microsoft/azurelinux 2.0.20220617-2.0

2.0.20220617

on GitHub

Add custom package repo definitions in image configuration
Add distroless manifest format to toolkit documentation
Add emacs SPEC to Mariner
Add explicit check/run-time dependencies on mariner-release in node-problem-detector to fix test
Add iana-etc as runtime dep for fping
Add missing e2fsprogs dep to cloud-init
Add missing signature for perl-Module-Install-Repository.
Add nopatch for 2022-1734
Add packer tool SPEC and remove packer symlink in cracklib-dicts conflicts with packer tool
Add Provides to prebuilt-ca-certificates for *-microsoft and *-mozilla.
Add pxe-boot support in Mariner installer
Add run-time dependencies for perl-Crypt-SSLeay.
Add usrsctp package
Add kpatch package.
Change selinux-policy to allow unconfined domains to manipulate their own fds.
Commonize toolchain rpm extract flows
Enabled LIVEPATCH option in the kernel config. (Note LivePatch not yet supported)
Fix (silence) kernel ptp_kvm failure error
Fix ARM64 buildah and edk2 blocked packages fix.
Fix clamav so freshclam works on first use and freshclam can store db download in /var/lib/clamav. Also create clamav user/group
Fix filesystem upgrade issue when upgrading filesystem in container
Fix hyperv-daemons/hypervkvpd.service service ordering
Fix ocaml-ctypes test by changing test dependencies to ounit2.
Fix openssl package test failure
Fix python-mutagen package test (dropped BR on pytest & pip install latests deps)
Fix signature of hypervkvpd.service
Fix util-linux source unpacking in raw toolchain
Fix zsh package install failure by fixing shebang lines in included scripts
Patch lua to fix CVE-2021-44647.
Patch openldap to fix CVE-2022-29155
Patch php to build with updated gd.
Patch qemu to fix CVE-2021-4206
Rely on makefile to place toolchain rpms
Remove bundled gems from ruby and added provides for default gems
Remove exlusivearch from cert-manager
Remove nspr package from toolchain.
Remove smack LSM support from kernel
Remove tarballs from the repository.
Require glibc-iconv for unixODBC
Update SymCrypt and SCOSSL SPEC files to latest
Upgrade bind to 9.16.29 to fix CVE-2021-25219.
Upgrade exiv2 to 0.27.5 to fix CVE-2019-13504 CVE-2019-17402 CVE-2019…
Upgrade gd to 2.3.3 to fix CVE-2021-38115 and CVE-2021-40812
Upgrade golang to 1.18.3 to address CVE-2022-24675 & CVE-2022-28327
Upgrade gonum to 0.11.0 to fix segfault in graph/iterator.(*mapIter).next
Upgrade hivex to 1.3.21 to fix CVE-2021-3504 and CVE-2021-3622
Upgrade kernel to 5.15.45.1; kernel-rt to 5.15.44.1
Upgrade krb5 to version 1.19.3 to address CVE-2021-37750
Upgrade libarchive to 3.6.1 to address CVE-2022-26280
Upgrade libtiff to 4.4.0 to address CVE-2022-1622 & CVE-2022-1623
Upgrade logrotate to 3.20.1 to address CVE-2022-1348
Upgrade moby-runc to 1.1.2 to fix CVE-2022-29162
Upgrade ncurses to 6.3 to fix CVE-2022-29458
Upgrade ntfs-3g to 2022.5.17 to fix CVE-2021-46790
Upgrade Opensc to 0.22.0 to fix CVE-2020-26570, CVE-2020-26571, CVE-2020-26572, CVE-2021-42778, CVE-2021-42779, CVE-2021-42780, CVE-2021-42781, CVE-2021-42782
Upgrade prometheus to 2.36.0 to fix CVE-2021-29622.
Upgrade python-jwt to version 2.4.0 to fix CVE-2022-29217.
Upgrade Python-twisted to version 22.4.0 to fix CVE-2022-24801
Upgrade redis to 6.2.7 to address CVE-2022-24736
Upgrade rsync to 3.2.4
Upgrade subversion to 1.14.2 to fix CVE-2021-28544.
Upgrade telegraf to 1.23.0
Upgrade terraform version to 1.2.2
Upgrade usbredir to version 0.12.0 to fix CVE-2021-3700.
Upgrade util-linux to 2.37.4 to fix CVE-2022-0563.
Upgrade vim to 8.2.5064 for CVE-2022-1619, CVE-2022-1621, CVE-2022-1629, CVE-2022-1616, CVE-2022-1733, CVE-2022-1735, CVE-2022-1769, CVE-2022-1620, CVE-2022-1674, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796 CVE-2022-1851, CVE-2022-1886, CVE-2022-1898
Upgrade wireshark 3.4.14 to fix CVE-2021-4181 CVE-2021-4182 CVE-2021-4184 CVE-2021-4185 CVE-2021-4186 CVE-2021-4190 CVE-2021-22207 CVE-2021-22222 CVE-2021-22235 CVE-2021-39920 CVE-2021-39921 CVE-2021-39922 CVE-2021-39923 CVE-2021-39924 CVE-2021-39925 CVE-2021-39926 CVE-2021-39928 CVE-2021-39929 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586