kinvolk/manifest v3033.0.0

on GitHub

Update to CGroupsV2

As of Alpha version 2969.0.0, Flatcar Container Linux migrates to the unified cgroup hierarchy (aka CGroupsV2)! New nodes will utilize CGroupsV2 by default. Existing nodes remain on CGroupsV1 and need to be manually migrated to CGroupsV2. To learn more about CGroupsV2 on Flatcar Container Linux and the migration guide, please refer to https://kinvolk.io/docs/flatcar-container-linux/latest/container-runtimes/switching-to-unified-cgroups/

New Alpha release 3033.0.0

Changes since Alpha 3005.0.0

Security fixes

• Linux (CVE-2021-3764, CVE-2021-3744, CVE-2021-38300, CVE-2021-20321, CVE-2021-41864)
• Go (CVE-2021-29923, CVE-2021-39293, CVE-2021-38297)
• bash (CVE-2019-9924, CVE-2019-18276)
• containerd (CVE-2021-41103)
• curl (CVE-2021-22945, CVE-2021-22946, CVE-2021-22947)
• Docker (CVE-2021-41092, CVE-2021-41089, CVE-2021-41091)
• git (CVE-2021-40330)
• gnupg (CVE-2020-25125)
• libgcrypt (CVE-2021-40528)
• polkit (CVE-2021-3560)
• util-linux (CVE-2021-37600)
• vim (CVE-2021-3770, CVE-2021-3778, CVE-2021-3796)
• SDK: bison (CVE-2020-14150, CVE-2020-24240)
• SDK: perl (CVE-2020-10878)

Bux fixes

• The tcsd service for TPM 1 is not started on machines with TPM 2 anymore where it fails and isn’t necessary. (flatcar-linux/coreos-overlay#1365)
• arm64: the Polkit service does not crash anymore. (flatcar-linux/Flatcar#156)
• toolbox: fixed support for multi-layered docker images (toolbox#5)

Updates

• Linux (5.10.75)
• Linux Firmware (20210919)
• Docker (20.10.9)
• Go (1.17.2)
• systemd (249.4)
• bash (5.1_p8)
• ca-certificates (3.69.1)
• containerd (1.5.7)
• curl (7.79.1)
• duktape (2.6.0)
• git (2.32.0)
• gnupg (2.2.29)
• keyutils (1.6.1)
• libgcrypt (1.9.4)
• libtirpc (1.3.2)
• lvm2 (2.02.188)
• net-tools (2.10)
• open-vm-tools (11.3.5)
• polkit (0.119)
• realmd (0.17.0)
• util-linux (2.37.2)
• vim (8.2.3428)
• SDK: bison (3.7.6)
• SDK: bc (1.07.1)
• SDK: gawk (5.1.0)
• SDK: gnuconfig (20210107)
• SDK: google-cloud-sdk (355.0.0)
• SDK: meson (0.57.2)
• SDK: mtools (4.0.35)
• SDK: perl (5.34.0)
• SDK: texinfo (6.8)

Note: Please note that ARM images remain experimental for now.