2022-2208, CVE-2022-2210, CVE-2022-2231, CVE-2022-2257, CVE-2022-2264, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2304, CVE-2022-2343, CVE-2022-2344, CVE-2022-2345, CVE-2022-2522, CVE-2022-2816, CVE-2022-2817, CVE-2022-2819, CVE-2022-2845, CVE-2022-2849, CVE-2022-2862, CVE-2022-2874, CVE-2022-2889, CVE-2022-2923, CVE-2022-2946, CVE-2022-2980, CVE-2022-2982, CVE-2022-3016, CVE-2022-3099, CVE-2022-3134, CVE-2022-3153, CVE-2022-3234, CVE-2022-3235, CVE-2022-3278, CVE-2022-3256, CVE-2022-3296, CVE-2022-3297, CVE-2022-3324, CVE-2022-3352)
• SDK: rust (CVE-2022-36113, CVE-2022-36114)

Bug fixes:

• Enabled IOMMU on arm64 kernels, the lack of which prevented some systems from booting (coreos-overlay#2235)

Changes:

• Added CONFIG_NF_CONNTRACK_BRIDGE (for nf_conntrack_bridge) and CONFIG_NFT_BRIDGE_META (for nft_meta_bridge) to the kernel config to allow using conntrack rules for bridges in nftables and to match on bridge interface names (coreos-overlay#2207)
• Change CONFIG_WIREGUARD kernel option to module to save space on boot partition (coreos-overlay#2239)
• Disable several arch specific arm64 kernel config options for unsupported platforms to save space on boot partition (coreos-overlay#2239)
• Switched from --strip-unneeded to --strip-debug when installing kernel modules, which makes kernel stacktraces more accurate and makes debugging issues easier (coreos-overlay#2196)
• The flatcar-update tool got two new flags to customize ports used on the host while updating flatcar (init#81)
• Add qemu-guest-agent to all amd64 images, it will be automatically enabled when qemu-ga virtio-port is detected (coreos-overlay#2240, portage-stable#373)

Updates:

• Linux (5.15.77 (includes 5.15.76, 5.15.75))
• Linux Firmware (20221012)
• Docker (20.10.20)
• Go (1.18.7)
• OpenSSL (3.0.7)
• bind tools (9.16.33)
• bpftool (5.19.2)
• curl (7.85)
• dbus (1.14.4)
• git (2.37.3)
• glibc (2.34)
• libxml2 (2.10.3)
• logrotate (3.20.1)
• nmap (7.93)
• pahole (1.23)
• strace (5.19)
• vim (9.0.0655)
• wireguard-tools (1.0.20210914)
• zlib (1.2.13)
• SDK: catalyst (3.0.21)
• SDK: cmake (3.23.3)
• SDK: libxslt (1.1.37)
• SDK: meson (0.62.2)
• SDK: ninja (1.11.0)
• SDK: Rust (1.64.0)

Changes since Alpha 3402.0.1

Security fixes:

• Linux (CVE-2022-2602, CVE-2022-3535, CVE-2022-3542, CVE-2022-3565, CVE-2022-3594)

Updates:

• Linux (5.15.77 (includes 5.15.76, 5.15.75))
• OpenSSL (3.0.7)