Skip to content

2.0.20240223
Compare
Choose a tag to compare
@jslobodzian jslobodzian released this 25 Feb 01:38
· 416 commits to 2.0 since this release
2.0.20240223-2.0
fdfae9c

Add cleanup script to base images
Add container images source files to 2.0
Add dracut sub-package overlayfs.
Add epoch to libdwarf spec to fix versioning order
Add memcached container files
Add missing commit subject to patch 27 for kernel-hci
Add mysql user with package install
Add package nss-mdns v0.15.1
Add patch for azure-iot-sdk-c CVE-2024-21646
Add shadow-utils as a hard dependency for mysql package
Add sshkeys to user config
Add support for multiple cache inputs
Add upstream patch to kubevirt to force hp-volume- pod to respect blockdevices (IcM 467224770)
Added a cross-compilation subpackage for aarch64 into gcc.
Added cross-compilation binutils and kernel-headers.
Added initial doc about reading error logs.
Allow dracut info logs to be visible for baremetal base image
Backport Nvidia net/mlx5 patches to support 100G BOM in kernel-hci
Bump golang.org/x/crypto from 0.15.0 to 0.17.0 in /toolkit/tools
Enable Broadcom MPI3 Storage Controller Device Driver
Enable CONFIG_X86_IOPL_IOPERM
Fix a bug if condition to not skip processing sshkeys when sshkeypaths is empty
Fix cloud-init's ptest by by pinning pyest to 8.0.0
Fix mariadb install post script
Fix missing nobody user/group for nfs squash
Fix pytest version for python-virtualenv
Fix python urllib3 test
Fix runtime dependency for python3-virtualenv
Fix the change logs to keep correct published order
Fixed cloud-init tests.
Fixed merge leftovers in a coredns patch.
Image Customizer: Ensure ext4 formatting is consistent across build hosts
Image Customizer: Fix special directories and partition customization.
Image Customizer: Make either one of split partitions format and output image format required
Image Customizer: Use safeloopback.Loopback instead of ImageConnection for split partitions
Image Customizer: remove adduser-config.yaml file as it contains password field
Improved toolkit download handling (Specialcased 5XX errors during package downloads.
Introduce Rust virtiofsd package
Kata-CC: Enforce a restrictive pod security policy
Kata-CC: Upgrade to 0.6.3
Kata-cc: remove kernel-uvm-cvm references
Making GitHub Actions' permissions explicit.
Move hiera from Extended to Core
Patch CVE-2021-44716 in jx, cf-cli, keda, csi-driver-lvm, moby-cli,kube-vip-cloud-provider, node-problem-detector,git-lfs, local-path-provisioner, prometheus-node-exporter, rook, cri-tools, flannel, libcontainers-common, application-gateway-kubernetes-ingress
Patch CVE-2022-21698 in application-gateway-kubernetes-ingress, node-problem-detector, moby-buildx, moby-cli, moby-engine, nmi, local-path-provisioner, rook, prometheus-node-exporter, prometheus-process-exporter, kube-vip-cloud-provider
Patch CVE-2022-21698 in keda
Patch CVE-2023-44487 in jx, nginx, cf-cli, moby-containerd-cc, kubevirt, prometheus-node-exporter, keda, git-lfs, vitess, local-path-provisioner
Patch CVE-2023-50711 in cloud-hypervisor
Patch CVE-2024-21626 by patching vendored runc in kubernetes, kubevirt, cri-tools
Patch moby-engine CVEs: 2024-23651 and 2024-23652.
Patch coredns CVE-2023-44487 by patching vendor tar
Patch cve-2022-21698 in kube-vip-cloud-provider
Patch cve-2022-21698 in local-path-provisioner
Patch erlang for CVE-2023-48795
Patch openssl with null checks against ContentInfo
Patch python-jinja2 for CVE-2024-22195
Patch vendored go module quic-go for package coredns to address CVE-2023-49295
Patched CVE-2021-38593 in qt5-qtbase.
Remove /etc/host.conf from filesystem
Remove spec and references of kernel-uvm-cvm
Removed extra double quote in the toolkit.
Set ownership of virtiofsd package to Kata team
Shift user/group creation earlier in image build for rootfs image types
Sort, reorder and color build summary output
Split failing and passing tests in the summary.
Update dracut to allow supressing user confirmation prompt when the liveos overlay is backed by memory.
Upgrade golang to version 1.20.10 -> 1.21.6
Upgrade ca-certificates Msft cert change
Upgrade cloud-init to v23.4.1 and add patch to retain exit code for recoverable errors
Upgrade helm to version 3.13.2 -> 3.14.0 to address CVE-2023-44487
Upgrade kernel to 5.15.148.2 to CVE-2014-0069, CVE-2013-6381, CVE-2022-48619, CVE-2023-6531, CVE-2023-6546, CVE-2023-6622, CVE-2023-6817, CVE-2023-6915, CVE-2023-7192, CVE-2023-6931, CVE-2023-6932, CVE-2023-46343, CVE-2023-46862, CVE-2023-51042, CVE-2023-51043, CVE-2023-51780, CVE-2023-51781, CVE-2023-51782, CVE-2024-0607, CVE-2024-0639, CVE-2024-0641, CVE-2024-22705
Upgrade kernel-mos to 5.15.148.1
Upgrade lz4 to 1.9.4-1 to fix CVE-2021-3520
Upgrade msft-golang to version 1.20.11 -> 1.21.6
Upgrade sos to 4.6.1
Upgrade sriov-network-device-pluginfrom from 3.5.1 to 3.6.2
Upgrade tzdata to 2024a upgrade to version 2024a
Upgrade version skopeo from 1.13.3 -> 1.14.1 to address GHSA-jq35-85cj-fj4p
Upgrade NVIDIA/CUDA Driver to 535.129.03
Use main kernel for baremetal base image

Assets 2
Loading