flatcar/scripts beta-3745.1.0

on GitHub

Changes since Beta 3732.1.0

Security fixes:

• curl (CVE-2023-38039, CVE-2023-38545, CVE-2023-38546)
• glibc (CVE-2023-4527, CVE-2023-4806)
• lua (CVE-2022-33099)
• mit-krb5 (CVE-2023-36054)
• procps (CVE-2023-4016)
• samba (CVE-2021-44142, CVE-2022-1615)

Bug fixes:

• Disabled systemd-networkd's RoutesToDNS setting by default to fix provisioning failures observed in VMs with multiple network interfaces on Azure (scripts#1206)
• Fixed the postinstall hook failure when updating from Azure instances without OEM systemd-sysext images to Flatcar Alpha 3745.x.y (update_engine#29)

Changes:

• AWS OEM images now use a systemd-sysext image for layering additional platform-specific software on top of /usr
• Reworked the VMware OEM software to be shipped as A/B updated systemd-sysext image
• SDK: Experimental support for prefix builds to create distro independent, portable, self-contained applications w/ all dependencies included. With contributions from chewi and HappyTobi.
• Started shipping default ssh client and ssh daemon configs in /etc/ssh/ssh_config and /etc/ssh/sshd_config which include config snippets in /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d, respectively.
• The open-vm-tools package in VMware OEM now comes with vmhgfs-fuse, udev rules, pam and vgauth
• To make Kubernetes work by default, /usr/libexec/kubernetes/kubelet-plugins/volume/exec is now a symlink to the writable folder /var/kubernetes/kubelet-plugins/volume/exec (Flatcar#1193)

Updates:

• Linux (6.1.58 (includes 6.1.57, 6.1.56))
• Linux Firmware (20230919)
• bind-tools (9.16.42)
• ca-certificates (3.94)
• checkpolicy (3.5)
• curl (8.3.0)
• gcc (13.2)
• gzip (1.13)
• libgcrypt (1.10.2)
• libselinux (3.5)
• libsemanage (3.5)
• libsepol (3.5)
• lua (5.4.6)
• mit-krb5 (1.21.2)
• openssh (9.4p1)
• policycoreutils (3.5)
• procps (4.0.4 (includes 4.0.3 and 4.0.0))
• rpcsvc-proto (1.4.4)
• samba (4.18.4)
• selinux-base (2.20221101)
• selinux-base-policy (2.20221101)
• selinux-container (2.20221101)
• selinux-sssd (2.20221101)
• selinux-unconfined (2.20221101)
• semodule-utils (3.5)
• SDK: Rust (1.72.1)
• VMWARE: libdnet (1.16.2 (includes 1.16))

Changes since Alpha 3745.0.0

Security fixes:

• curl (CVE-2023-38545, CVE-2023-38546)

Bug fixes:

• Disabled systemd-networkd's RoutesToDNS setting by default to fix provisioning failures observed in VMs with multiple network interfaces on Azure (scripts#1206)
• Fixed the postinstall hook failure when updating from Azure instances without OEM systemd-sysext images to Flatcar Alpha 3745.x.y (update_engine#29)

Changes:

• To make Kubernetes work by default, /usr/libexec/kubernetes/kubelet-plugins/volume/exec is now a symlink to the writable folder /var/kubernetes/kubelet-plugins/volume/exec (Flatcar#1193)

Updates:

• Linux (6.1.58 (includes 6.1.57, 6.1.56))
• ca-certificates (3.94)