What's Changed
Added prebuilt-ca-certificates and tzdata to the distroless minimal container.
Disabled running apparmor LSM at boot time.
Fixed python-twisted binaries conflicts.
Fixed package tests: python-execnet, python-six.
Mitigated CVE-2020-35505 by disabling qemu emulation for am53c974 devices.
Patched libtiff to fix CVE-2022-3597, CVE-2022-3598, CVE-2022-3599, CVE-2022-3626, and CVE-2022-3627.
Patched libtiff to fix CVE-2022-3970.
Patched sqlite to fix CVE-2022-35737.
Updated sudo to version 1.9.12p1 to fix CVE-2022-43995.
Updated sysstat to nopatch CVE-2022-39377.
Updated tzdata to version 2022f.
Upgrade bind to version 9.16.33.
Upgraded curl to version 7.86.0 to fix CVE-2022-42915.
Upgraded golang to 1.18.8 to fix CVE-2022-2879, CVE-2022-2880, CVE-2022-41715, CVE-2022-27664, CVE-2022-32190.
Upgraded httpd to version 2.4.54 to fix CVE-2022-28615 and CVE-2022-31813.
Upgraded kernel to version 5.10.153.1 to address: CVE-2022-3521, CVE-2022-3542, CVE-2022-3586, CVE-2022-3594, CVE-2022-41850, CVE-2022-43750.
Upgraded mysql to version 8.0.31 to fix 20 CVEs.
Upgraded python3-twisted to 22.10.0 to fix CVE-2022-39348.
Upgrades vim to version 9.0.0805 to fix CVE-2022-3705.
Full Changelog: 1.0.20221028-1.0...1.0.20221119-1.0