Security fixes
- Linux (CVE-2021-3347, CVE-2021-3348, CVE-2021-26708, CVE-2021-20194)
- Docker (CVE-2021-21285, CVE-2021-21284)
- samba (CVE-2020-14318, CVE-2020-14323, CVE-2020-14383)
- openldap (CVE-2020-36221, CVE-2020-36222, CVE-2020-36223, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226, CVE-2020-36227, CVE-2020-36228, CVE-2020-36229, CVE-2020-36230)
- c-ares (CVE-2020-8277)
- coreutils (CVE-2017-7476)
- intel-microcode (CVE-2020-8698, CVE-2020-8694, CVE-2020-8695, CVE-2020-8696)
Bug fixes
- profile: filter out bullet point when parsing failed units (baselayout#16)
- app-crypt/trousers: use correct file permissions (coreos-overlay#809)
- sys-apps/systemd: Fix unit installation (coreos-overlay#810)
- passwd: use correct GID for tss(baselayout#15)
- flatcar-eks: add missing mkdir and update to latest versions(coreos-overlay#817)
- coreos-base/gmerge: Stop installing gmerge script (coreos-overlay#828)
- Update sys-apps/coreutils and make sure they have split-usr disabled for generic images (coreos-overlay#829)
Changes
- dev-lang/go: delete go 1.6 (coreos-overlay#827)
- sys-block/open-iscsi: Command substitution in iscsi-init system service (coreos-overlay#801)
- scripts/motdgen: Add OEM information to motd output (init#34)
- torcx: delete Docker 1.12 (coreos-overlay#826)
- portage update: update portage and related packages to newer versions (coreos-overlay#840)
- bin/flatcar-install: add parameters to make wget more resilient (init#35)
Updates
- Linux (5.10.16)
- Docker (19.03.15)
- go (1.15.8)
- c-ares (1.17.1)
- cri-tools (1.19.0)
- samba (4.12.9)
- openldap (2.4.57)
- coreutils (8.32)
- intel-microcode (20201112)
Deprecation
- Docker 1.12 will be deprecated from Alpha, also from other channels in the future.
Note: Please note that ARM images remain experimental for now.