2.0.20240425
Add configurability in systemd to control default value of UseDomains parameter
Add image-id file in etc dir to support off-cycle container and image upgrades
Bump golang.org/x/net from 0.18.0 to 0.23.0 in /toolkit/tools
Cherry-pick delta for Overlay Dracut Module from 3.0-dev to main.
Downgrade cloud-init to 23.3 via epoch. (New version is 1:23.3-2)
Enable CONFIG_NFT_OBJREF
Fix CVE-2024-22189 in coredns by patching vendored package quic-go
Fix CVE-2024-28085 in util-linux by backporting the patch
Fix extended build breaks for libotr, gupnp, samba
Fix openssl unconstrained session cache growth in TLSv1.3
Fix the date in logs
Fixed setting of the ToolkitVersion
variable for our Go tools.
Moved distroless cert dependencies out of the meta package distroless-packages
.
Patch Perl for CVE-2023-47100, CVE-2023-31484, CVE-2023-31486
Patch cri-o to fix CVE-2021-3602, CVE-2022-27651, CVE-2022-2995, CVE-2023-42821
Patch cups for CVE-2023-4504, CVE-2023-32324 and CVE-2023-34241
Patch kubernetes for CVE-2023-5408
Patch less for cve-2024-32487
Patch libreswan for cve-2024-3652
Patch libvirt for CVE-2024-2494
Patch nodejs to fix CVE-2024-27983
Patch pytorch for CVE-2024-27319, CVE-2024-31580 CVE-2024-31583
Patch ruby for CVE-2024-27280 and CVE-2024-27281
Patch terraform for CVE-2024-3817 vendored go-getter
Remove Kernel Required Configs Check
Remove nodejs(16) as it's End of Life
Remove obsolete build dependency from moby-containerd-cc
Update selinux-policy to add checkpoint restore for getty.
Update sos to copy kernel config and vmcore
Upgrade ca-certificates Msft cert change
Upgrade conmon to 2.1.2 to fix CVE-2022-1708
Upgrade cri-o to 1.21.7 for CVE-2022-0811, add patch for CVE-2022-1708
Upgrade dhcp to 4.4.3 to fix CVE-2022-2928 and CVE-2022-2929
Upgrade fluent-bit to 2.2.2 to fix CVE-2024-23722
Upgrade git-lfs from 3.4.1 -> 3.5.1 to address CVE-2023-39325 & CVE-2023-45288
Upgrade git-lfs to 3.4.1 to fix multiple CVEs
Upgrade moby-engine & moby-cli from 20.10.27 -> 24.0.9
Upgrade msft-golang from 1.21.8 -> 1.22.2
Upgrade opa to 0.63.0 to fix CVE-2023-45142
Upgrade packer to 1.10.1 to address CVE-2023-49569
Upgrade skopeo from 0.14.1 -> 0.14.2 to include Docker Daemon fix
Upgrade telegraf to 1.29.4 to fix CVE-2023-50658
[kata-cc] kata-packages-uvm: add cifs-utils as dependency
[kata-cc] kernel-uvm: enable CIFS modules