Skip to content

2.0.20230904
Compare
Choose a tag to compare
@jslobodzian jslobodzian released this 13 Sep 02:40
· 819 commits to 2.0 since this release
2.0.20230904-2.0
ad650f8

Add Azure Marketplace Gen1 and Gen2 FIPS definition
Add better backoff, semaphore to packer
Add cfitsio package to SPECS-EXTENDED
Add libgta package to SPECS-EXTENDED
Add new EnableFIPS image configuration option
Add ogdi package to SPECS-EXTENDED
Add otel_ngx_module subpackage to nginx
Add package blosc to SPECS-EXTENDED
Add package liblerc to SPECS-EXTENDED
Add package qt5-qtserialport to SPECS-EXTENDED
Add package shapelib to SPECS-EXTENDED
Add package uriparser to SPECS-EXTENDED
Add simple pre-cache downloader
Add workflow to automatically cherry-pick commits to development branches
Adds package CharLS to SPECS-EXTENDED
Clear CVE-2023-3439 as mctp is not enabled in CBL-Mariner
Clear kernel CVE-2022-0850, CVE-2023-2007, CVE-2023-4385, CVE-2023-4387, CVE-2023-4389, CVE-2023-4459, CVE-2023-32247, CVE-2023-40283
Conditionally load kernel-mshv variables in grub if they are installed.
Disabled CCache for quick rebuilds.
Disabled missing ptest dependencies for 7 extended specs.
Don't pass toolchain Manifest to grapher and clean-workplan depend on clean-grapher-cache-worker
Enable cloud-init-output.log availability on the serial console
Enabled PR checks for the fast-track branches.
Fix httpd.conf log location incorrect
Fix parsing of releases containing '_'
Fix retry backoff sleep non-determinism
Fixed image build issues with packages lacking tests.
Fixed tarball generations for incremental toolchain builds.
Grapher resolves cyclic dependencies from remote repos
Limit cascading rebuilds in the scheduler
Limit running setfacl to package builds
Mitigate build failures in SPECS-EXTENDED during tests.
Patch CVE-2022-47022 in hwloc
Patch QEMU to fix CVE-2022-36648
Patch clamac to fix CVE-2022-48579
Patch etcd and bump fuzzing for CVE-2023-32082
Patch guava for CVE-2020-8908
Patch heimdal to fix CVE-2022-42898
Patch json-c to fix CVE-2021-32292
Patch libreswan to fix CVE-2023-38710, CVE-2023-38711, CVE-2023-38712
Patch mod_auth_mellon to address CVE-2021-3639
Patch rust for CVE-2023-3817
Rebuild qt5-qtsvg with qt5-qtbase fix for CVE-2023-37369
Remove dst file on failed network download
Skipping test node creation for duplicate nodes.
Strip epoch on packages that use it in pre-cache
Update toolkit dependencies to require acl
Update toolkit pre-cacher to use new timeout backoff
Update toolkit specreader tool to run in parallel with graphpkgfetcher tool.
Update toolkit to add vim & git tools in the containerized build env to improve dev experience
Update toolkit to generate image_pkg_manifest.json with image builds
Update toolkit to honor alternate $SPECS_DIR instead of hard-coding
Update wget to use TLSv1_2 and fix cgmanifest check
Upgrade gopkg.in/yaml.v3 to 3.0.0 to address CVE-2022-28948
Upgrade nvidia-container-toolkit, nvidia-container-runtime and libnvidia-container
Upgrade php to 8.1.22 to fix CVE-2023-3824
Upgrade telegraf release to rebuild with go 1.20.7
Upgrade xfsprogs to version 5.15 to match kernel version

Assets 2