Skip to content

1.0 CBL-Mariner August 2021 Update
Compare
Choose a tag to compare
@jslobodzian jslobodzian released this 09 Sep 19:13
· 997 commits to 1.0 since this release
1.0.20210901-1.0
6617e9d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

  • Update kernel to 5.10.60.1 to fix CVE's

  • ISO now published for public download. Added download instructions for ISO

  • Enable support for TLS 1 and TLS 1.1 in OpenSSL.

  • Update 'openvswitch' to version 2.15.1.

  • Use sha256sum for toolchain sources

  • Add etcd-tools

  • Add cockpit

  • Add aide

  • Add tini package

  • Add ca-certificates file and folder links to increase compatibility

  • Add fipscheck package

  • Add Automatic package update and Dnf-Automatic

  • Remove brp-strip-debug-symbols and brp-strip-unneeded

  • Removed ca-legacy script and its artifacts from ca-certificates.

  • Remove Dotnet and aspnetcore SPEC files from CBL-Mariner Repository. These packages are now built by the dotnet team and the binaries have been available in the new Microsoft Repo on Packages.Microsoft.Com since July 12, 2021.

  • Fix user ssh directory permissions when public keys empty

  • Update nodejs to fix CVEs

  • Fix broken openssl man page symlinks

  • Fix broken mysql package tests from previous months mysql upgrade.

  • Fix test for perl-CPAN-Meta-Check

  • Fix display update issues in ManualPartitionWidget

  • Add patch to fix VDSO in HyperV

  • Fix qt5-qtbase version number test issue

  • Move to golang 1.16.7 and bump dependencies for security findings.

  • Bump github.com/sirupsen/logrus from 1.6.0 to 1.8.1

  • Bump github.com/gdamore/tcell from 1.3.0 to 1.4.0

  • Bump gonum.org/v1/gonum from 0.6.2 to 0.9.3

  • Bump github.com/stretchr/testify from 1.4.0 to 1.7.0

  • Bump github.com/muesli/crunchy from 0.3.0 to 0.4.0

  • Bump github.com/ulikunitz/xz from 0.5.8 to 0.5.10

  • Bump github.com/ulikunitz/xz from 0.5.7 to 0.5.8

  • Update swig to 4.0.2

  • Fix Httpd: CVE-2021-33193

  • Patch OpenSSL CVE-2021-3711 and CVE-2021-3712

  • Fix ctags CVE-2014-7204

  • Fix zstd CVE-2021-24031

  • Fix nettle CVE-2021-3580

  • Fix tpm2-tss CVE-2020-24455

  • Fix qemu-kvm CVE-2021-3682

  • Fix ruby CVE-2021-32066

  • Fix util-linux CVE 2021-37600

  • Update python-psutil to 5.6.7 to fix CVE-2019-1887, CVE-2021-28957

  • Fix qt5-qtbase CVE-2015-9541, CVE-2020-0570 and CVE-2020-13962

  • Update python-lxml to fix CVE-2018-19787, CVE-2020-27783,

  • Update rubygem-addressable to 2.8.0 to fix CVE-2021-3274

  • Fix glibc CVE-2021-35942

  • Update squashfs-tools to version 4.4 to address CVE 2015 4646

  • Upgrade python-twisted to 20.3.0 to fix CVE-2020-10108, CVE-2020-10109

  • Upgrade mysql to 8.0.26: CVE-2021-2339, CVE-2021-2340, CVE-2021-2352, CVE-2021-2354, CVE-2021-2356, CVE-2021-2357

Assets 2
Loading