flatcar/scripts stable-3374.2.0

on GitHub

Changes since Stable 3227.2.4

Security fixes:

• Linux (CVE-2022-2308, CVE-2022-3621, CVE-2022-3646, CVE-2022-3649, CVE-2022-40768, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722, CVE-2022-43750)
• binutils (CVE-2021-45078)
• cifs-utils (CVE-2022-27239, CVE-2022-29869)
• curl (CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208)
• Docker (CVE-2022-29526, CVE-2022-36109)
• git (CVE-2022-24765, CVE-2022-29187)
• GNU Libtasn1 (Gentoo#866237)
• gnupg (CVE-2022-34903)
• gnutls (CVE-2022-2509)
• Go (CVE-2022-1705, CVE-2022-1962, CVE-2022-27664, CVE-2022-28131, CVE-2022-29526, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, CVE-2022-32148, CVE-2022-32190)
• ignition (CVE-2022-1706)
• intel-microcode (CVE-2022-21151, CVE-2022-21233)
• libtirpc (CVE-2021-46828)
• libxml2 (CVE-2016-3709, CVE-2022-2309, CVE-2022-29824)
• ncurses (CVE-2022-29458)
• oniguruma (oniguruma-20220430)
• openssl (CVE-2022-1292, CVE-2022-1343, CVE-2022-1434, CVE-2022-1473)
• polkit (CVE-2021-4115)
• rsync (CVE-2018-25032, CVE-2022-29154)
• runc (CVE-2022-29162)
• shadow (CVE-2013-4235)
• unzip (CVE-2022-0529, CVE-2022-0530, CVE-2021-4217)
• vim (CVE-2022-0629, CVE-2022-0685, CVE-2022-0714, CVE-2022-0729, CVE-2022-0943, CVE-2022-1154, CVE-2022-1160, CVE-2022-1381, CVE-2022-1420, CVE-2022-1616, CVE-2022-1619, CVE-2022-1620, CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735, CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796, CVE-2022-1897, CVE-2022-1898, CVE-2022-1886, CVE-2022-1851, CVE-2022-1927, CVE-2022-1942, CVE-2022-1968, CVE-2022-2000)
• zlib (CVE-2022-37434)
• VMware: open-vm-tools (CVE-2022-31676)
• SDK: qemu (CVE-2021-20203, CVE-2021-3713, CVE-2021-3930, CVE-2021-3947, CVE-2021-4145, CVE-2022-26353, CVE-2022-26354)

Bug fixes:

• Fixed Ignition btrfs forced formatting for OEM partition (coreos-overlay#2277)
• Removed outdated LTS channel information printed on login (init#75)

Changes:

• Added efibootmgr binary to the image (coreos-overlay#1955)
• Added symlink from nc to ncat. -q option is not yet supported (flatcar#545)
• flatcar-install: Added option to create UEFI boot entry (init#74)
• AWS: Added AWS IMDSv2 support to coreos-cloudinit (flatcar-linux/coreos-cloudinit#13)
• VMware: Added VMware networking configuration in the initramfs via guestinfo settings (bootengine#44, flatcar#717)
• VMWare: Added ignition-delete-config.service to remove Ignition config from VM metadata, see also here (coreos-overlay#1948)

Updates:

• Linux (5.15.74 (includes (5.15.73, 5.15.72. 5.15.71))
• Linux Firmware (20220913)
• acpid (2.0.33)
• adcli (0.9.1)
• automake (1.16.5)
• binutils (2.38)
• bison (3.8.2)
• boost (1.79)
• cifs-utils (6.15)
• containerd (1.6.8)
• curl (7.84.0)
• Cyrus SASL (2.1.28)
• dbus (1.12.22)
• Docker (20.10.18)
• e2fsprogs (1.46.5)
• gcc (11.3.0)
• gdb (11.2)
• gdbm (1.22)
• git (2.35.3)
• glib (2.72.3)
• GNU Libtasn1 (4.19.0)
• gnupg (2.2.35)
• gnutls (3.7.7)
• Go (1.18.6)
• ignition (2.14.0)
• intel-microcode (20220809)
• ldb (2.4.1)
• libtool (2.4.7)
• libxml2 (2.10.2)
• ncurses (6.3_p20220423)
• oniguruma (6.9.8)
• OpenSSL (3.0.7)
• perl (5.34.1)
• pkgconf (1.8.0)
• polkit (121)
• python (3.9.12)
• rsync (3.2.6)
• runc (1.1.4)
• samba (4.15.4)
• shadow (4.12.3)
• sqlite (3.38.1)
• sudo (1.9.10)
• talloc (2.3.3)
• tevent (0.11.0)
• unzip (6.0_p27)
• vim (8.2.5066)
• OEM: distro (1.7.0)
• OEM: python (3.9.12)
• VMware: open-vm-tools (12.1.0)
• SDK: libxslt (1.1.35)
• SDK: qemu (7.0.0)
• SDK: Rust (1.63.0)

Changes since Beta 3374.1.1

Bug fixes:

• Fixed Ignition btrfs forced formatting for OEM partition (coreos-overlay#2277)

Updates:

• OpenSSL (3.0.7)