flatcar/scripts beta-4547.1.0 on GitHub

Changes since Beta 4515.1.0

Dropped debug symbols from containerd, incus, and overlaybd system extensions to reduce download size.

Dropped Ciphers, MACs, and KexAlgorithms from the sshd configuration so that the OpenSSH upstream defaults are used. This introduces post-quantum key exchange algorithms for better security. (Flatcar#1921). Users requiring legacy Ciphers, MACs, and/or KexAlgos can override / re-enable this by deploying a custom drop-in config to /etc/ssh/sshd_config.d/.
/etc/shadow, /etc/gshadow are now owned by the shadow group, /usr/bin/unix_chkpwd, /usr/bin/chage and /usr/bin/expiry are now also owned by the shadow group with a sticky bit enabled.

Ignition (2.24.0)
Linux (6.12.66 (includes 6.12.65, 6.12.64, 6.12.63, 6.12.62, 6.12.59))
Linux Firmware (20251125 (includes 20251111))
SDK: cmake (4.1.2 (includes 4.1.1, 4.1, 4.0))
SDK: go (1.25.3)
SDK: meson (1.9.1 (includes 1.8.0))
SDK: nasm (3.01 (includes 3.00))
base, dev: btrfs-progs (6.17)
base, dev: cifs-utils (7.4)
base, dev: coreutils (9.8)
base, dev: hwdata (0.400 (includes 0.399))
base, dev: inih (62 (includes 61))
base, dev: intel-microcode (20251111_p20251112)
base, dev: iproute2 (6.17.0)
base, dev: jose (14 (includes 13))
base, dev: kbd (2.9.0)
base, dev: less (685)
base, dev: libgpg-error (1.56)
base, dev: libtirpc (1.3.7)
base, dev: pam (1.7.1 (includes 1.7.0, 1.6.1, 1.6.0))
base, dev: pambase (20251013)
base, dev: samba (4.22.5 (includes 4.22.4))
base, dev: strace (6.17)
base, dev: thin-provisioning-tools (1.3.0 (includes 1.2.2, 1.2.1, 1.2.0, 1.1.0, 1.0.14, 1.0.13, 1.0.12, 1.0.11))
base, dev: util-linux (2.41.2)
ca-certificates (3.120)
dev: portage (3.0.69.3 (includes 3.0.69.2, 3.0.69.1, 3.0.69))
sysext-overlaybd: overlaybd (1.0.16)
sysext-podman: aardvark-dns (1.15.0)
sysext-podman: netavark (1.16.1 (includes 1.16.0))
sysext-python: more-itertools (10.8.0)
sysext-python: platformdirs (4.5.0)
sysext-python: resolvelib (1.2.1)
sysext-python: rich (14.2.0)
sysext-python: setuptools-scm (9.2.0 (includes 9.1.0, 9.0.0))
sysext-python: trove-classifiers (2025.9.11.17 (includes 2025.9.9.12, 2025.9.8.13))
openssl (3.5.5)