Security fixes
- Linux (CVE-2021-26931, CVE-2021-26930, CVE-2021-26932)
- openssl (CVE-2021-23840, CVE-2021-23841, CVE-2020-1971, CVE-2021-23840, CVE-2021-23841)
- intel-microcode (CVE-2020-8696, CVE-2020-8698)
Changes
- sshd: use secure crypto algos only (kinvolk/coreos-overlay#852)
- samba: Update to EAPI=7, add new USE flags and remove deps on icu (kinvolk/coreos-overlay#864)
- kernel: enable kernel config CONFIG_BPF_LSM (kinvolk/coreos-overlay#846)
- bootengine: set hostname for EC2 and OpenStack from metadata (kinvolk/coreos-overlay#848)
Updates
- Linux (5.10.19)
- systemd (247.3)
- intel-microcode (20210216)
- multipath-tools (0.8.5)
- openssl (1.1.1j)
- runc (1.0.0_rc93)
- SDK: Rust (1.50.0)
Deprecation
- dhcpcd and containerd-stress will be deprecated from Alpha, also from other channels in the future (kinvolk/coreos-overlay#858)
Note: Please note that ARM images remain experimental for now.