Skip to content

2.0.20240403
Compare
Choose a tag to compare
@jslobodzian jslobodzian released this 10 Apr 02:08
· 60 commits to 2.0 since this release
2.0.20240403-2.0
668b0c9

Add patch for cloud-init pkg install error
Add patch to limit pytest-mypy-plugins version for python-attrs test
Disabled experimental c-ares module from python-gevent (also fixes CVE-2021-22931)
Enabled ccache and artifact suffixes for fast-track PR check
Exclude overlayfs module from main dracut package.
Explicitly add libgcc as a requires to distroless base
Fix imagegen tools (toolkit) to Write fstab file in correct order.
Fix kata-containers to use system OpenSSL
Fix kata-containers-cc to fix macro expansion (use grub2-rpm-macros)
Fix kata-containers-cc virtiofsd dependency
Fix mariner_2_initrd_use_suffix kdump.conf option
Fix moby-compose license for ASL 2.0
Fix msft-golang to include go.env in GOROOT
Fix python-prettytables ptest.
Fix python-remoto ptest
Fix toolchain rebuilds for delta builds.
Force systemd coredump to use LZ4 compression
Limited cascading rebuilds for the fast-track PR check to 1.
Modify cython to skip long tests.
Patch CVE-2023-52160 for wpa_supplicant
Patch libtiff to fix CVE-2023-52356
Patch PAM to fix CVE-2024-22365
Patch azure-iot-sdk-c to address CVE-2024-25110 and CVE-2024-27099 - bran
Patch clamav to fix CVE-2024-20328
Patch expat to fix CVE-2023-52426
Patch kubervirt for CVE-2022-41723
Patch less to fix CVE-2022-48624
Patch libvirt to fix CVE-2024-1441 and CVE-2024-2496
Patch nodejs18 to fix CVE-2024-22025 (NOTE: nodejs[16] is end of life and will be removed from build at next monthly update)
Patch open-vm-tools to address CVE-2023-34058 & CVE-2023-34059
Patch to package qt5-qtbase to address CVE-2022-25643
Patch unixODBC to fix CVE-2024-1013
Patch xorg-x11-server to fix CVE-2023-5574, CVE-2023-5367 & CVE-2023-5380, CVE-2023-6816, CVE-2024-21885
Removed the runOnHost flag to fix the fast-track PR check pipelines.
Switch qemu-guest base image to kernel instead of kernel-hci
Update expat changelog
Update guava to 32.1.3 in Javapackages-bootstrap
Update toolchain container bootstrap to 2.0.20240123
Upgrade Kernel to 5.15.153.1 to address kernel CVE-2014-3185, CVE-2015-5157, CVE-2022-2585, CVE-2022-2586, CVE-2022-2588,CVE-2022-2602, CVE-2023-5090, CVE-2023-5633, CVE-2023-6040, CVE-2023-6200, CVE-2023-6560, CVE-2023-35827, CVE-2023-46838, CVE-2023-52429, CVE-2023-50431, CVE-2023-52434, CVE-2023-52435, CVE-2024-0340, CVE-2024-0562, CVE-2024-0646, CVE-2024-0775, CVE-2024-1086, CVE-2024-23849, CVE-2024-23850, CVE-2024-23851
Upgrade ansible to 2.14.4 fix CVE-2024-0690
Upgrade ca-certificates Msft cert change
Upgrade emacs to 29.3 to fix CVE-2024-30202, CVE-2024-30204, CVE-2024-30205
Upgrade expat to 2.6.2 CVE-2023-52425 and CVE-2024-28757
Upgrade helm to 3.14.2 CVE-2024-26147
Upgrade libreswan to 4.14
Upgrade msft-golang to 1.21.8 to fix CVEs
Upgrade nmi to 1.8.17 CVE-2022-41717, CVE-2022-23551
Upgrade node-problem-detector to version v0.8.17 and patch CVE-2024-24786
Upgrade python to 3.9.19: address CVE-2023-6597 and other security concerns
Upgrade zstd to 1.5.4 CVE-2022-4899
Upgrade etcd to version 3.5.12.
Patch gnutls to fix CVE-2024-0567
Patch telegraf for CVE-2024-27304 and CVE-2024-28110

Kata: Release v3.2.0.azl0 for both vanilla and CC based on aligned sources
Kata: upgrade kernel-uvm and kata-conatainers-cc for LSG release v2402.26.1

Assets 2