Security fixes
- Linux CVE-2020-27815, CVE-2020-29568, CVE-2020-29569, CVE-2020-28374, CVE-2020-36158
- Go CVE-2021-3114
- sudo CVE-2021-3156, CVE-2021-23239
Bug fixes
- networkd: avoid managing MAC addresses for veth devices (kinvolk/init#33)
/etc/iscsi/initiatorname.iscsiis generated by the iscsi-init service (#321)- Prevent iscsiadm buffer overflow (#318)
- Revert to building docker and containerd with go1.13 instead of go1.15. This reduces the SIGURG log spam (#315)
Changes
- The containerd socket is now available in the default location (
/run/containerd/containerd.sock) and also as a symlink in the previous location (/run/docker/libcontainerd/docker-containerd.sock) (#771) - With the iscsi update, the service unit has changed from iscsid to iscsi (#791)
- AWS Pro: include scripts to facilitate setup of EKS workers (#794)
Updates