This repository has been archived by the owner. It is now read-only.
crawford
released this
Security Fixes:
- Fall back to pam_deny in authentication (Security Brief)
- Remove login shell for
operator
user - Stop disabling SHA512 password hashes in PAM
- This restores the previous pre-PAM behavior of allowing SHA512 password hashes
Changes:
- The image signing key has been updated again, revoking the sub-key that signed 1045.0.0 and 1047.0.0 and adding a new sub-key for this and future releases.
- Add
rkt-admin
group which has access to/etc/rkt
- GCE images are now provisioned by Ignition instead of coreos-cloudinit
Updates: