KERNEL Notes
Generic Kernel version-release: kernel-5.15.160.1-1
Toolkit Notes
Bump azidentity 1.3.1 -> 1.6.0 to address CVE-2024-35255
General Notes:
Patch nano fo+r CVE-2024-5742
Patch R to address CVE-2024-27322
Patch cri-o to resolve CVE-2024-3727 (Patched vendored github.com/containers/image)
Patch edk2 for CVE-2024-1298
Patch guava for CVE-2023-2976
Patch hvloader to resolve CVE-2024-1298
Patch libarchive to resolve CVE-2024-26256
Patch libndp for CVE-2024-5564
Patch ntfs-3g for CVE-2023-52890
Patch openssh to fix CVE-2023-28531
Patch skopeo for CVE-2024-3727
Patch telegraf for CVE-2024-35255
Patch vte291 for CVE-2024-37535
Patch wget for CVE-2024-38428
Patch yasm for CVE-2021-33454
Remove isorelax project from 2.0 Extended
Update conntrack-tools to addresses situations where conntrack flush command exits with error code 1.
Upgrade dhcp to 4.4.3-P1 to fix CVE-2022-2928, CVE-2022-2929
Upgrade golang to 1.21.11 to address CVE-2024-24790
Upgrade kernel to 5.15.160.1 to fix CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2022-48670, CVE-2024-36023, CVE-2024-36897, CVE-2024-36902, CVE-2024-36938, CVE-2024-36971
Upgrade libpng to 1.6.39 to fix CVE-2022-3857
Upgrade msft-golang to version 1.22.4 to address CVE-2024-24790
Upgrade mysql to 8.0.36 to fix 10 CVEs
Upgrade nodejs18 to 18.20.3 to fix CVE-2024-28863
Upgrade php to 8.1.29 to fix CVE-2024-4577, CVE-2024-5585, CVE-2024-5458
Upgrade python-urllib3 to 1.26.19 patch CVE-2024-37891
Upgrade vitess to v17.0.7 to fix CVE-2024-32886