New Core Packages
apache-commons-cli
apache-commons-lang3
apache-commons-logging
atinject
atop - promoted from extended to core
cal10n
dracut-megaraid
glassfish-servlet-api
google-guice
guava
htop - promoted from extended to core
javapackages-bootstrap
javassist
jsr-305
junit
maven-compiler-plugin
maven-jar-plugin
maven-resolver
maven-resources-plugin
maven-surefire
maven-wagon
plexus-cipher
plexus-classworlds
plexus-containers
plexus-interpolation
plexus-sec-dispatcher
plexus-utils
rabbitmq-server
sisu
slf4j
wireguard-tools version 1.0.20210914
xmvn
Updated Core Packages
Add missing runtime dependency to sos package
Enable CONFIG_NET_CLS_FLOWER as module
Enable loadable modules and -devel subpackage for kernel-uvm
Enable wireguard as kernel module
PyTorch: Fix CVE-2022-25882
R: fix build with curl >= 8.0.0
Updated Microsoft trusted root CAs. Release: February 2023 (2023-03-29)
Updated packages with a BR on libtiff.
build nginx with http_gzip_static_module
c-ares update to 1.19.0 to address CVE-2022-4904
ccache: update to 4.8
cert-manager - patch to address CVE-2023-25165 -
cloud-hypervisor: patch vendored versionize crate to fix CVE-2023-28448
cloud-init - address ptest failure
curl: bump version to 8.0.1 to address CVE-2023-27533 to CVE-2023-27538
dnsmasq: patch CVE-2023-28450
gnupg2: add correct version of libgpg-error-devel as BR
golang update to 1.19.7 to address CVE-2023-24532
golang: upgrade to 1.19.8 to address CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538
javapackages-boostrap - Fix CVE-2021-35516 and CVE-2021-35517 by upgrading common-compress to 1.21
kata-containers: integrate fix to reduce UVM memory consumption
kata-containers: update kata-osbuilder.sh signature
kdump initrd assembly + cosmetic fixes on kdumpctl
kernel-mshv: add back config
kernel-uvm: consume dom0 source
kernel-uvm: remove aarch64
libtiff - upgrade to 4.5.0 to fix CVE-2022-4645 -
maven3 - update to match maven changes
mlnx-ofa_kernel - update BuildRequires to use kernel 5.15.87.1
msft-golang: bump version to 1.19.7 to address CVE-2022-41722, CVE-2022-41724, CVE-2022-41725, CVE-2022-41723, CVE-2023-24532
msft-golang: upgrade to 1.19.8 to address CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538
nginx - build with ngx_http_realip_module
opa - update to 0.50.2
openssl 1.1.1k - atching CVE-2023-0464
rust: bump version to 1.68.2 to revoke leaked github keys
telegraf - update to 1.26.0 to fix CVE-2022-23471
tzdata - update to version 2023c.
xinetd - patch with CVE-2013-4342 fix
New Extended Packages
none
Updated Extended Packages
none
New Proprietary packages
none
Updated Proprietary Packages
kubernetes-1.23.12-4
kubernetes-1.23.15-4
kubernetes-1.24.6-4
kubernetes-1.24.9-4
kubernetes-1.25.4-4
kubernetes-1.25.5-4
kubernetes-1.26.0-2
kubernetes-1.26.3-2
Updated NVIDIA packages
cuda-525.85.12-2_5.15.102.1.3
nvidia-fabric-manager-525.85.12-1
Tooling changes
Added signing stage for livepatches pipeline.
Fix unattended iso flag handling
Move toolchain RPMs to a dedicated location in ./build/toolchain_rpms
Prioritize already cached RPMs before using online repos
Translate and update build flow diagram into mermaid diagram
Update CBL-Mariner build prerequisites
Update contribution guide to include more detailed instructions
Updated livepatch spec template to print more logs.
Update old go file formatting with go-tidy-all.