https://www.flatcar.org/Flatcar :: lts2024-03-20T12:53:28.353355+00:00Flatcar Container Linuxhello@kinvolk.iopython-feedgenhttps://kinvolk.io/images/flatcar-logo.svgFlatcar Container Linux release feedhttps://github.com/flatcar/scripts/releases/tag/lts-3510.3.23510.3.22024-03-20T12:53:28.692096+00:00 _Changes since **LTS 3510.3.1**_<br> <br> #### Security fixes:<br> <br> - Linux ([CVE-2022-47940](https://nvd.nist.gov/vuln/detail/CVE-2022-47940), [CVE-2023-1193](https://nvd.nist.gov/vuln/detail/CVE-2023-1193), [CVE-2023-1194](https://nvd.nist.gov/vuln/detail/CVE-2023-1194), [CVE-2023-25775](https://nvd.nist.gov/vuln/detail/CVE-2023-25775), [CVE-2023-32247](https://nvd.nist.gov/vuln/detail/CVE-2023-32247), [CVE-2023-32250](https://nvd.nist.gov/vuln/detail/CVE-2023-32250), [CVE-2023-32252](https://nvd.nist.gov/vuln/detail/CVE-2023-32252), [CVE-2023-32254](https://nvd.nist.gov/vuln/detail/CVE-2023-32254), [CVE-2023-32257](https://nvd.nist.gov/vuln/detail/CVE-2023-32257), [CVE-2023-32258](https://nvd.nist.gov/vuln/detail/CVE-2023-32258), [CVE-2023-38427](https://nvd.nist.gov/vuln/detail/CVE-2023-38427), [CVE-2023-38430](https://nvd.nist.gov/vuln/detail/CVE-2023-38430), [CVE-2023-38431](https://nvd.nist.gov/vuln/detail/CVE-2023-38431), [CVE-2023-3867](https://nvd.nist.gov/vuln/detail/CVE-2023-3867), [CVE-2023-46343](https://nvd.nist.gov/vuln/detail/CVE-2023-46343), [CVE-2023-46813](https://nvd.nist.gov/vuln/detail/CVE-2023-46813), [CVE-2023-46838](https://nvd.nist.gov/vuln/detail/CVE-2023-46838), [CVE-2023-46862](https://nvd.nist.gov/vuln/detail/CVE-2023-46862), [CVE-2023-51779](https://nvd.nist.gov/vuln/detail/CVE-2023-51779), [CVE-2023-51780](https://nvd.nist.gov/vuln/detail/CVE-2023-51780), [CVE-2023-51781](https://nvd.nist.gov/vuln/detail/CVE-2023-51781), [CVE-2023-51782](https://nvd.nist.gov/vuln/detail/CVE-2023-51782), [CVE-2023-52340](https://nvd.nist.gov/vuln/detail/CVE-2023-52340), [CVE-2023-5717](https://nvd.nist.gov/vuln/detail/CVE-2023-5717), [CVE-2023-6040](https://nvd.nist.gov/vuln/detail/CVE-2023-6040), [CVE-2023-6121](https://nvd.nist.gov/vuln/detail/CVE-2023-6121), [CVE-2023-6606](https://nvd.nist.gov/vuln/detail/CVE-2023-6606), [CVE-2023-6622](https://nvd.nist.gov/vuln/detail/CVE-2023-6622), [CVE-2023-6817](https://nvd.nist.gov/vuln/detail/CVE-2023-6817), [CVE-2023-6915](https://nvd.nist.gov/vuln/detail/CVE-2023-6915), [CVE-2023-6931](https://nvd.nist.gov/vuln/detail/CVE-2023-6931), [CVE-2023-6932](https://nvd.nist.gov/vuln/detail/CVE-2023-6932), [CVE-2024-0584](https://nvd.nist.gov/vuln/detail/CVE-2024-0584), [CVE-2024-0607](https://nvd.nist.gov/vuln/detail/CVE-2024-0607), [CVE-2024-0646](https://nvd.nist.gov/vuln/detail/CVE-2024-0646), [CVE-2024-1085](https://nvd.nist.gov/vuln/detail/CVE-2024-1085), [CVE-2024-22705](https://nvd.nist.gov/vuln/detail/CVE-2024-22705))<br> - runc ([CVE-2024-21626](https://nvd.nist.gov/vuln/detail/CVE-2024-21626))<br> <br> #### Bug fixes:<br> <br> - Forwarded the proxy environment variables of `update-engine.service` to the postinstall script to support fetching OEM systemd-sysext payloads through a proxy ([Flatcar#1326](https://github.com/flatcar/Flatcar/issues/1326))<br> <br> #### Changes:<br> <br> - Added a `flatcar-update --oem-payloads <yes|no>` flag to skip providing OEM payloads, e.g., for downgrades ([init#114](https://github.com/flatcar/init/pull/114))<br> - Backported the OEM payload support to update-engine to avoid the fallback download path for clients on a restricted network and rather use the URLs passed from `flatcar-update -E` or with self-hosted Nebraska payloads ([Flatcar#1332](https://github.com/flatcar/Flatcar/issues/1332), [Flatcar#1326](https://github.com/flatcar/Flatcar/issues/1326))<br> - Brightbox: The regular OpenStack image should now be used, it includes Afterburn for instance metadata attributes<br> - OpenStack: An uncompressed image is provided for simpler import (since the images use qcow2 inline compression, there is no benefit in using the `.gz` or `.bz2` images)<br> <br> #### Updates:<br> <br>- Linux ([5.15.148](https://lwn.net/Articles/959514) (includes [5.15.147](https://lwn.net/Articles/958344), [5.15.146](https://lwn.net/Articles/957010), [5.15.145](https://lwn.net/Articles/956081), [5.15.144](https://lwn.net/Articles/955815), [5.15.143](https://lwn.net/Articles/954988/), [5.15.142](https://lwn.net/Articles/954114), [5.15.141](https://lwn.net/Articles/953649/), [5.15.140](https://lwn.net/Articles/953130), [5.15.139](https://lwn.net/Articles/952004), [5.15.138](https://lwn.net/Articles/950714), [5.15.137](https://lwn.net/Articles/948818)))<br>- ca-certificates ([3.97](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_97.html) (includes [3.96.1](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_96_1.html), [3.96](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_96.html), [3.95](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_95.html)))<br>- runc ([1.1.12](https://github.com/opencontainers/runc/releases/tag/v1.1.12))<br>Packages:<br>- containerd 1.6.16<br>- docker 20.10.23<br>- ignition 2.14.0<br>- kernel 5.15.148<br>- systemd 252<br><br>Architectures:<br>- amd64<br>- arm64<br>2024-02-14T04:35:42+00:00https://github.com/flatcar/scripts/releases/tag/lts-3510.3.13510.3.12024-03-20T12:53:28.684437+00:00_Changes since **LTS 3510.3.0**_<br> <br> #### Security fixes:<br> <br> - Linux ([CVE-2023-31085](https://nvd.nist.gov/vuln/detail/CVE-2023-31085), [CVE-2023-34324](https://nvd.nist.gov/vuln/detail/CVE-2023-34324), [CVE-2023-4244](https://nvd.nist.gov/vuln/detail/CVE-2023-4244), [CVE-2023-42754](https://nvd.nist.gov/vuln/detail/CVE-2023-42754), [CVE-2023-42755](https://nvd.nist.gov/vuln/detail/CVE-2023-42755), [CVE-2023-5197](https://nvd.nist.gov/vuln/detail/CVE-2023-5197))<br> - curl ([CVE-2023-38545](https://nvd.nist.gov/vuln/detail/CVE-2023-38545), [CVE-2023-38546](https://nvd.nist.gov/vuln/detail/CVE-2023-38546)) <br> <br> #### Bug fixes:<br> <br> - Disabled systemd-networkd's RoutesToDNS setting by default to fix provisioning failures observed in VMs with multiple network interfaces on Azure ([scripts#1206](https://github.com/flatcar/scripts/pull/1206))<br> - Triggered re-reading of partition table to fix adding partitions to the boot disk ([scripts#1202](https://github.com/flatcar/scripts/pull/1202))<br> <br> #### Changes:<br> <br> - To make Kubernetes work by default, `/usr/libexec/kubernetes/kubelet-plugins/volume/exec` is now a symlink to the writable folder `/var/kubernetes/kubelet-plugins/volume/exec` ([Flatcar#1193](https://github.com/flatcar/Flatcar/issues/1193))<br> <br> #### Updates:<br> <br> - Linux ([5.15.136](https://lwn.net/Articles/948297) (includes [5.15.135](https://lwn.net/Articles/947299), [5.15.134](https://lwn.net/Articles/946855), [5.15.133](https://lwn.net/Articles/945380)))<br> - ca-certificates ([3.94](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_94.html))<br>Packages:<br>- containerd 1.6.16<br>- docker 20.10.23<br>- ignition 2.14.0<br>- kernel 5.15.136<br>- systemd 252<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-10-25T08:41:08+00:00https://github.com/flatcar/scripts/releases/tag/lts-3510.3.03510.3.02024-03-20T12:53:28.679343+00:00_Changes since **Stable 3510.2.8**_<br> <br> #### Security fixes:<br> <br> - Linux ([CVE-2023-42752](https://nvd.nist.gov/vuln/detail/CVE-2023-42752), [CVE-2023-42753](https://nvd.nist.gov/vuln/detail/CVE-2023-42753), [CVE-2023-4623](https://nvd.nist.gov/vuln/detail/CVE-2023-4623), [CVE-2023-4921](https://nvd.nist.gov/vuln/detail/CVE-2023-4921))<br> <br> #### Bug fixes:<br> <br> <br> #### Changes:<br> <br> - Use qcow2 compressed format instead of additional compression layer in Qemu images ([Flatcar#1135](https://github.com/flatcar/Flatcar/issues/1135), [scripts#1132](https://github.com/flatcar/scripts/pull/1132))<br> <br> #### Updates:<br> <br> - Linux ([5.15.132](https://lwn.net/Articles/944877) (includes [5.15.131](https://lwn.net/Articles/943755), [5.15.130](https://lwn.net/Articles/943404)))<br><br><br>**Changes compared to LTS-2022 3033.3.17**<br><br> #### Security fixes:<br> <br> - Linux ([CVE-2019-15794](https://nvd.nist.gov/vuln/detail/CVE-2019-15794),[CVE-2020-16119](https://nvd.nist.gov/vuln/detail/CVE-2020-16119),[CVE-2020-24586](https://nvd.nist.gov/vuln/detail/CVE-2020-24586),[CVE-2020-24587](https://nvd.nist.gov/vuln/detail/CVE-2020-24587),[CVE-2020-24588](https://nvd.nist.gov/vuln/detail/CVE-2020-24588),[CVE-2020-25639](https://nvd.nist.gov/vuln/detail/CVE-2020-25639),[CVE-2020-25670](https://nvd.nist.gov/vuln/detail/CVE-2020-25670),[CVE-2020-25671](https://nvd.nist.gov/vuln/detail/CVE-2020-25671),[CVE-2020-25672](https://nvd.nist.gov/vuln/detail/CVE-2020-25672),[CVE-2020-25673](https://nvd.nist.gov/vuln/detail/CVE-2020-25673),[CVE-2020-26139](https://nvd.nist.gov/vuln/detail/CVE-2020-26139),[CVE-2020-26141](https://nvd.nist.gov/vuln/detail/CVE-2020-26141),[CVE-2020-26145](https://nvd.nist.gov/vuln/detail/CVE-2020-26145),[CVE-2020-26147](https://nvd.nist.gov/vuln/detail/CVE-2020-26147),[CVE-2020-26541](https://nvd.nist.gov/vuln/detail/CVE-2020-26541),[CVE-2020-26555](https://nvd.nist.gov/vuln/detail/CVE-2020-26555),[CVE-2020-26558](https://nvd.nist.gov/vuln/detail/CVE-2020-26558),[CVE-2020-27170](https://nvd.nist.gov/vuln/detail/CVE-2020-27170),[CVE-2020-27171](https://nvd.nist.gov/vuln/detail/CVE-2020-27171),[CVE-2020-27820](https://nvd.nist.gov/vuln/detail/CVE-2020-27820),[CVE-2020-36516](https://nvd.nist.gov/vuln/detail/CVE-2020-36516),[CVE-2021-0129](https://nvd.nist.gov/vuln/detail/CVE-2021-0129),[CVE-2021-0512](https://nvd.nist.gov/vuln/detail/CVE-2021-0512),[CVE-2021-0920](https://nvd.nist.gov/vuln/detail/CVE-2021-0920),[CVE-2021-0937](https://nvd.nist.gov/vuln/detail/CVE-2021-0937),[CVE-2021-0941](https://nvd.nist.gov/vuln/detail/CVE-2021-0941),[CVE-2021-20320](https://nvd.nist.gov/vuln/detail/CVE-2021-20320),[CVE-2021-20321](https://nvd.nist.gov/vuln/detail/CVE-2021-20321),[CVE-2021-20322](https://nvd.nist.gov/vuln/detail/CVE-2021-20322),[CVE-2021-22543](https://nvd.nist.gov/vuln/detail/CVE-2021-22543),[CVE-2021-22555](https://nvd.nist.gov/vuln/detail/CVE-2021-22555),[CVE-2021-22600](https://nvd.nist.gov/vuln/detail/CVE-2021-22600),[CVE-2021-23133](https://nvd.nist.gov/vuln/detail/CVE-2021-23133),[CVE-2021-23134](https://nvd.nist.gov/vuln/detail/CVE-2021-23134),[CVE-2021-26401](https://nvd.nist.gov/vuln/detail/CVE-2021-26401),[CVE-2021-26930](https://nvd.nist.gov/vuln/detail/CVE-2021-26930),[CVE-2021-26931](https://nvd.nist.gov/vuln/detail/CVE-2021-26931),[CVE-2021-26932](https://nvd.nist.gov/vuln/detail/CVE-2021-26932),[CVE-2021-27363](https://nvd.nist.gov/vuln/detail/CVE-2021-27363),[CVE-2021-27364](https://nvd.nist.gov/vuln/detail/CVE-2021-27364),[CVE-2021-27365](https://nvd.nist.gov/vuln/detail/CVE-2021-27365),[CVE-2021-28038](https://nvd.nist.gov/vuln/detail/CVE-2021-28038),[CVE-2021-28039](https://nvd.nist.gov/vuln/detail/CVE-2021-28039),[CVE-2021-28375](https://nvd.nist.gov/vuln/detail/CVE-2021-28375),[CVE-2021-28660](https://nvd.nist.gov/vuln/detail/CVE-2021-28660),[CVE-2021-28688](https://nvd.nist.gov/vuln/detail/CVE-2021-28688),[CVE-2021-28691](https://nvd.nist.gov/vuln/detail/CVE-2021-28691),[CVE-2021-28711](https://nvd.nist.gov/vuln/detail/CVE-2021-28711),[CVE-2021-28712](https://nvd.nist.gov/vuln/detail/CVE-2021-28712),[CVE-2021-28713](https://nvd.nist.gov/vuln/detail/CVE-2021-28713),[CVE-2021-28714](https://nvd.nist.gov/vuln/detail/CVE-2021-28714),[CVE-2021-28715](https://nvd.nist.gov/vuln/detail/CVE-2021-28715),[CVE-2021-28950](https://nvd.nist.gov/vuln/detail/CVE-2021-28950),[CVE-2021-28951](https://nvd.nist.gov/vuln/detail/CVE-2021-28951),[CVE-2021-28952](https://nvd.nist.gov/vuln/detail/CVE-2021-28952),[CVE-2021-28964](https://nvd.nist.gov/vuln/detail/CVE-2021-28964),[CVE-2021-28971](https://nvd.nist.gov/vuln/detail/CVE-2021-28971),[CVE-2021-28972](https://nvd.nist.gov/vuln/detail/CVE-2021-28972),[CVE-2021-29154](https://nvd.nist.gov/vuln/detail/CVE-2021-29154),[CVE-2021-29155](https://nvd.nist.gov/vuln/detail/CVE-2021-29155),[CVE-2021-29264](https://nvd.nist.gov/vuln/detail/CVE-2021-29264),[CVE-2021-29265](https://nvd.nist.gov/vuln/detail/CVE-2021-29265),[CVE-2021-29266](https://nvd.nist.gov/vuln/detail/CVE-2021-29266),[CVE-2021-29646](https://nvd.nist.gov/vuln/detail/CVE-2021-29646),[CVE-2021-29647](https://nvd.nist.gov/vuln/detail/CVE-2021-29647),[CVE-2021-29648](https://nvd.nist.gov/vuln/detail/CVE-2021-29648),[CVE-2021-29649](https://nvd.nist.gov/vuln/detail/CVE-2021-29649),[CVE-2021-29650](https://nvd.nist.gov/vuln/detail/CVE-2021-29650),[CVE-2021-29657](https://nvd.nist.gov/vuln/detail/CVE-2021-29657),[CVE-2021-30002](https://nvd.nist.gov/vuln/detail/CVE-2021-30002),[CVE-2021-31440](https://nvd.nist.gov/vuln/detail/CVE-2021-31440),[CVE-2021-31829](https://nvd.nist.gov/vuln/detail/CVE-2021-31829),[CVE-2021-31916](https://nvd.nist.gov/vuln/detail/CVE-2021-31916),[CVE-2021-32399](https://nvd.nist.gov/vuln/detail/CVE-2021-32399),[CVE-2021-32606](https://nvd.nist.gov/vuln/detail/CVE-2021-32606),[CVE-2021-33033](https://nvd.nist.gov/vuln/detail/CVE-2021-33033),[CVE-2021-33034](https://nvd.nist.gov/vuln/detail/CVE-2021-33034),[CVE-2021-33098](https://nvd.nist.gov/vuln/detail/CVE-2021-33098),[CVE-2021-33135](https://nvd.nist.gov/vuln/detail/CVE-2021-33135),[CVE-2021-33200](https://nvd.nist.gov/vuln/detail/CVE-2021-33200),[CVE-2021-33624](https://nvd.nist.gov/vuln/detail/CVE-2021-33624),[CVE-2021-33655](https://nvd.nist.gov/vuln/detail/CVE-2021-33655),[CVE-2021-33909](https://nvd.nist.gov/vuln/detail/CVE-2021-33909),[CVE-2021-3444](https://nvd.nist.gov/vuln/detail/CVE-2021-3444),[CVE-2021-34556](https://nvd.nist.gov/vuln/detail/CVE-2021-34556),[CVE-2021-34693](https://nvd.nist.gov/vuln/detail/CVE-2021-34693),[CVE-2021-3483](https://nvd.nist.gov/vuln/detail/CVE-2021-3483),[CVE-2021-34866](https://nvd.nist.gov/vuln/detail/CVE-2021-34866),[CVE-2021-3489](https://nvd.nist.gov/vuln/detail/CVE-2021-3489),[CVE-2021-3490](https://nvd.nist.gov/vuln/detail/CVE-2021-3490),[CVE-2021-3491](https://nvd.nist.gov/vuln/detail/CVE-2021-3491),[CVE-2021-34981](https://nvd.nist.gov/vuln/detail/CVE-2021-34981),[CVE-2021-3501](https://nvd.nist.gov/vuln/detail/CVE-2021-3501),[CVE-2021-35039](https://nvd.nist.gov/vuln/detail/CVE-2021-35039),[CVE-2021-3506](https://nvd.nist.gov/vuln/detail/CVE-2021-3506),[CVE-2021-3543](https://nvd.nist.gov/vuln/detail/CVE-2021-3543),[CVE-2021-35477](https://nvd.nist.gov/vuln/detail/CVE-2021-35477),[CVE-2021-3564](https://nvd.nist.gov/vuln/detail/CVE-2021-3564),[CVE-2021-3573](https://nvd.nist.gov/vuln/detail/CVE-2021-3573),[CVE-2021-3600](https://nvd.nist.gov/vuln/detail/CVE-2021-3600),[CVE-2021-3609](https://nvd.nist.gov/vuln/detail/CVE-2021-3609),[CVE-2021-3612](https://nvd.nist.gov/vuln/detail/CVE-2021-3612),[CVE-2021-3640](https://nvd.nist.gov/vuln/detail/CVE-2021-3640),[CVE-2021-3653](https://nvd.nist.gov/vuln/detail/CVE-2021-3653),[CVE-2021-3655](https://nvd.nist.gov/vuln/detail/CVE-2021-3655),[CVE-2021-3656](https://nvd.nist.gov/vuln/detail/CVE-2021-3656),[CVE-2021-3659](https://nvd.nist.gov/vuln/detail/CVE-2021-3659),[CVE-2021-3679](https://nvd.nist.gov/vuln/detail/CVE-2021-3679),[CVE-2021-37159](https://nvd.nist.gov/vuln/detail/CVE-2021-37159),[CVE-2021-3732](https://nvd.nist.gov/vuln/detail/CVE-2021-3732),[CVE-2021-3736](https://nvd.nist.gov/vuln/detail/CVE-2021-3736),[CVE-2021-3739](https://nvd.nist.gov/vuln/detail/CVE-2021-3739),[CVE-2021-3743](https://nvd.nist.gov/vuln/detail/CVE-2021-3743),[CVE-2021-3744](https://nvd.nist.gov/vuln/detail/CVE-2021-3744),[CVE-2021-3752](https://nvd.nist.gov/vuln/detail/CVE-2021-3752),[CVE-2021-3753](https://nvd.nist.gov/vuln/detail/CVE-2021-3753),[CVE-2021-37576](https://nvd.nist.gov/vuln/detail/CVE-2021-37576),[CVE-2021-3760](https://nvd.nist.gov/vuln/detail/CVE-2021-3760),[CVE-2021-3764](https://nvd.nist.gov/vuln/detail/CVE-2021-3764),[CVE-2021-3772](https://nvd.nist.gov/vuln/detail/CVE-2021-3772),[CVE-2021-38166](https://nvd.nist.gov/vuln/detail/CVE-2021-38166),[CVE-2021-38198](https://nvd.nist.gov/vuln/detail/CVE-2021-38198),[CVE-2021-38199](https://nvd.nist.gov/vuln/detail/CVE-2021-38199),[CVE-2021-38200](https://nvd.nist.gov/vuln/detail/CVE-2021-38200),[CVE-2021-38201](https://nvd.nist.gov/vuln/detail/CVE-2021-38201),[CVE-2021-38202](https://nvd.nist.gov/vuln/detail/CVE-2021-38202),[CVE-2021-38203](https://nvd.nist.gov/vuln/detail/CVE-2021-38203),[CVE-2021-38204](https://nvd.nist.gov/vuln/detail/CVE-2021-38204),[CVE-2021-38205](https://nvd.nist.gov/vuln/detail/CVE-2021-38205),[CVE-2021-38206](https://nvd.nist.gov/vuln/detail/CVE-2021-38206),[CVE-2021-38207](https://nvd.nist.gov/vuln/detail/CVE-2021-38207),[CVE-2021-38208](https://nvd.nist.gov/vuln/detail/CVE-2021-38208),[CVE-2021-38209](https://nvd.nist.gov/vuln/detail/CVE-2021-38209),[CVE-2021-38300](https://nvd.nist.gov/vuln/detail/CVE-2021-38300),[CVE-2021-3923](https://nvd.nist.gov/vuln/detail/CVE-2021-3923),[CVE-2021-39633](https://nvd.nist.gov/vuln/detail/CVE-2021-39633),[CVE-2021-39656](https://nvd.nist.gov/vuln/detail/CVE-2021-39656),[CVE-2021-39685](https://nvd.nist.gov/vuln/detail/CVE-2021-39685),[CVE-2021-39686](https://nvd.nist.gov/vuln/detail/CVE-2021-39686),[CVE-2021-39698](https://nvd.nist.gov/vuln/detail/CVE-2021-39698),[CVE-2021-4001](https://nvd.nist.gov/vuln/detail/CVE-2021-4001),[CVE-2021-4002](https://nvd.nist.gov/vuln/detail/CVE-2021-4002),[CVE-2021-4028](https://nvd.nist.gov/vuln/detail/CVE-2021-4028),[CVE-2021-40490](https://nvd.nist.gov/vuln/detail/CVE-2021-40490),[CVE-2021-4083](https://nvd.nist.gov/vuln/detail/CVE-2021-4083),[CVE-2021-4090](https://nvd.nist.gov/vuln/detail/CVE-2021-4090),[CVE-2021-4093](https://nvd.nist.gov/vuln/detail/CVE-2021-4093),[CVE-2021-41073](https://nvd.nist.gov/vuln/detail/CVE-2021-41073),[CVE-2021-4135](https://nvd.nist.gov/vuln/detail/CVE-2021-4135),[CVE-2021-4148](https://nvd.nist.gov/vuln/detail/CVE-2021-4148),[CVE-2021-4149](https://nvd.nist.gov/vuln/detail/CVE-2021-4149),[CVE-2021-4154](https://nvd.nist.gov/vuln/detail/CVE-2021-4154),[CVE-2021-4155](https://nvd.nist.gov/vuln/detail/CVE-2021-4155),[CVE-2021-4157](https://nvd.nist.gov/vuln/detail/CVE-2021-4157),[CVE-2021-41864](https://nvd.nist.gov/vuln/detail/CVE-2021-41864),[CVE-2021-4197](https://nvd.nist.gov/vuln/detail/CVE-2021-4197),[CVE-2021-42008](https://nvd.nist.gov/vuln/detail/CVE-2021-42008),[CVE-2021-4202](https://nvd.nist.gov/vuln/detail/CVE-2021-4202),[CVE-2021-4203](https://nvd.nist.gov/vuln/detail/CVE-2021-4203),[CVE-2021-42252](https://nvd.nist.gov/vuln/detail/CVE-2021-42252),[CVE-2021-42327](https://nvd.nist.gov/vuln/detail/CVE-2021-42327),[CVE-2021-42739](https://nvd.nist.gov/vuln/detail/CVE-2021-42739),[CVE-2021-43056](https://nvd.nist.gov/vuln/detail/CVE-2021-43056),[CVE-2021-43057](https://nvd.nist.gov/vuln/detail/CVE-2021-43057),[CVE-2021-43267](https://nvd.nist.gov/vuln/detail/CVE-2021-43267),[CVE-2021-43389](https://nvd.nist.gov/vuln/detail/CVE-2021-43389),[CVE-2021-43975](https://nvd.nist.gov/vuln/detail/CVE-2021-43975),[CVE-2021-43976](https://nvd.nist.gov/vuln/detail/CVE-2021-43976),[CVE-2021-44733](https://nvd.nist.gov/vuln/detail/CVE-2021-44733),[CVE-2021-44879](https://nvd.nist.gov/vuln/detail/CVE-2021-44879),[CVE-2021-45095](https://nvd.nist.gov/vuln/detail/CVE-2021-45095),[CVE-2021-45100](https://nvd.nist.gov/vuln/detail/CVE-2021-45100),[CVE-2021-45402](https://nvd.nist.gov/vuln/detail/CVE-2021-45402),[CVE-2021-45469](https://nvd.nist.gov/vuln/detail/CVE-2021-45469),[CVE-2021-45480](https://nvd.nist.gov/vuln/detail/CVE-2021-45480),[CVE-2021-45485](https://nvd.nist.gov/vuln/detail/CVE-2021-45485),[CVE-2021-45486](https://nvd.nist.gov/vuln/detail/CVE-2021-45486),[CVE-2021-45868](https://nvd.nist.gov/vuln/detail/CVE-2021-45868),[CVE-2021-46283](https://nvd.nist.gov/vuln/detail/CVE-2021-46283),[CVE-2022-0001](https://nvd.nist.gov/vuln/detail/CVE-2022-0001),[CVE-2022-0002](https://nvd.nist.gov/vuln/detail/CVE-2022-0002),[CVE-2022-0168](https://nvd.nist.gov/vuln/detail/CVE-2022-0168),[CVE-2022-0171](https://nvd.nist.gov/vuln/detail/CVE-2022-0171),[CVE-2022-0185](https://nvd.nist.gov/vuln/detail/CVE-2022-0185),[CVE-2022-0264](https://nvd.nist.gov/vuln/detail/CVE-2022-0264),[CVE-2022-0286](https://nvd.nist.gov/vuln/detail/CVE-2022-0286),[CVE-2022-0322](https://nvd.nist.gov/vuln/detail/CVE-2022-0322),[CVE-2022-0330](https://nvd.nist.gov/vuln/detail/CVE-2022-0330),[CVE-2022-0382](https://nvd.nist.gov/vuln/detail/CVE-2022-0382),[CVE-2022-0435](https://nvd.nist.gov/vuln/detail/CVE-2022-0435),[CVE-2022-0487](https://nvd.nist.gov/vuln/detail/CVE-2022-0487),[CVE-2022-0492](https://nvd.nist.gov/vuln/detail/CVE-2022-0492),[CVE-2022-0494](https://nvd.nist.gov/vuln/detail/CVE-2022-0494),[CVE-2022-0500](https://nvd.nist.gov/vuln/detail/CVE-2022-0500),[CVE-2022-0516](https://nvd.nist.gov/vuln/detail/CVE-2022-0516),[CVE-2022-0617](https://nvd.nist.gov/vuln/detail/CVE-2022-0617),[CVE-2022-0742](https://nvd.nist.gov/vuln/detail/CVE-2022-0742),[CVE-2022-0847](https://nvd.nist.gov/vuln/detail/CVE-2022-0847),[CVE-2022-0850](https://nvd.nist.gov/vuln/detail/CVE-2022-0850),[CVE-2022-0995](https://nvd.nist.gov/vuln/detail/CVE-2022-0995),[CVE-2022-1011](https://nvd.nist.gov/vuln/detail/CVE-2022-1011),[CVE-2022-1012](https://nvd.nist.gov/vuln/detail/CVE-2022-1012),[CVE-2022-1015](https://nvd.nist.gov/vuln/detail/CVE-2022-1015),[CVE-2022-1016](https://nvd.nist.gov/vuln/detail/CVE-2022-1016),[CVE-2022-1043](https://nvd.nist.gov/vuln/detail/CVE-2022-1043),[CVE-2022-1048](https://nvd.nist.gov/vuln/detail/CVE-2022-1048),[CVE-2022-1055](https://nvd.nist.gov/vuln/detail/CVE-2022-1055),[CVE-2022-1158](https://nvd.nist.gov/vuln/detail/CVE-2022-1158),[CVE-2022-1184](https://nvd.nist.gov/vuln/detail/CVE-2022-1184),[CVE-2022-1195](https://nvd.nist.gov/vuln/detail/CVE-2022-1195),[CVE-2022-1198](https://nvd.nist.gov/vuln/detail/CVE-2022-1198),[CVE-2022-1199](https://nvd.nist.gov/vuln/detail/CVE-2022-1199),[CVE-2022-1204](https://nvd.nist.gov/vuln/detail/CVE-2022-1204),[CVE-2022-1263](https://nvd.nist.gov/vuln/detail/CVE-2022-1263),[CVE-2022-1353](https://nvd.nist.gov/vuln/detail/CVE-2022-1353),[CVE-2022-1462](https://nvd.nist.gov/vuln/detail/CVE-2022-1462),[CVE-2022-1516](https://nvd.nist.gov/vuln/detail/CVE-2022-1516),[CVE-2022-1651](https://nvd.nist.gov/vuln/detail/CVE-2022-1651),[CVE-2022-1652](https://nvd.nist.gov/vuln/detail/CVE-2022-1652),[CVE-2022-1671](https://nvd.nist.gov/vuln/detail/CVE-2022-1671),[CVE-2022-1679](https://nvd.nist.gov/vuln/detail/CVE-2022-1679),[CVE-2022-1729](https://nvd.nist.gov/vuln/detail/CVE-2022-1729),[CVE-2022-1734](https://nvd.nist.gov/vuln/detail/CVE-2022-1734),[CVE-2022-1789](https://nvd.nist.gov/vuln/detail/CVE-2022-1789),[CVE-2022-1852](https://nvd.nist.gov/vuln/detail/CVE-2022-1852),[CVE-2022-1943](https://nvd.nist.gov/vuln/detail/CVE-2022-1943),[CVE-2022-1973](https://nvd.nist.gov/vuln/detail/CVE-2022-1973),[CVE-2022-1974](https://nvd.nist.gov/vuln/detail/CVE-2022-1974),[CVE-2022-1975](https://nvd.nist.gov/vuln/detail/CVE-2022-1975),[CVE-2022-1998](https://nvd.nist.gov/vuln/detail/CVE-2022-1998),[CVE-2022-20008](https://nvd.nist.gov/vuln/detail/CVE-2022-20008),[CVE-2022-20132](https://nvd.nist.gov/vuln/detail/CVE-2022-20132),[CVE-2022-20141](https://nvd.nist.gov/vuln/detail/CVE-2022-20141),[CVE-2022-20148](https://nvd.nist.gov/vuln/detail/CVE-2022-20148),[CVE-2022-20154](https://nvd.nist.gov/vuln/detail/CVE-2022-20154),[CVE-2022-20158](https://nvd.nist.gov/vuln/detail/CVE-2022-20158),[CVE-2022-20368](https://nvd.nist.gov/vuln/detail/CVE-2022-20368),[CVE-2022-20369](https://nvd.nist.gov/vuln/detail/CVE-2022-20369),[CVE-2022-20421](https://nvd.nist.gov/vuln/detail/CVE-2022-20421),[CVE-2022-20422](https://nvd.nist.gov/vuln/detail/CVE-2022-20422),[CVE-2022-20566](https://nvd.nist.gov/vuln/detail/CVE-2022-20566),[CVE-2022-20572](https://nvd.nist.gov/vuln/detail/CVE-2022-20572),[CVE-2022-2078](https://nvd.nist.gov/vuln/detail/CVE-2022-2078),[CVE-2022-21123](https://nvd.nist.gov/vuln/detail/CVE-2022-21123),[CVE-2022-21125](https://nvd.nist.gov/vuln/detail/CVE-2022-21125),[CVE-2022-21166](https://nvd.nist.gov/vuln/detail/CVE-2022-21166),[CVE-2022-21499](https://nvd.nist.gov/vuln/detail/CVE-2022-21499),[CVE-2022-21505](https://nvd.nist.gov/vuln/detail/CVE-2022-21505),[CVE-2022-2153](https://nvd.nist.gov/vuln/detail/CVE-2022-2153),[CVE-2022-2196](https://nvd.nist.gov/vuln/detail/CVE-2022-2196),[CVE-2022-22942](https://nvd.nist.gov/vuln/detail/CVE-2022-22942),[CVE-2022-23036](https://nvd.nist.gov/vuln/detail/CVE-2022-23036),[CVE-2022-23037](https://nvd.nist.gov/vuln/detail/CVE-2022-23037),[CVE-2022-23038](https://nvd.nist.gov/vuln/detail/CVE-2022-23038),[CVE-2022-23039](https://nvd.nist.gov/vuln/detail/CVE-2022-23039),[CVE-2022-23040](https://nvd.nist.gov/vuln/detail/CVE-2022-23040),[CVE-2022-23041](https://nvd.nist.gov/vuln/detail/CVE-2022-23041),[CVE-2022-23042](https://nvd.nist.gov/vuln/detail/CVE-2022-23042),[CVE-2022-2308](https://nvd.nist.gov/vuln/detail/CVE-2022-2308),[CVE-2022-2318](https://nvd.nist.gov/vuln/detail/CVE-2022-2318),[CVE-2022-23222](https://nvd.nist.gov/vuln/detail/CVE-2022-23222),[CVE-2022-2380](https://nvd.nist.gov/vuln/detail/CVE-2022-2380),[CVE-2022-23960](https://nvd.nist.gov/vuln/detail/CVE-2022-23960),[CVE-2022-24122](https://nvd.nist.gov/vuln/detail/CVE-2022-24122),[CVE-2022-24448](https://nvd.nist.gov/vuln/detail/CVE-2022-24448),[CVE-2022-24958](https://nvd.nist.gov/vuln/detail/CVE-2022-24958),[CVE-2022-24959](https://nvd.nist.gov/vuln/detail/CVE-2022-24959),[CVE-2022-2503](https://nvd.nist.gov/vuln/detail/CVE-2022-2503),[CVE-2022-25258](https://nvd.nist.gov/vuln/detail/CVE-2022-25258),[CVE-2022-25375](https://nvd.nist.gov/vuln/detail/CVE-2022-25375),[CVE-2022-25636](https://nvd.nist.gov/vuln/detail/CVE-2022-25636),[CVE-2022-2585](https://nvd.nist.gov/vuln/detail/CVE-2022-2585),[CVE-2022-2586](https://nvd.nist.gov/vuln/detail/CVE-2022-2586),[CVE-2022-2588](https://nvd.nist.gov/vuln/detail/CVE-2022-2588),[CVE-2022-2602](https://nvd.nist.gov/vuln/detail/CVE-2022-2602),[CVE-2022-26365](https://nvd.nist.gov/vuln/detail/CVE-2022-26365),[CVE-2022-26373](https://nvd.nist.gov/vuln/detail/CVE-2022-26373),[CVE-2022-2639](https://nvd.nist.gov/vuln/detail/CVE-2022-2639),[CVE-2022-26490](https://nvd.nist.gov/vuln/detail/CVE-2022-26490),[CVE-2022-2663](https://nvd.nist.gov/vuln/detail/CVE-2022-2663),[CVE-2022-26966](https://nvd.nist.gov/vuln/detail/CVE-2022-26966),[CVE-2022-27223](https://nvd.nist.gov/vuln/detail/CVE-2022-27223),[CVE-2022-27666](https://nvd.nist.gov/vuln/detail/CVE-2022-27666),[CVE-2022-27672](https://nvd.nist.gov/vuln/detail/CVE-2022-27672),[CVE-2022-27950](https://nvd.nist.gov/vuln/detail/CVE-2022-27950),[CVE-2022-28356](https://nvd.nist.gov/vuln/detail/CVE-2022-28356),[CVE-2022-28388](https://nvd.nist.gov/vuln/detail/CVE-2022-28388),[CVE-2022-28389](https://nvd.nist.gov/vuln/detail/CVE-2022-28389),[CVE-2022-28390](https://nvd.nist.gov/vuln/detail/CVE-2022-28390),[CVE-2022-2873](https://nvd.nist.gov/vuln/detail/CVE-2022-2873),[CVE-2022-28893](https://nvd.nist.gov/vuln/detail/CVE-2022-28893),[CVE-2022-2905](https://nvd.nist.gov/vuln/detail/CVE-2022-2905),[CVE-2022-29156](https://nvd.nist.gov/vuln/detail/CVE-2022-29156),[CVE-2022-2938](https://nvd.nist.gov/vuln/detail/CVE-2022-2938),[CVE-2022-29581](https://nvd.nist.gov/vuln/detail/CVE-2022-29581),[CVE-2022-29582](https://nvd.nist.gov/vuln/detail/CVE-2022-29582),[CVE-2022-2959](https://nvd.nist.gov/vuln/detail/CVE-2022-2959),[CVE-2022-2964](https://nvd.nist.gov/vuln/detail/CVE-2022-2964),[CVE-2022-2977](https://nvd.nist.gov/vuln/detail/CVE-2022-2977),[CVE-2022-2978](https://nvd.nist.gov/vuln/detail/CVE-2022-2978),[CVE-2022-29900](https://nvd.nist.gov/vuln/detail/CVE-2022-29900),[CVE-2022-29901](https://nvd.nist.gov/vuln/detail/CVE-2022-29901),[CVE-2022-3028](https://nvd.nist.gov/vuln/detail/CVE-2022-3028),[CVE-2022-30594](https://nvd.nist.gov/vuln/detail/CVE-2022-30594),[CVE-2022-3061](https://nvd.nist.gov/vuln/detail/CVE-2022-3061),[CVE-2022-3077](https://nvd.nist.gov/vuln/detail/CVE-2022-3077),[CVE-2022-3078](https://nvd.nist.gov/vuln/detail/CVE-2022-3078),[CVE-2022-3104](https://nvd.nist.gov/vuln/detail/CVE-2022-3104),[CVE-2022-3105](https://nvd.nist.gov/vuln/detail/CVE-2022-3105),[CVE-2022-3106](https://nvd.nist.gov/vuln/detail/CVE-2022-3106),[CVE-2022-3107](https://nvd.nist.gov/vuln/detail/CVE-2022-3107),[CVE-2022-3108](https://nvd.nist.gov/vuln/detail/CVE-2022-3108),[CVE-2022-3110](https://nvd.nist.gov/vuln/detail/CVE-2022-3110),[CVE-2022-3111](https://nvd.nist.gov/vuln/detail/CVE-2022-3111),[CVE-2022-3112](https://nvd.nist.gov/vuln/detail/CVE-2022-3112),[CVE-2022-3113](https://nvd.nist.gov/vuln/detail/CVE-2022-3113),[CVE-2022-3115](https://nvd.nist.gov/vuln/detail/CVE-2022-3115),[CVE-2022-3169](https://nvd.nist.gov/vuln/detail/CVE-2022-3169),[CVE-2022-3176](https://nvd.nist.gov/vuln/detail/CVE-2022-3176),[CVE-2022-3202](https://nvd.nist.gov/vuln/detail/CVE-2022-3202),[CVE-2022-32250](https://nvd.nist.gov/vuln/detail/CVE-2022-32250),[CVE-2022-32296](https://nvd.nist.gov/vuln/detail/CVE-2022-32296),[CVE-2022-3239](https://nvd.nist.gov/vuln/detail/CVE-2022-3239),[CVE-2022-32981](https://nvd.nist.gov/vuln/detail/CVE-2022-32981),[CVE-2022-3303](https://nvd.nist.gov/vuln/detail/CVE-2022-3303),[CVE-2022-3344](https://nvd.nist.gov/vuln/detail/CVE-2022-3344),[CVE-2022-33740](https://nvd.nist.gov/vuln/detail/CVE-2022-33740),[CVE-2022-33741](https://nvd.nist.gov/vuln/detail/CVE-2022-33741),[CVE-2022-33742](https://nvd.nist.gov/vuln/detail/CVE-2022-33742),[CVE-2022-33743](https://nvd.nist.gov/vuln/detail/CVE-2022-33743),[CVE-2022-33744](https://nvd.nist.gov/vuln/detail/CVE-2022-33744),[CVE-2022-33981](https://nvd.nist.gov/vuln/detail/CVE-2022-33981),[CVE-2022-3424](https://nvd.nist.gov/vuln/detail/CVE-2022-3424),[CVE-2022-34494](https://nvd.nist.gov/vuln/detail/CVE-2022-34494),[CVE-2022-34495](https://nvd.nist.gov/vuln/detail/CVE-2022-34495),[CVE-2022-34918](https://nvd.nist.gov/vuln/detail/CVE-2022-34918),[CVE-2022-3521](https://nvd.nist.gov/vuln/detail/CVE-2022-3521),[CVE-2022-3524](https://nvd.nist.gov/vuln/detail/CVE-2022-3524),[CVE-2022-3526](https://nvd.nist.gov/vuln/detail/CVE-2022-3526),[CVE-2022-3534](https://nvd.nist.gov/vuln/detail/CVE-2022-3534),[CVE-2022-3543](https://nvd.nist.gov/vuln/detail/CVE-2022-3543),[CVE-2022-3545](https://nvd.nist.gov/vuln/detail/CVE-2022-3545),[CVE-2022-3564](https://nvd.nist.gov/vuln/detail/CVE-2022-3564),[CVE-2022-3565](https://nvd.nist.gov/vuln/detail/CVE-2022-3565),[CVE-2022-3577](https://nvd.nist.gov/vuln/detail/CVE-2022-3577),[CVE-2022-3586](https://nvd.nist.gov/vuln/detail/CVE-2022-3586),[CVE-2022-3594](https://nvd.nist.gov/vuln/detail/CVE-2022-3594),[CVE-2022-36123](https://nvd.nist.gov/vuln/detail/CVE-2022-36123),[CVE-2022-3619](https://nvd.nist.gov/vuln/detail/CVE-2022-3619),[CVE-2022-3621](https://nvd.nist.gov/vuln/detail/CVE-2022-3621),[CVE-2022-3623](https://nvd.nist.gov/vuln/detail/CVE-2022-3623),[CVE-2022-3625](https://nvd.nist.gov/vuln/detail/CVE-2022-3625),[CVE-2022-3628](https://nvd.nist.gov/vuln/detail/CVE-2022-3628),[CVE-2022-36280](https://nvd.nist.gov/vuln/detail/CVE-2022-36280),[CVE-2022-3629](https://nvd.nist.gov/vuln/detail/CVE-2022-3629),[CVE-2022-3633](https://nvd.nist.gov/vuln/detail/CVE-2022-3633),[CVE-2022-3635](https://nvd.nist.gov/vuln/detail/CVE-2022-3635),[CVE-2022-3643](https://nvd.nist.gov/vuln/detail/CVE-2022-3643),[CVE-2022-3646](https://nvd.nist.gov/vuln/detail/CVE-2022-3646),[CVE-2022-3649](https://nvd.nist.gov/vuln/detail/CVE-2022-3649),[CVE-2022-36879](https://nvd.nist.gov/vuln/detail/CVE-2022-36879),[CVE-2022-36946](https://nvd.nist.gov/vuln/detail/CVE-2022-36946),[CVE-2022-3707](https://nvd.nist.gov/vuln/detail/CVE-2022-3707),[CVE-2022-39189](https://nvd.nist.gov/vuln/detail/CVE-2022-39189),[CVE-2022-39190](https://nvd.nist.gov/vuln/detail/CVE-2022-39190),[CVE-2022-40307](https://nvd.nist.gov/vuln/detail/CVE-2022-40307),[CVE-2022-40768](https://nvd.nist.gov/vuln/detail/CVE-2022-40768),[CVE-2022-4095](https://nvd.nist.gov/vuln/detail/CVE-2022-4095),[CVE-2022-40982](https://nvd.nist.gov/vuln/detail/CVE-2022-40982),[CVE-2022-41218](https://nvd.nist.gov/vuln/detail/CVE-2022-41218),[CVE-2022-41222](https://nvd.nist.gov/vuln/detail/CVE-2022-41222),[CVE-2022-4129](https://nvd.nist.gov/vuln/detail/CVE-2022-4129),[CVE-2022-41674](https://nvd.nist.gov/vuln/detail/CVE-2022-41674),[CVE-2022-41849](https://nvd.nist.gov/vuln/detail/CVE-2022-41849),[CVE-2022-41850](https://nvd.nist.gov/vuln/detail/CVE-2022-41850),[CVE-2022-41858](https://nvd.nist.gov/vuln/detail/CVE-2022-41858),[CVE-2022-42432](https://nvd.nist.gov/vuln/detail/CVE-2022-42432),[CVE-2022-4269](https://nvd.nist.gov/vuln/detail/CVE-2022-4269),[CVE-2022-42703](https://nvd.nist.gov/vuln/detail/CVE-2022-42703),[CVE-2022-42719](https://nvd.nist.gov/vuln/detail/CVE-2022-42719),[CVE-2022-42720](https://nvd.nist.gov/vuln/detail/CVE-2022-42720),[CVE-2022-42721](https://nvd.nist.gov/vuln/detail/CVE-2022-42721),[CVE-2022-42722](https://nvd.nist.gov/vuln/detail/CVE-2022-42722),[CVE-2022-42895](https://nvd.nist.gov/vuln/detail/CVE-2022-42895),[CVE-2022-42896](https://nvd.nist.gov/vuln/detail/CVE-2022-42896),[CVE-2022-43750](https://nvd.nist.gov/vuln/detail/CVE-2022-43750),[CVE-2022-4378](https://nvd.nist.gov/vuln/detail/CVE-2022-4378),[CVE-2022-4379](https://nvd.nist.gov/vuln/detail/CVE-2022-4379),[CVE-2022-4382](https://nvd.nist.gov/vuln/detail/CVE-2022-4382),[CVE-2022-43945](https://nvd.nist.gov/vuln/detail/CVE-2022-43945),[CVE-2022-45869](https://nvd.nist.gov/vuln/detail/CVE-2022-45869),[CVE-2022-45886](https://nvd.nist.gov/vuln/detail/CVE-2022-45886),[CVE-2022-45887](https://nvd.nist.gov/vuln/detail/CVE-2022-45887),[CVE-2022-45919](https://nvd.nist.gov/vuln/detail/CVE-2022-45919),[CVE-2022-45934](https://nvd.nist.gov/vuln/detail/CVE-2022-45934),[CVE-2022-4662](https://nvd.nist.gov/vuln/detail/CVE-2022-4662),[CVE-2022-4744](https://nvd.nist.gov/vuln/detail/CVE-2022-4744),[CVE-2022-47518](https://nvd.nist.gov/vuln/detail/CVE-2022-47518),[CVE-2022-47519](https://nvd.nist.gov/vuln/detail/CVE-2022-47519),[CVE-2022-47520](https://nvd.nist.gov/vuln/detail/CVE-2022-47520),[CVE-2022-47521](https://nvd.nist.gov/vuln/detail/CVE-2022-47521),[CVE-2022-47929](https://nvd.nist.gov/vuln/detail/CVE-2022-47929),[CVE-2022-47938](https://nvd.nist.gov/vuln/detail/CVE-2022-47938),[CVE-2022-47939](https://nvd.nist.gov/vuln/detail/CVE-2022-47939),[CVE-2022-47941](https://nvd.nist.gov/vuln/detail/CVE-2022-47941),[CVE-2022-47942](https://nvd.nist.gov/vuln/detail/CVE-2022-47942),[CVE-2022-47943](https://nvd.nist.gov/vuln/detail/CVE-2022-47943),[CVE-2022-4842](https://nvd.nist.gov/vuln/detail/CVE-2022-4842),[CVE-2022-48423](https://nvd.nist.gov/vuln/detail/CVE-2022-48423),[CVE-2022-48424](https://nvd.nist.gov/vuln/detail/CVE-2022-48424),[CVE-2022-48425](https://nvd.nist.gov/vuln/detail/CVE-2022-48425),[CVE-2022-48502](https://nvd.nist.gov/vuln/detail/CVE-2022-48502),[CVE-2023-0045](https://nvd.nist.gov/vuln/detail/CVE-2023-0045),[CVE-2023-0160](https://nvd.nist.gov/vuln/detail/CVE-2023-0160),[CVE-2023-0179](https://nvd.nist.gov/vuln/detail/CVE-2023-0179),[CVE-2023-0210](https://nvd.nist.gov/vuln/detail/CVE-2023-0210),[CVE-2023-0266](https://nvd.nist.gov/vuln/detail/CVE-2023-0266),[CVE-2023-0386](https://nvd.nist.gov/vuln/detail/CVE-2023-0386),[CVE-2023-0394](https://nvd.nist.gov/vuln/detail/CVE-2023-0394),[CVE-2023-0458](https://nvd.nist.gov/vuln/detail/CVE-2023-0458),[CVE-2023-0459](https://nvd.nist.gov/vuln/detail/CVE-2023-0459),[CVE-2023-0461](https://nvd.nist.gov/vuln/detail/CVE-2023-0461),[CVE-2023-0590](https://nvd.nist.gov/vuln/detail/CVE-2023-0590),[CVE-2023-0615](https://nvd.nist.gov/vuln/detail/CVE-2023-0615),[CVE-2023-1073](https://nvd.nist.gov/vuln/detail/CVE-2023-1073),[CVE-2023-1074](https://nvd.nist.gov/vuln/detail/CVE-2023-1074),[CVE-2023-1076](https://nvd.nist.gov/vuln/detail/CVE-2023-1076),[CVE-2023-1077](https://nvd.nist.gov/vuln/detail/CVE-2023-1077),[CVE-2023-1078](https://nvd.nist.gov/vuln/detail/CVE-2023-1078),[CVE-2023-1079](https://nvd.nist.gov/vuln/detail/CVE-2023-1079),[CVE-2023-1095](https://nvd.nist.gov/vuln/detail/CVE-2023-1095),[CVE-2023-1118](https://nvd.nist.gov/vuln/detail/CVE-2023-1118),[CVE-2023-1192](https://nvd.nist.gov/vuln/detail/CVE-2023-1192),[CVE-2023-1206](https://nvd.nist.gov/vuln/detail/CVE-2023-1206),[CVE-2023-1249](https://nvd.nist.gov/vuln/detail/CVE-2023-1249),[CVE-2023-1252](https://nvd.nist.gov/vuln/detail/CVE-2023-1252),[CVE-2023-1281](https://nvd.nist.gov/vuln/detail/CVE-2023-1281),[CVE-2023-1295](https://nvd.nist.gov/vuln/detail/CVE-2023-1295),[CVE-2023-1380](https://nvd.nist.gov/vuln/detail/CVE-2023-1380),[CVE-2023-1382](https://nvd.nist.gov/vuln/detail/CVE-2023-1382),[CVE-2023-1513](https://nvd.nist.gov/vuln/detail/CVE-2023-1513),[CVE-2023-1582](https://nvd.nist.gov/vuln/detail/CVE-2023-1582),[CVE-2023-1611](https://nvd.nist.gov/vuln/detail/CVE-2023-1611),[CVE-2023-1637](https://nvd.nist.gov/vuln/detail/CVE-2023-1637),[CVE-2023-1652](https://nvd.nist.gov/vuln/detail/CVE-2023-1652),[CVE-2023-1670](https://nvd.nist.gov/vuln/detail/CVE-2023-1670),[CVE-2023-1829](https://nvd.nist.gov/vuln/detail/CVE-2023-1829),[CVE-2023-1838](https://nvd.nist.gov/vuln/detail/CVE-2023-1838),[CVE-2023-1855](https://nvd.nist.gov/vuln/detail/CVE-2023-1855),[CVE-2023-1859](https://nvd.nist.gov/vuln/detail/CVE-2023-1859),[CVE-2023-1989](https://nvd.nist.gov/vuln/detail/CVE-2023-1989),[CVE-2023-1990](https://nvd.nist.gov/vuln/detail/CVE-2023-1990),[CVE-2023-2002](https://nvd.nist.gov/vuln/detail/CVE-2023-2002),[CVE-2023-2006](https://nvd.nist.gov/vuln/detail/CVE-2023-2006),[CVE-2023-2008](https://nvd.nist.gov/vuln/detail/CVE-2023-2008),[CVE-2023-2019](https://nvd.nist.gov/vuln/detail/CVE-2023-2019),[CVE-2023-20569](https://nvd.nist.gov/vuln/detail/CVE-2023-20569),[CVE-2023-20588](https://nvd.nist.gov/vuln/detail/CVE-2023-20588),[CVE-2023-20593](https://nvd.nist.gov/vuln/detail/CVE-2023-20593),[CVE-2023-20928](https://nvd.nist.gov/vuln/detail/CVE-2023-20928),[CVE-2023-21102](https://nvd.nist.gov/vuln/detail/CVE-2023-21102),[CVE-2023-2124](https://nvd.nist.gov/vuln/detail/CVE-2023-2124),[CVE-2023-2156](https://nvd.nist.gov/vuln/detail/CVE-2023-2156),[CVE-2023-2162](https://nvd.nist.gov/vuln/detail/CVE-2023-2162),[CVE-2023-2163](https://nvd.nist.gov/vuln/detail/CVE-2023-2163),[CVE-2023-2166](https://nvd.nist.gov/vuln/detail/CVE-2023-2166),[CVE-2023-2177](https://nvd.nist.gov/vuln/detail/CVE-2023-2177),[CVE-2023-2194](https://nvd.nist.gov/vuln/detail/CVE-2023-2194),[CVE-2023-2235](https://nvd.nist.gov/vuln/detail/CVE-2023-2235),[CVE-2023-2269](https://nvd.nist.gov/vuln/detail/CVE-2023-2269),[CVE-2023-22998](https://nvd.nist.gov/vuln/detail/CVE-2023-22998),[CVE-2023-22999](https://nvd.nist.gov/vuln/detail/CVE-2023-22999),[CVE-2023-23001](https://nvd.nist.gov/vuln/detail/CVE-2023-23001),[CVE-2023-23002](https://nvd.nist.gov/vuln/detail/CVE-2023-23002),[CVE-2023-23004](https://nvd.nist.gov/vuln/detail/CVE-2023-23004),[CVE-2023-23006](https://nvd.nist.gov/vuln/detail/CVE-2023-23006),[CVE-2023-23454](https://nvd.nist.gov/vuln/detail/CVE-2023-23454),[CVE-2023-23455](https://nvd.nist.gov/vuln/detail/CVE-2023-23455),[CVE-2023-23559](https://nvd.nist.gov/vuln/detail/CVE-2023-23559),[CVE-2023-25012](https://nvd.nist.gov/vuln/detail/CVE-2023-25012),[CVE-2023-2513](https://nvd.nist.gov/vuln/detail/CVE-2023-2513),[CVE-2023-26544](https://nvd.nist.gov/vuln/detail/CVE-2023-26544),[CVE-2023-26545](https://nvd.nist.gov/vuln/detail/CVE-2023-26545),[CVE-2023-26606](https://nvd.nist.gov/vuln/detail/CVE-2023-26606),[CVE-2023-26607](https://nvd.nist.gov/vuln/detail/CVE-2023-26607),[CVE-2023-28327](https://nvd.nist.gov/vuln/detail/CVE-2023-28327),[CVE-2023-28328](https://nvd.nist.gov/vuln/detail/CVE-2023-28328),[CVE-2023-28410](https://nvd.nist.gov/vuln/detail/CVE-2023-28410),[CVE-2023-28466](https://nvd.nist.gov/vuln/detail/CVE-2023-28466),[CVE-2023-2860](https://nvd.nist.gov/vuln/detail/CVE-2023-2860),[CVE-2023-28772](https://nvd.nist.gov/vuln/detail/CVE-2023-28772),[CVE-2023-2898](https://nvd.nist.gov/vuln/detail/CVE-2023-2898),[CVE-2023-2985](https://nvd.nist.gov/vuln/detail/CVE-2023-2985),[CVE-2023-3006](https://nvd.nist.gov/vuln/detail/CVE-2023-3006),[CVE-2023-30456](https://nvd.nist.gov/vuln/detail/CVE-2023-30456),[CVE-2023-30772](https://nvd.nist.gov/vuln/detail/CVE-2023-30772),[CVE-2023-3090](https://nvd.nist.gov/vuln/detail/CVE-2023-3090),[CVE-2023-3111](https://nvd.nist.gov/vuln/detail/CVE-2023-3111),[CVE-2023-31248](https://nvd.nist.gov/vuln/detail/CVE-2023-31248),[CVE-2023-3141](https://nvd.nist.gov/vuln/detail/CVE-2023-3141),[CVE-2023-31436](https://nvd.nist.gov/vuln/detail/CVE-2023-31436),[CVE-2023-3159](https://nvd.nist.gov/vuln/detail/CVE-2023-3159),[CVE-2023-3161](https://nvd.nist.gov/vuln/detail/CVE-2023-3161),[CVE-2023-3212](https://nvd.nist.gov/vuln/detail/CVE-2023-3212),[CVE-2023-3220](https://nvd.nist.gov/vuln/detail/CVE-2023-3220),[CVE-2023-32233](https://nvd.nist.gov/vuln/detail/CVE-2023-32233),[CVE-2023-32248](https://nvd.nist.gov/vuln/detail/CVE-2023-32248),[CVE-2023-32269](https://nvd.nist.gov/vuln/detail/CVE-2023-32269),[CVE-2023-3268](https://nvd.nist.gov/vuln/detail/CVE-2023-3268),[CVE-2023-33203](https://nvd.nist.gov/vuln/detail/CVE-2023-33203),[CVE-2023-33288](https://nvd.nist.gov/vuln/detail/CVE-2023-33288),[CVE-2023-3338](https://nvd.nist.gov/vuln/detail/CVE-2023-3338),[CVE-2023-3355](https://nvd.nist.gov/vuln/detail/CVE-2023-3355),[CVE-2023-3357](https://nvd.nist.gov/vuln/detail/CVE-2023-3357),[CVE-2023-3358](https://nvd.nist.gov/vuln/detail/CVE-2023-3358),[CVE-2023-3390](https://nvd.nist.gov/vuln/detail/CVE-2023-3390),[CVE-2023-35001](https://nvd.nist.gov/vuln/detail/CVE-2023-35001),[CVE-2023-3567](https://nvd.nist.gov/vuln/detail/CVE-2023-3567),[CVE-2023-35788](https://nvd.nist.gov/vuln/detail/CVE-2023-35788),[CVE-2023-35823](https://nvd.nist.gov/vuln/detail/CVE-2023-35823),[CVE-2023-35824](https://nvd.nist.gov/vuln/detail/CVE-2023-35824),[CVE-2023-35828](https://nvd.nist.gov/vuln/detail/CVE-2023-35828),[CVE-2023-35829](https://nvd.nist.gov/vuln/detail/CVE-2023-35829),[CVE-2023-3609](https://nvd.nist.gov/vuln/detail/CVE-2023-3609),[CVE-2023-3610](https://nvd.nist.gov/vuln/detail/CVE-2023-3610),[CVE-2023-3611](https://nvd.nist.gov/vuln/detail/CVE-2023-3611),[CVE-2023-3772](https://nvd.nist.gov/vuln/detail/CVE-2023-3772),[CVE-2023-3776](https://nvd.nist.gov/vuln/detail/CVE-2023-3776),[CVE-2023-3777](https://nvd.nist.gov/vuln/detail/CVE-2023-3777),[CVE-2023-3812](https://nvd.nist.gov/vuln/detail/CVE-2023-3812),[CVE-2023-38426](https://nvd.nist.gov/vuln/detail/CVE-2023-38426),[CVE-2023-38428](https://nvd.nist.gov/vuln/detail/CVE-2023-38428),[CVE-2023-38429](https://nvd.nist.gov/vuln/detail/CVE-2023-38429),[CVE-2023-38432](https://nvd.nist.gov/vuln/detail/CVE-2023-38432),[CVE-2023-3863](https://nvd.nist.gov/vuln/detail/CVE-2023-3863),[CVE-2023-3865](https://nvd.nist.gov/vuln/detail/CVE-2023-3865),[CVE-2023-3866](https://nvd.nist.gov/vuln/detail/CVE-2023-3866),[CVE-2023-4004](https://nvd.nist.gov/vuln/detail/CVE-2023-4004),[CVE-2023-4015](https://nvd.nist.gov/vuln/detail/CVE-2023-4015),[CVE-2023-40283](https://nvd.nist.gov/vuln/detail/CVE-2023-40283),[CVE-2023-4128](https://nvd.nist.gov/vuln/detail/CVE-2023-4128),[CVE-2023-4132](https://nvd.nist.gov/vuln/detail/CVE-2023-4132),[CVE-2023-4147](https://nvd.nist.gov/vuln/detail/CVE-2023-4147),[CVE-2023-4206](https://nvd.nist.gov/vuln/detail/CVE-2023-4206),[CVE-2023-4207](https://nvd.nist.gov/vuln/detail/CVE-2023-4207),[CVE-2023-4208](https://nvd.nist.gov/vuln/detail/CVE-2023-4208),[CVE-2023-4273](https://nvd.nist.gov/vuln/detail/CVE-2023-4273),[CVE-2023-42752](https://nvd.nist.gov/vuln/detail/CVE-2023-42752),[CVE-2023-42753](https://nvd.nist.gov/vuln/detail/CVE-2023-42753),[CVE-2023-42755](https://nvd.nist.gov/vuln/detail/CVE-2023-42755),[CVE-2023-4385](https://nvd.nist.gov/vuln/detail/CVE-2023-4385),[CVE-2023-4387](https://nvd.nist.gov/vuln/detail/CVE-2023-4387),[CVE-2023-4389](https://nvd.nist.gov/vuln/detail/CVE-2023-4389),[CVE-2023-4459](https://nvd.nist.gov/vuln/detail/CVE-2023-4459),[CVE-2023-4569](https://nvd.nist.gov/vuln/detail/CVE-2023-4569),[CVE-2023-4623](https://nvd.nist.gov/vuln/detail/CVE-2023-4623), [CVE-2023-4921](https://nvd.nist.gov/vuln/detail/CVE-2023-4921), [CVE-2022-40982](https://nvd.nist.gov/vuln/detail/CVE-2022-40982), [CVE-2022-41804](https://nvd.nist.gov/vuln/detail/CVE-2022-41804), [CVE-2023-20569](https://nvd.nist.gov/vuln/detail/CVE-2023-20569), [CVE-2023-23908](https://nvd.nist.gov/vuln/detail/CVE-2023-23908))<br> - Docker ([CVE-2022-36109](https://nvd.nist.gov/vuln/detail/CVE-2022-36109), [CVE-2022-29526](https://nvd.nist.gov/vuln/detail/CVE-2022-29526))<br> - Go ([CVE-2021-44716](https://nvd.nist.gov/vuln/detail/CVE-2021-44716), [CVE-2021-44717](https://nvd.nist.gov/vuln/detail/CVE-2021-44717), [CVE-2022-1705](https://nvd.nist.gov/vuln/detail/CVE-2022-1705), [CVE-2022-1962](https://nvd.nist.gov/vuln/detail/CVE-2022-1962), [CVE-2022-2879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879), [CVE-2022-2880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880), [CVE-2022-24675](https://nvd.nist.gov/vuln/detail/CVE-2022-24675), [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664), [CVE-2022-28131](https://nvd.nist.gov/vuln/detail/CVE-2022-28131), [CVE-2022-29526](https://nvd.nist.gov/vuln/detail/CVE-2022-29526), [CVE-2022-30630](https://nvd.nist.gov/vuln/detail/CVE-2022-30630), [CVE-2022-30631](https://nvd.nist.gov/vuln/detail/CVE-2022-30631), [CVE-2022-30632](https://nvd.nist.gov/vuln/detail/CVE-2022-30632), [CVE-2022-30633](https://nvd.nist.gov/vuln/detail/CVE-2022-30633), [CVE-2022-30635](https://nvd.nist.gov/vuln/detail/CVE-2022-30635), [CVE-2022-32148](https://nvd.nist.gov/vuln/detail/CVE-2022-32148), [CVE-2022-32189](https://nvd.nist.gov/vuln/detail/CVE-2022-32189), [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190), [CVE-2022-41715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715), [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717))<br> - bind tools ([CVE-2022-2795](https://nvd.nist.gov/vuln/detail/CVE-2022-2795), [CVE-2022-2881](https://nvd.nist.gov/vuln/detail/CVE-2022-2881), [CVE-2022-2906](https://nvd.nist.gov/vuln/detail/CVE-2022-2906), [CVE-2022-3080](https://nvd.nist.gov/vuln/detail/CVE-2022-3080), [CVE-2022-38177](https://nvd.nist.gov/vuln/detail/CVE-2022-38177), [CVE-2022-38178](https://nvd.nist.gov/vuln/detail/CVE-2022-38178))<br> - binutils ([CVE-2021-45078](https://nvd.nist.gov/vuln/detail/CVE-2021-45078))<br> - cifs-utils ([CVE-2021-20208](https://nvd.nist.gov/vuln/detail/CVE-2021-20208), [CVE-2022-27239](https://nvd.nist.gov/vuln/detail/CVE-2022-27239), [CVE-2022-29869](https://nvd.nist.gov/vuln/detail/CVE-2022-29869))<br> - containerd ([CVE-2021-43816](https://nvd.nist.gov/vuln/detail/CVE-2021-43816), [CVE-2022-23471](https://nvd.nist.gov/vuln/detail/CVE-2022-23471), [CVE-2022-23648](https://nvd.nist.gov/vuln/detail/CVE-2022-23648), [CVE-2022-24769](https://nvd.nist.gov/vuln/detail/CVE-2022-24769), [CVE-2022-31030](https://nvd.nist.gov/vuln/detail/CVE-2022-31030))<br> - cpio ([CVE-2021-38185](https://nvd.nist.gov/vuln/detail/CVE-2021-38185))<br> - cryptsetup ([CVE-2021-4122](https://nvd.nist.gov/vuln/detail/CVE-2021-4122)) <br> - curl ([CVE-2022-22576](https://nvd.nist.gov/vuln/detail/CVE-2022-22576), [CVE-2022-27774](https://nvd.nist.gov/vuln/detail/CVE-2022-27774), [CVE-2022-27775](https://nvd.nist.gov/vuln/detail/CVE-2022-27775), [CVE-2022-27776](https://nvd.nist.gov/vuln/detail/CVE-2022-27776), [CVE-2022-27778](https://nvd.nist.gov/vuln/detail/CVE-2022-27778), [CVE-2022-27779](https://nvd.nist.gov/vuln/detail/CVE-2022-27779), [CVE-2022-27780](https://nvd.nist.gov/vuln/detail/CVE-2022-27780), [CVE-2022-27781](https://nvd.nist.gov/vuln/detail/CVE-2022-27781), [CVE-2022-27782](https://nvd.nist.gov/vuln/detail/CVE-2022-27782), [CVE-2022-30115](https://nvd.nist.gov/vuln/detail/CVE-2022-30115), [CVE-2022-32205](https://nvd.nist.gov/vuln/detail/CVE-2022-32205), [CVE-2022-32206](https://nvd.nist.gov/vuln/detail/CVE-2022-32206), [CVE-2022-32207](https://nvd.nist.gov/vuln/detail/CVE-2022-32207), [CVE-2022-32208](https://nvd.nist.gov/vuln/detail/CVE-2022-32208), [CVE-2022-32221](https://nvd.nist.gov/vuln/detail/CVE-2022-32221), [CVE-2022-35260](https://nvd.nist.gov/vuln/detail/CVE-2022-32221), [CVE-2022-42915](https://nvd.nist.gov/vuln/detail/CVE-2022-32221), [CVE-2022-42916](https://nvd.nist.gov/vuln/detail/CVE-2022-32221), [CVE-2022-35252](https://nvd.nist.gov/vuln/detail/CVE-2022-35252), [CVE-2022-43551](https://nvd.nist.gov/vuln/detail/CVE-2022-43551), [CVE-2022-43552](https://nvd.nist.gov/vuln/detail/CVE-2022-43552))<br> - dbus ([CVE-2022-42010](https://nvd.nist.gov/vuln/detail/CVE-2022-42010), [CVE-2022-42011](https://nvd.nist.gov/vuln/detail/CVE-2022-42011), [CVE-2022-42012](https://nvd.nist.gov/vuln/detail/CVE-2022-42012))<br> - duktape ([CVE-2021-46322](https://nvd.nist.gov/vuln/detail/CVE-2021-46322))<br> - expat ([CVE-2022-40674](https://nvd.nist.gov/vuln/detail/CVE-2022-40674), [CVE-2022-43680](https://nvd.nist.gov/vuln/detail/CVE-2022-43680))<br> - gcc ([CVE-2020-13844](https://nvd.nist.gov/vuln/detail/CVE-2020-13844))<br> - git ([CVE-2022-23521](https://nvd.nist.gov/vuln/detail/CVE-2022-23521), [CVE-2022-24765](https://nvd.nist.gov/vuln/detail/CVE-2022-24765), [CVE-2022-29187](https://nvd.nist.gov/vuln/detail/CVE-2022-29187), [CVE-2022-39253](https://nvd.nist.gov/vuln/detail/CVE-2022-39253), [CVE-2022-39260](https://nvd.nist.gov/vuln/detail/CVE-2022-39260), [CVE-2022-41903](https://nvd.nist.gov/vuln/detail/CVE-2022-41903))<br> - glib ([fixes to normal form handling in GVariant](https://discourse.gnome.org/t/multiple-fixes-for-gvariant-normalisation-issues-in-glib/12835))<br> - gnupg ([CVE-2022-34903](https://nvd.nist.gov/vuln/detail/CVE-2022-34903))<br> - gnutls ([CVE-2021-4209](https://nvd.nist.gov/vuln/detail/CVE-2021-4209), [GNUTLS-SA-2022-01-17](https://gitlab.com/gnutls/gnutls/-/issues/1277), [CVE-2022-2509](https://nvd.nist.gov/vuln/detail/CVE-2022-2509))<br> - gzip,xz-utils ([CVE-2022-1271](https://nvd.nist.gov/vuln/detail/CVE-2022-1271))<br> - ignition ([CVE-2020-14040](https://nvd.nist.gov/vuln/detail/CVE-2020-14040), [CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561), [CVE-2022-1706](https://nvd.nist.gov/vuln/detail/CVE-2022-1706))<br> - intel-microcode ([CVE-2021-0127](https://nvd.nist.gov/vuln/detail/CVE-2021-0127), [CVE-2021-0146](https://nvd.nist.gov/vuln/detail/CVE-2021-0146), [CVE-2022-21151](https://nvd.nist.gov/vuln/detail/CVE-2022-21151), [CVE-2022-21233](https://nvd.nist.gov/vuln/detail/CVE-2022-21233))<br> - krb5 ([CVE-2021-37750](https://nvd.nist.gov/vuln/detail/CVE-2021-37750))<br> - libarchive ([CVE-2021-31566](https://nvd.nist.gov/vuln/detail/CVE-2021-31566), [CVE-2021-36976](https://nvd.nist.gov/vuln/detail/CVE-2021-36976), [CVE-2022-26280](https://nvd.nist.gov/vuln/detail/CVE-2022-26280), [CVE-2022-36227](https://nvd.nist.gov/vuln/detail/CVE-2022-36227), [libarchive-1565](https://github.com/libarchive/libarchive/issues/1565), [libarchive-1566](https://github.com/libarchive/libarchive/issues/1566))<br> - libksba ([CVE-2022-3515](https://nvd.nist.gov/vuln/detail/CVE-2022-3515), [CVE-2022-47629](https://nvd.nist.gov/vuln/detail/CVE-2022-47629))<br> - GNU Libtasn1 ([Gentoo#866237](https://bugs.gentoo.org/866237))<br> - libtirpc ([CVE-2021-46828](https://nvd.nist.gov/vuln/detail/CVE-2021-46828))<br> - libxml2 ([CVE-2016-3709](https://nvd.nist.gov/vuln/detail/CVE-2016-3709), [CVE-2022-2309](https://nvd.nist.gov/vuln/detail/CVE-2022-2309), [CVE-2022-23308](https://nvd.nist.gov/vuln/detail/CVE-2022-23308), [CVE-2022-29824](https://nvd.nist.gov/vuln/detail/CVE-2022-29824), [CVE-2022-40303](https://nvd.nist.gov/vuln/detail/CVE-2022-40303), [CVE-2022-40304](https://nvd.nist.gov/vuln/detail/CVE-2022-40304))<br> - logrotate ([CVE-2022-1348](https://nvd.nist.gov/vuln/detail/CVE-2022-1348))<br> - multipath-tools ([CVE-2022-41973](https://nvd.nist.gov/vuln/detail/CVE-2022-41973), [CVE-2022-41974](https://nvd.nist.gov/vuln/detail/CVE-2022-41974))<br> - ncurses ([CVE-2022-29458](https://nvd.nist.gov/vuln/detail/CVE-2022-29458))<br> - nvidia-drivers ([CVE-2022-28181](https://nvd.nist.gov/vuln/detail/CVE-2022-28181), [CVE-2022-28183](https://nvd.nist.gov/vuln/detail/CVE-2022-28183), [CVE-2022-28184](https://nvd.nist.gov/vuln/detail/CVE-2022-28184), [CVE-2022-28185](https://nvd.nist.gov/vuln/detail/CVE-2022-28185))<br> - oniguruma ([oniguruma-20220430](https://bugs.gentoo.org/841893))<br> - OpenSSH ([CVE-2021-41617](https://nvd.nist.gov/vuln/detail/CVE-2021-41617))<br> - OpenSSL ([CVE-2021-4044](https://nvd.nist.gov/vuln/detail/CVE-2021-4044), [CVE-2022-1292](https://nvd.nist.gov/vuln/detail/CVE-2022-1292), [CVE-2022-1343](https://nvd.nist.gov/vuln/detail/CVE-2022-1343), [CVE-2022-1434](https://nvd.nist.gov/vuln/detail/CVE-2022-1434), [CVE-2022-1473](https://nvd.nist.gov/vuln/detail/CVE-2022-1473), [CVE-2022-3602](https://nvd.nist.gov/vuln/detail/CVE-2022-3602), [CVE-2022-3786](https://nvd.nist.gov/vuln/detail/CVE-2022-3786))<br> - polkit ([CVE-2021-4115](https://nvd.nist.gov/vuln/detail/CVE-2021-4115))<br> - rsync ([CVE-2018-25032](https://nvd.nist.gov/vuln/detail/CVE-2018-25032), [CVE-2022-29154](https://nvd.nist.gov/vuln/detail/CVE-2022-29154))<br> - runc ([CVE-2022-29162](https://nvd.nist.gov/vuln/detail/CVE-2022-29162))<br> - shadow ([CVE-2013-4235](https://nvd.nist.gov/vuln/detail/CVE-2013-4235))<br> - sudo ([CVE-2022-43995](https://nvd.nist.gov/vuln/detail/CVE-2022-43995), [CVE-2023-22809](https://nvd.nist.gov/vuln/detail/CVE-2023-22809))<br> - systemd ([CVE-2021-3997](https://nvd.nist.gov/vuln/detail/CVE-2021-3997), [CVE-2022-3821](https://nvd.nist.gov/vuln/detail/CVE-2022-3821), [CVE-2022-4415](https://nvd.nist.gov/vuln/detail/CVE-2022-4415))<br> - unzip ([CVE-2022-0529](https://nvd.nist.gov/vuln/detail/CVE-2022-0529), [CVE-2022-0530](https://nvd.nist.gov/vuln/detail/CVE-2022-0530), [CVE-2021-4217](https://nvd.nist.gov/vuln/detail/CVE-2021-4217))<br> - util-linux ([CVE-2021-3995](https://nvd.nist.gov/vuln/detail/CVE-2021-3995), [CVE-2021-3996](https://nvd.nist.gov/vuln/detail/CVE-2021-3996), [CVE-2022-0563](https://nvd.nist.gov/vuln/detail/CVE-2022-0563))<br> - vim ([CVE-2021-3872](https://nvd.nist.gov/vuln/detail/CVE-2021-3872), [CVE-2021-3875](https://nvd.nist.gov/vuln/detail/CVE-2021-3875), [CVE-2021-3903](https://nvd.nist.gov/vuln/detail/CVE-2021-3903), [CVE-2021-3927](https://nvd.nist.gov/vuln/detail/CVE-2021-3927), [CVE-2021-3928](https://nvd.nist.gov/vuln/detail/CVE-2021-3928), [CVE-2021-3968](https://nvd.nist.gov/vuln/detail/CVE-2021-3968), [CVE-2021-3973](https://nvd.nist.gov/vuln/detail/CVE-2021-3973), [CVE-2021-3974](https://nvd.nist.gov/vuln/detail/CVE-2021-3974), [CVE-2021-3984](https://nvd.nist.gov/vuln/detail/CVE-2021-3984), [CVE-2021-4019](https://nvd.nist.gov/vuln/detail/CVE-2021-4019), [CVE-2021-4069](https://nvd.nist.gov/vuln/detail/CVE-2021-4069), [CVE-2021-4136](https://nvd.nist.gov/vuln/detail/CVE-2021-4136), [CVE-2021-4173](https://nvd.nist.gov/vuln/detail/CVE-2021-4173),[ CVE-2021-4166](https://nvd.nist.gov/vuln/detail/CVE-2021-4166), [CVE-2021-4187](https://nvd.nist.gov/vuln/detail/CVE-2021-4187), [CVE-2021-4192](https://nvd.nist.gov/vuln/detail/CVE-2021-4192), [CVE-2021-4193](https://nvd.nist.gov/vuln/detail/CVE-2021-4193), [CVE-2022-0128](https://nvd.nist.gov/vuln/detail/CVE-2022-0128), [CVE-2022-0156](https://nvd.nist.gov/vuln/detail/CVE-2022-0156), [CVE-2022-0158](https://nvd.nist.gov/vuln/detail/CVE-2022-0158), [CVE-2022-0213](https://nvd.nist.gov/vuln/detail/CVE-2022-0213), [CVE-2022-0261](https://nvd.nist.gov/vuln/detail/CVE-2022-0261), [CVE-2022-0318](https://nvd.nist.gov/vuln/detail/CVE-2022-0318), [CVE-2022-0319](https://nvd.nist.gov/vuln/detail/CVE-2022-0319), [CVE-2022-0351](https://nvd.nist.gov/vuln/detail/CVE-2022-0351), [CVE-2022-0359](https://nvd.nist.gov/vuln/detail/CVE-2022-0359), [CVE-2022-0361](https://nvd.nist.gov/vuln/detail/CVE-2022-0361), [CVE-2022-0368](https://nvd.nist.gov/vuln/detail/CVE-2022-0368), [CVE-2022-0392](https://nvd.nist.gov/vuln/detail/CVE-2022-0392), [CVE-2022-0393](https://nvd.nist.gov/vuln/detail/CVE-2022-0393), [CVE-2022-0407](https://nvd.nist.gov/vuln/detail/CVE-2022-0407), [CVE-2022-0408](https://nvd.nist.gov/vuln/detail/CVE-2022-0408), [CVE-2022-0413](https://nvd.nist.gov/vuln/detail/CVE-2022-0413), [CVE-2022-0417](https://nvd.nist.gov/vuln/detail/CVE-2022-0417), [CVE-2022-0443](https://nvd.nist.gov/vuln/detail/CVE-2022-0443), [CVE-2022-0629](https://nvd.nist.gov/vuln/detail/CVE-2022-0629), [CVE-2022-0685](https://nvd.nist.gov/vuln/detail/CVE-2022-0685), [CVE-2022-0714](https://nvd.nist.gov/vuln/detail/CVE-2022-0714), [CVE-2022-0729](https://nvd.nist.gov/vuln/detail/CVE-2022-0729), [CVE-2022-0943](https://nvd.nist.gov/vuln/detail/CVE-2022-0943), [CVE-2022-1154](https://nvd.nist.gov/vuln/detail/CVE-2022-1154), [CVE-2022-1160](https://nvd.nist.gov/vuln/detail/CVE-2022-1160), [CVE-2022-1381](https://nvd.nist.gov/vuln/detail/CVE-2022-1381), [CVE-2022-1420](https://nvd.nist.gov/vuln/detail/CVE-2022-1420), [CVE-2022-1616](https://nvd.nist.gov/vuln/detail/CVE-2022-1616), [CVE-2022-1619](https://nvd.nist.gov/vuln/detail/CVE-2022-1619), [CVE-2022-1620](https://nvd.nist.gov/vuln/detail/CVE-2022-1620), [CVE-2022-1621](https://nvd.nist.gov/vuln/detail/CVE-2022-1621), [CVE-2022-1629](https://nvd.nist.gov/vuln/detail/CVE-2022-1629), [CVE-2022-1674](https://nvd.nist.gov/vuln/detail/CVE-2022-1674), [CVE-2022-1725](https://nvd.nist.gov/vuln/detail/CVE-2022-1725), [CVE-2022-1733](https://nvd.nist.gov/vuln/detail/CVE-2022-1733), [CVE-2022-1735](https://nvd.nist.gov/vuln/detail/CVE-2022-1735), [CVE-2022-1769](https://nvd.nist.gov/vuln/detail/CVE-2022-1769), [CVE-2022-1771](https://nvd.nist.gov/vuln/detail/CVE-2022-1771), [CVE-2022-1785](https://nvd.nist.gov/vuln/detail/CVE-2022-1785), [CVE-2022-1796](https://nvd.nist.gov/vuln/detail/CVE-2022-1796), [CVE-2022-1897](https://nvd.nist.gov/vuln/detail/CVE-2022-1897), [CVE-2022-1898](https://nvd.nist.gov/vuln/detail/CVE-2022-1898), [CVE-2022-1886](https://nvd.nist.gov/vuln/detail/CVE-2022-1886), [CVE-2022-1851](https://nvd.nist.gov/vuln/detail/CVE-2022-1851), [CVE-2022-1927](https://nvd.nist.gov/vuln/detail/CVE-2022-1927), [CVE-2022-1942](https://nvd.nist.gov/vuln/detail/CVE-2022-1942), [CVE-2022-1968](https://nvd.nist.gov/vuln/detail/CVE-2022-1968), [CVE-2022-2000](https://nvd.nist.gov/vuln/detail/CVE-2022-2000), [CVE-2022-2042](https://nvd.nist.gov/vuln/detail/CVE-2022-2042), [CVE-2022-2124](https://nvd.nist.gov/vuln/detail/CVE-2022-2124), [CVE-2022-2125](https://nvd.nist.gov/vuln/detail/CVE-2022-2125), [CVE-2022-2126](https://nvd.nist.gov/vuln/detail/CVE-2022-2126), [CVE-2022-2129](https://nvd.nist.gov/vuln/detail/CVE-2022-2129), [CVE-2022-2175](https://nvd.nist.gov/vuln/detail/CVE-2022-2175), [CVE-2022-2182](https://nvd.nist.gov/vuln/detail/CVE-2022-2182), [CVE-2022-2183](https://nvd.nist.gov/vuln/detail/CVE-2022-2183), [CVE-2022-2206](https://nvd.nist.gov/vuln/detail/CVE-2022-2206), [CVE-2022-2207](https://nvd.nist.gov/vuln/detail/CVE-2022-2207), [CVE-2022-2208](https://nvd.nist.gov/vuln/detail/CVE-2022-2208), [CVE-2022-2210](https://nvd.nist.gov/vuln/detail/CVE-2022-2210), [CVE-2022-2231](https://nvd.nist.gov/vuln/detail/CVE-2022-2231), [CVE-2022-2257](https://nvd.nist.gov/vuln/detail/CVE-2022-2257), [CVE-2022-2264](https://nvd.nist.gov/vuln/detail/CVE-2022-2264), [CVE-2022-2284](https://nvd.nist.gov/vuln/detail/CVE-2022-2284), [CVE-2022-2285](https://nvd.nist.gov/vuln/detail/CVE-2022-2285), [CVE-2022-2286](https://nvd.nist.gov/vuln/detail/CVE-2022-2286), [CVE-2022-2287](https://nvd.nist.gov/vuln/detail/CVE-2022-2287), [CVE-2022-2288](https://nvd.nist.gov/vuln/detail/CVE-2022-2288), [CVE-2022-2289](https://nvd.nist.gov/vuln/detail/CVE-2022-2289), [CVE-2022-2304](https://nvd.nist.gov/vuln/detail/CVE-2022-2304), [CVE-2022-2343](https://nvd.nist.gov/vuln/detail/CVE-2022-2343), [CVE-2022-2344](https://nvd.nist.gov/vuln/detail/CVE-2022-2344), [CVE-2022-2345](https://nvd.nist.gov/vuln/detail/CVE-2022-2345), [CVE-2022-2522](https://nvd.nist.gov/vuln/detail/CVE-2022-2522), [CVE-2022-2816](https://nvd.nist.gov/vuln/detail/CVE-2022-2816), [CVE-2022-2817](https://nvd.nist.gov/vuln/detail/CVE-2022-2817), [CVE-2022-2819](https://nvd.nist.gov/vuln/detail/CVE-2022-2819), [CVE-2022-2845](https://nvd.nist.gov/vuln/detail/CVE-2022-2845), [CVE-2022-2849](https://nvd.nist.gov/vuln/detail/CVE-2022-2849), [CVE-2022-2862](https://nvd.nist.gov/vuln/detail/CVE-2022-2862), [CVE-2022-2874](https://nvd.nist.gov/vuln/detail/CVE-2022-2874), [CVE-2022-2889](https://nvd.nist.gov/vuln/detail/CVE-2022-2889), [CVE-2022-2923](https://nvd.nist.gov/vuln/detail/CVE-2022-2923), [CVE-2022-2946](https://nvd.nist.gov/vuln/detail/CVE-2022-2946), [CVE-2022-2980](https://nvd.nist.gov/vuln/detail/CVE-2022-2980), [CVE-2022-2982](https://nvd.nist.gov/vuln/detail/CVE-2022-2982), [CVE-2022-3016](https://nvd.nist.gov/vuln/detail/CVE-2022-3016), [CVE-2022-3099](https://nvd.nist.gov/vuln/detail/CVE-2022-3099), [CVE-2022-3134](https://nvd.nist.gov/vuln/detail/CVE-2022-3134), [CVE-2022-3153](https://nvd.nist.gov/vuln/detail/CVE-2022-3153), [CVE-2022-3234](https://nvd.nist.gov/vuln/detail/CVE-2022-3234), [CVE-2022-3235](https://nvd.nist.gov/vuln/detail/CVE-2022-3235), [CVE-2022-3278](https://nvd.nist.gov/vuln/detail/CVE-2022-3278), [CVE-2022-3256](https://nvd.nist.gov/vuln/detail/CVE-2022-3256), [CVE-2022-3296](https://nvd.nist.gov/vuln/detail/CVE-2022-3296), [CVE-2022-3297](https://nvd.nist.gov/vuln/detail/CVE-2022-3297), [CVE-2022-3324](https://nvd.nist.gov/vuln/detail/CVE-2022-3324), [CVE-2022-3352](https://nvd.nist.gov/vuln/detail/CVE-2022-3352), [CVE-2022-3491](https://nvd.nist.gov/vuln/detail/CVE-2022-3491), [CVE-2022-3520](https://nvd.nist.gov/vuln/detail/CVE-2022-3520), [CVE-2022-3591](https://nvd.nist.gov/vuln/detail/CVE-2022-3591), [CVE-2022-3705](https://nvd.nist.gov/vuln/detail/CVE-2022-3705), [CVE-2022-4141](https://nvd.nist.gov/vuln/detail/CVE-2022-4141), [CVE-2022-4292](https://nvd.nist.gov/vuln/detail/CVE-2022-4292), [CVE-2022-4293](https://nvd.nist.gov/vuln/detail/CVE-2022-4293), [CVE-2023-0049](https://nvd.nist.gov/vuln/detail/CVE-2023-0049), [CVE-2023-0051](https://nvd.nist.gov/vuln/detail/CVE-2023-0051), [CVE-2023-0054](https://nvd.nist.gov/vuln/detail/CVE-2023-0054))<br> - zlib ([CVE-2018-25032](https://nvd.nist.gov/vuln/detail/CVE-2018-25032), [CVE-2022-37434](https://nvd.nist.gov/vuln/detail/CVE-2022-37434))<br> - SDK: edk2-ovmf ([CVE-2019-14584](https://nvd.nist.gov/vuln/detail/CVE-2019-14584), [CVE-2021-28210](https://nvd.nist.gov/vuln/detail/CVE-2021-28210), [CVE-2021-28211](https://nvd.nist.gov/vuln/detail/CVE-2021-28211), [CVE-2021-28213](https://nvd.nist.gov/vuln/detail/CVE-2021-28213))<br> - SDK: libxslt ([CVE-2021-30560](https://nvd.nist.gov/vuln/detail/CVE-2021-30560))<br> - SDK: mantle ([CVE-2021-3121](https://nvd.nist.gov/vuln/detail/CVE-2021-3121), [CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561), [CVE-2021-43565](https://nvd.nist.gov/vuln/detail/CVE-2021-43565))<br> - SDK: Python ([CVE-2015-20107](https://nvd.nist.gov/vuln/detail/CVE-2015-20107), [CVE-2020-10735](https://nvd.nist.gov/vuln/detail/CVE-2020-10735), [CVE-2021-3654](https://nvd.nist.gov/vuln/detail/CVE-2021-3654), [CVE-2022-37454](https://nvd.nist.gov/vuln/detail/CVE-2022-37454), [CVE-2022-42919](https://nvd.nist.gov/vuln/detail/CVE-2022-42919), [CVE-2022-45061](https://nvd.nist.gov/vuln/detail/CVE-2022-45061))<br> - SDK: QEMU ([CVE-2020-14394](https://nvd.nist.gov/vuln/detail/CVE-2020-14394), [CVE-2020-35504](https://nvd.nist.gov/vuln/detail/CVE-2020-35504), [CVE-2020-35505](https://nvd.nist.gov/vuln/detail/CVE-2020-35505), [CVE-2020-35506](https://nvd.nist.gov/vuln/detail/CVE-2020-35506), [CVE-2020-35517](https://nvd.nist.gov/vuln/detail/CVE-2020-35517), [CVE-2021-20203](https://nvd.nist.gov/vuln/detail/CVE-2021-20203), [CVE-2021-20255](https://nvd.nist.gov/vuln/detail/CVE-2021-20255), [CVE-2021-20257](https://nvd.nist.gov/vuln/detail/CVE-2021-20257), [CVE-2021-20263](https://nvd.nist.gov/vuln/detail/CVE-2021-20263), [CVE-2021-3409](https://nvd.nist.gov/vuln/detail/CVE-2021-3409), [CVE-2021-3416](https://nvd.nist.gov/vuln/detail/CVE-2021-3416), [CVE-2021-3527](https://nvd.nist.gov/vuln/detail/CVE-2021-3527), [CVE-2021-3544](https://nvd.nist.gov/vuln/detail/CVE-2021-3544), [CVE-2021-3545](https://nvd.nist.gov/vuln/detail/CVE-2021-3545), [CVE-2021-3546](https://nvd.nist.gov/vuln/detail/CVE-2021-3546), [CVE-2021-3582](https://nvd.nist.gov/vuln/detail/CVE-2021-3582), [CVE-2021-3607](https://nvd.nist.gov/vuln/detail/CVE-2021-3607), [CVE-2021-3608](https://nvd.nist.gov/vuln/detail/CVE-2021-3608), [CVE-2021-3682](https://nvd.nist.gov/vuln/detail/CVE-2021-3682), [CVE-2021-20203](https://nvd.nist.gov/vuln/detail/CVE-2021-20203), [CVE-2021-3713](https://nvd.nist.gov/vuln/detail/CVE-2021-3713), [CVE-2021-3930](https://nvd.nist.gov/vuln/detail/CVE-2021-3930), [CVE-2021-3947](https://nvd.nist.gov/vuln/detail/CVE-2021-3947), [CVE-2021-4145](https://nvd.nist.gov/vuln/detail/CVE-2021-4145), [CVE-2022-0216](https://nvd.nist.gov/vuln/detail/CVE-2022-0216), [CVE-2022-26353](https://nvd.nist.gov/vuln/detail/CVE-2022-26353), [CVE-2022-26354](https://nvd.nist.gov/vuln/detail/CVE-2022-26354), [CVE-2022-3872](https://nvd.nist.gov/vuln/detail/CVE-2022-3872), [CVE-2022-4172](https://nvd.nist.gov/vuln/detail/CVE-2022-4172))<br> - SDK: Rust ([CVE-2022-21658](https://nvd.nist.gov/vuln/detail/CVE-2022-21658), [CVE-2022-36113](https://nvd.nist.gov/vuln/detail/CVE-2022-36113), [CVE-2022-36114](https://nvd.nist.gov/vuln/detail/CVE-2022-36114), [CVE-2022-46176](https://nvd.nist.gov/vuln/detail/CVE-2022-46176))<br> - SDK: squashfs-tools ([CVE-2021-40153](https://nvd.nist.gov/vuln/detail/CVE-2021-40153), [CVE-2021-41072](https://nvd.nist.gov/vuln/detail/CVE-2021-41072))<br> - VMware: open-vm-tools ([CVE-2022-31676](https://nvd.nist.gov/vuln/detail/CVE-2022-31676))<br><br> <br> #### Bug fixes:<br> <br> - Added `networkd` translation to `files` section when converting from Ignition 2.x to Ignition 3.x ([coreos-overlay#1910](https://github.com/flatcar-linux/coreos-overlay/pull/1910), [flatcar#741](https://github.com/flatcar-linux/Flatcar/issues/741))<br> - Added a remount action as `systemd-sysext.service` drop-in unit to restore the OEM partition mount after the overlay mounts in `/usr` are done ([init#69](https://github.com/flatcar-linux/init/pull/69))<br> - Added back Ignition support for Vagrant ([coreos-overlay#2351](https://github.com/flatcar/coreos-overlay/pull/2351))<br> - Added back `gettext` to the OS ([Flatcar#849](https://github.com/flatcar-linux/Flatcar/issues/849))<br> - Added merging of Ignition systemd duplicated units when auto-translating from Ignition 2 to Ignition 3. ([coreos-overlay#2187](https://github.com/flatcar/coreos-overlay/pull/2187))<br> - Added support for Openstack for cloud-init activation ([flatcar-linux/init#76](https://github.com/flatcar-linux/init/pull/76))<br> - Added support for hardware security keys in update-ssh-keys ([update-ssh-keys#7](https://github.com/flatcar/update-ssh-keys/pull/7))<br> - Enabled IOMMU on arm64 kernels, the lack of which prevented some systems from booting ([coreos-overlay#2235](https://github.com/flatcar/coreos-overlay/pull/2235))<br> - Excluded Wireguard interface from `systemd-networkd` default management ([Flatcar#808](https://github.com/flatcar-linux/Flatcar/issues/808))<br> - Excluded the Kubenet cbr0 interface from networkd's DHCP config and set it to Unmanaged to prevent interference and ensure that it is not part of the network online check ([init#55](https://github.com/flatcar-linux/init/pull/55))<br> - Excluded the special Kubernetes network interfaces `nodelocaldns` and `kube-ipvs0` from being managed with systemd-networkd which interfered with the setup ([init#89](https://github.com/flatcar/init/pull/89)).<br> - Fix "ext4 deadlock under heavy I/O load" kernel issue. The patch for this is included provisionally while we wait for it to be merged upstream ([Flatcar#847](https://github.com/flatcar/Flatcar/issues/847), [coreos-overlay#2315](https://github.com/flatcar/coreos-overlay/pull/2315))<br> - Fixed Ignition btrfs forced formatting for OEM partition ([coreos-overlay#2277](https://github.com/flatcar/coreos-overlay/pull/2277))<br> - Fixed Ignition's OEM ID to be `metal` to follow the Ignition upstream change which otherwise resulted in a broken boot when the Flatcar OEM ID `pxe` was used ([bootengine#45](https://github.com/flatcar-linux/bootengine/pull/45))<br> - Fixed `/etc/resolv.conf` symlink by pointing it at `resolv.conf` instead of `stub-resolv.conf`. This bug was present since the update to systemd v250 ([coreos-overlay#2057](https://github.com/flatcar-linux/coreos-overlay/pull/2057))<br> - Fixed a regression (in Alpha/Beta) where machines failed to boot if they didn't have the `core` user or group in `/etc/passwd` or `/etc/group` ([baselayout#26](https://github.com/flatcar/baselayout/pull/26))<br> - Fixed excluded interface type from default systemd-networkd configuration ([flatcar-linux/init#78](https://github.com/flatcar-linux/init/pull/78))<br> - Fixed space escaping in the `networkd` Ignition translation ([Flatcar#812](https://github.com/flatcar-linux/Flatcar/issues/812))<br> - Fixed the dracut emergency Ignition log printing that had a scripting error causing the cat command to fail ([bootengine#33](https://github.com/flatcar-linux/bootengine/pull/33))<br> - Made Ignition write the SSH keys into a file under `authorized_keys.d/ignition` again and added a call to `update-ssh-keys` after Ignition ran to create the merged `authorized_keys` file, which fixes the problem that keys added by Ignition get lost when `update-ssh-keys` runs ([init#66](https://github.com/flatcar-linux/init/pull/66))<br> - Re-added the `brd drbd nbd rbd xen-blkfront zram libarc4 lru_cache zsmalloc` kernel modules to the initramfs since they were missing compared to the Flatcar 3033.2.x releases where the 5.10 kernel is used ([bootengine#40](https://github.com/flatcar-linux/bootengine/pull/40))<br> - Restored the support to specify OEM partition files in Ignition when `/usr/share/oem` is given as initrd mount point ([bootengine#58](https://github.com/flatcar/bootengine/pull/58))<br> - Reverted the Linux kernel commit which broke networking on AWS instances which use Intel 82559 NIC (c4/m4) ([Flatcar#665](https://github.com/flatcar-linux/Flatcar/issues/665), [coreos-overlay#1723](https://github.com/flatcar-linux/coreos-overlay/pull/1723))<br> - Skipped starting `ensure-sysext.service` if `systemd-sysext.service` won't be started, to prevent reporting a dependency failure ([Flatcar#710](https://github.com/flatcar-linux/Flatcar/issues/710))<br> - The Ignition v3 kargs directive failed before when used with the generic image where no `grub.cfg` exists, this was fixed by creating it first ([bootengine#47](https://github.com/flatcar-linux/bootengine/pull/47))<br> - The rootfs setup in the initrd now runs systemd-tmpfiles on every boot, not only when Ignition runs, to fix a dbus failure due to missing files ([Flatcar#944](https://github.com/flatcar/Flatcar/issues/944))<br> - flatcar-update: Stopped checking for the `USER` environment variable which may not be set in all environments, causing the script to fail unless a workaround was used like prepending an additional `sudo` invocation ([init#58](https://github.com/flatcar-linux/init/pull/58))<br> - network: Accept ICMPv6 Router Advertisements to fix IPv6 address assignment in the default DHCP setting ([init#51](https://github.com/flatcar-linux/init/pull/51), [coreos-cloudinit#12](https://github.com/flatcar-linux/coreos-cloudinit/pull/12), [bootengine#30](https://github.com/flatcar-linux/bootengine/pull/30))<br> - Fixed the restart of Systemd services when the main process is being killed by a SIGHUP signal ([flatcar#1157](https://github.com/flatcar/Flatcar/issues/1157))<br> - Resolved the conflicting FD usage of libselinux and systemd which caused, e.g., a systemd crash on certain watchdog interaction during shutdown (patch in systemd 252.11)<br> - AWS: added EKS support for version 1.22 and 1.23. ([coreos-overlay#2110](https://github.com/flatcar-linux/coreos-overlay/pull/2110), [Flatcar#829](https://github.com/flatcar-linux/Flatcar/issues/829))- VMWare: excluded `wireguard` (and others) from `systemd-networkd` management. ([init#80](https://github.com/flatcar-linux/init/pull/80))<br> - GCP: Restored oem-gce.service functionality on GCP ([coreos-overlay#1813](https://github.com/flatcar-linux/coreos-overlay/pull/1813))<br> - GCP: Fixed shutdown script execution ([coreos-overlay#1912](https://github.com/flatcar-linux/coreos-overlay/pull/1912), [flatcar#743](https://github.com/flatcar-linux/Flatcar/issues/743))<br><br> <br> #### Changes:<br> <br> - ARM64: Added [cifs-utils](https://wiki.samba.org/index.php/LinuxCIFS_utils) for ARM64<br> - ARM64: Added [sssd](https://sssd.io/), [adcli](https://www.freedesktop.org/software/realmd/adcli/adcli.html) and realmd for ARM64<br> - Added CONFIG_NF_CT_NETLINK_HELPER (for libnetfilter_cthelper), CONFIG_NET_VRF (for virtual routing and forwarding) and CONFIG_KEY_DH_OPERATIONS (for keyutils) to the kernel config ([coreos-overlay#1524](https://github.com/flatcar-linux/coreos-overlay/pull/1524))<br> - Added VMware networking configuration in the initramfs via guestinfo settings ([bootengine#44](https://github.com/flatcar-linux/bootengine/pull/44), [flatcar#717](https://github.com/flatcar-linux/Flatcar/issues/717))<br> - Added `CONFIG_NF_CONNTRACK_BRIDGE` (for nf_conntrack_bridge) and `CONFIG_NFT_BRIDGE_META` (for nft_meta_bridge) to the kernel config to allow using conntrack rules for bridges in nftables and to match on bridge interface names ([coreos-overlay#2207](https://github.com/flatcar/coreos-overlay/pull/2207))<br> - Added `auditd.service` but left it disabled by default, a custom configuration can be created by removing `/etc/audit/auditd.conf` and replacing it with an own file ([coreos-overlay#1636](https://github.com/flatcar-linux/coreos-overlay/pull/1636))<br> - Added `cryptsetup` to the initramfs for the Ignition `luks` directive ([flatcar-linux/coreos-overlay#1760](https://github.com/flatcar-linux/coreos-overlay/pull/1760))<br> - Added a new flatcar-update tool to the image to ease manual updates, rollbacks, channel/release jumping, and airgapped updates ([init#53](https://github.com/flatcar-linux/init/pull/53))<br> - Added efibootmgr binary to the image ([coreos-overlay#1955](https://github.com/flatcar-linux/coreos-overlay/pull/1955))<br> - Added symlink from `nc` to `ncat`. `-q` option is [not yet supported](https://github.com/nmap/nmap/issues/2422) ([flatcar#545](https://github.com/flatcar-linux/Flatcar/issues/545))<br> - Besides Ignition v1 and v2 configurations, Ignition configurations with specification v3 (up to 3.3.0) are now supported, see the [docs section for details](https://www.flatcar.org/docs/latest/provisioning/ignition/specification/#ignition-v3)<br> - Bring in dependencies for NFS4 with Kerberos both in kernel and userspace. Tested against NFS4.1 server. ([coreos-overlay#1664](https://github.com/flatcar-linux/coreos-overlay/pull/1664))<br> - Change CONFIG_WIREGUARD kernel option to module to save space on boot partition ([coreos-overlay#2239](https://github.com/flatcar/coreos-overlay/pull/2239))<br> - Disable several arch specific arm64 kernel config options for unsupported platforms to save space on boot partition ([coreos-overlay#2239](https://github.com/flatcar/coreos-overlay/pull/2239))<br> - Enabled `CONFIG_INTEL_RAPL` on AMD64 Kernel config to compile `intel_rapl_common` module in order to allow power monitoring on modern Intel processors ([coreos-overlay#1801](https://github.com/flatcar-linux/coreos-overlay/pull/1801))<br> - Enabled `systemd-sysext.service` to activate systemd-sysext images on boot, to disable you will need to mask it. Also added a helper service `ensure-sysext.service` which reloads the systemd units to reevaluate the `sockets`, `timers`, and `multi-user` targets when `systemd-sysext.service` is (re)started, making it possible to enable units that are part of a sysext image ([init#65](https://github.com/flatcar-linux/init/pull/65))<br> - Excluded special network interface devices like bridge, tunnel, vxlan, and veth devices from the default DHCP configuration to prevent networkd interference ([init#56](https://github.com/flatcar-linux/init/pull/56))<br> - For amd64 `/usr/lib` used to be a symlink to `/usr/lib64` but now they became two separate folders as common in other distributions (and was the case for arm64 already). Compatibility symlinks exist in case `/usr/lib64` was used to access, e.g., the `modules` folder or the `systemd` folder ([coreos-overlay#1713](https://github.com/flatcar-linux/coreos-overlay/pull/1713), [scripts#255](https://github.com/flatcar-linux/scripts/pull/255))<br> - Made SELinux enabled by default in default containerd configuration file. ([coreos-overlay#1699](https://github.com/flatcar-linux/coreos-overlay/pull/1699))<br> - Removed rngd.service because it is not essential anymore for the kernel to boot fast in VM environments ([coreos-overlay#1700](https://github.com/flatcar-linux/coreos-overlay/pull/1700))<br> - Specifying the OEM filesystem in Ignition to write files to `/usr/share/oem` is not needed anymore ([bootengine#58](https://github.com/flatcar/bootengine/pull/58))<br> - Switched from `--strip-unneeded` to `--strip-debug` when installing kernel modules, which makes kernel stacktraces more accurate and makes debugging issues easier ([coreos-overlay#2196](https://github.com/flatcar/coreos-overlay/pull/2196))<br> - The flatcar-update tool got two new flags to customize ports used on the host while updating flatcar ([init#81](https://github.com/flatcar/init/pull/81))<br> - Toolbox now uses containerd to download and mount the image ([toolbox#7](https://github.com/flatcar/toolbox/pull/7))<br> - Update-engine now creates the `/run/reboot-required` flag file for [kured](https://github.com/weaveworks/kured) ([update_engine#15](https://github.com/flatcar-linux/update_engine/pull/15))<br> - flatcar-install: Added option to create UEFI boot entry ([init#74](https://github.com/flatcar-linux/init/pull/74))<br> - Add qemu-guest-agent to all amd64 images, it will be automatically enabled when qemu-ga virtio-port is detected ([coreos-overlay#2240](https://github.com/flatcar/coreos-overlay/pull/2240), [portage-stable#373](https://github.com/flatcar/portage-stable/pull/373))<br> - Add a way to remove packages that are hard-blockers for update. A hard-blocker means that the package needs to be removed (for example with `emerge -C`) before an update can happen.<br> - Add support for Microsoft Azure Network Adapter (MANA) NICs on Azure ([scripts#1131](https://github.com/flatcar/scripts/pull/1131))<br> - Defined a systemd-sysext level that sysext images can match for instead of the OS version when they don't have a strong coupling, meaning the only metadata required is `SYSEXT_LEVEL=1.0` and `ID=flatcar` ([Flatcar#643](https://github.com/flatcar-linux/Flatcar/issues/643))<br> - Removed the pre-shipped `/etc/flatcar/update.conf` file, leaving it totally to the user to define the contents as it was unnecessarily overwriting the `/use/share/flatcar/update.conf` ([scripts#212](https://github.com/flatcar-linux/scripts/pull/212))<br> - Rework the way we set up the default python intepreter in SDK - it is now without specifying a version. This should work fine as long as we keep having one version of python in SDK.<br> - Use qcow2 compressed format instead of additional compression layer in Qemu images ([Flatcar#1135](https://github.com/flatcar/Flatcar/issues/1135), [scripts#1132](https://github.com/flatcar/scripts/pull/1132))<br> - AWS: Added AWS IMDSv2 support to coreos-cloudinit ([flatcar-linux/coreos-cloudinit#13](https://github.com/flatcar-linux/coreos-cloudinit/pull/13))<br> - AWS EC2: Removed the setup of `/etc/hostname` from the instance metadata because it used a long FQDN but we can just use use the hostname set via DHCP ([Flatcar#707](https://github.com/flatcar-linux/Flatcar/issues/707))<br> - Azure: Azure VHD disks are now created using subformat=fixed, which makes them suitable for immediate upload to Azure using any tool.<br> - Azure: Set up `/etc/hostname` from instance metadata with Afterburn<br> - OpenStack: enabled `coreos-metadata-sshkeys@.service` to provision SSH keys from metadata. ([Flatcar#817](https://github.com/flatcar/Flatcar/issues/817), [coreos-overlay#2246](https://github.com/flatcar/coreos-overlay/pull/2246))<br> - VMWare: Added `ignition-delete-config.service` to remove Ignition config from VM metadata, see also [here](https://coreos.github.io/ignition/operator-notes/#automatic-config-deletion) ([coreos-overlay#1948](https://github.com/flatcar-linux/coreos-overlay/pull/1948))<br> - SDK / ARM64: Added [go-tspi](https://pkg.go.dev/github.com/coreos/go-tspi) bindings for ARM64<br><br> <br> #### Updates:<br> <br>- Linux ([5.15.132](https://lwn.net/Articles/944877) (includes [5.15.131](https://lwn.net/Articles/943755), [5.15.130](https://lwn.net/Articles/943404), [5.15.129](https://lwn.net/Articles/943113), [5.15.128](https://lwn.net/Articles/942866), [5.15.127](https://lwn.net/Articles/941775), [5.15.126](https://lwn.net/Articles/941296), [5.15.125](https://lwn.net/Articles/940798), [5.15.124](https://lwn.net/Articles/940339), [5.15.123](https://lwn.net/Articles/939424), [5.15.122](https://lwn.net/Articles/939104), [5.15.121](https://lwn.net/Articles/939016), [5.15.120](https://lwn.net/Articles/937404), [5.15.119](https://lwn.net/Articles/936675), [5.15.118](https://lwn.net/Articles/935584), [5.15.117](https://lwn.net/Articles/934622), [5.15.116](https://lwn.net/Articles/934320), [5.15.115](https://lwn.net/Articles/933909), [5.15.114](https://lwn.net/Articles/933280), [5.15.113](https://lwn.net/Articles/932883), [5.15.112](https://lwn.net/Articles/932134), [5.15.111](https://lwn.net/Articles/931680), [5.15.110](https://lwn.net/Articles/930600), [5.15.109](https://lwn.net/Articles/930263), [5.15.108](https://lwn.net/Articles/929679), [5.15.107](https://lwn.net/Articles/929015), [5.15.106](https://lwn.net/Articles/928343), [5.15.105](https://lwn.net/Articles/927860), [5.15.104](https://lwn.net/Articles/926873), [5.15.103](https://lwn.net/Articles/926415), [5.15.102](https://lwn.net/Articles/925991), [5.15.101](https://lwn.net/Articles/925939), [5.15.100](https://lwn.net/Articles/925913), [5.15.99](https://lwn.net/Articles/925844), [5.15.98](https://lwn.net/Articles/925080), [5.15.97](https://lwn.net/Articles/925064), [5.15.96](https://lwn.net/Articles/924441), [5.15.95](https://lwn.net/Articles/924073), [5.15.94](https://lwn.net/Articles/923308), [5.15.93](https://lwn.net/Articles/922814), [5.15.92](https://lwn.net/Articles/922340), [5.15.91](https://lwn.net/Articles/921851), [5.15.90](https://lwn.net/Articles/921029), [5.15.89](https://lwn.net/Articles/920321), [5.15.88](https://lwn.net/Articles/920012), [5.15.87](https://lwn.net/Articles/919793), [5.15.86](https://lwn.net/Articles/918808), [5.15.85](https://lwn.net/Articles/918329), [5.15.84](https://lwn.net/Articles/918206), [5.15.83](https://lwn.net/Articles/917896), [5.15.82](https://lwn.net/Articles/917400), [5.15.81](https://lwn.net/Articles/916763), [5.15.80](https://lwn.net/Articles/916003), [5.15.79](https://lwn.net/Articles/915100), [5.15.78](https://lwn.net/Articles/914423), [5.15.77](https://lwn.net/Articles/913681), [5.15.76](https://lwn.net/Articles/912997), [5.15.75](https://lwn.net/Articles/912500), [5.15.74](https://lwn.net/Articles/911275), [5.15.73](https://lwn.net/Articles/910957), [5.15.72](https://lwn.net/Articles/910398), [5.15.71](https://lwn.net/Articles/909679), [5.15.70](https://lwn.net/Articles/909212), [5.15.69](https://lwn.net/Articles/908782), [5.15.68](https://lwn.net/Articles/908140), [5.15.67](https://lwn.net/Articles/907526), [5.15.66](https://lwn.net/Articles/907524), [5.15.65](https://lwn.net/Articles/907204), [5.15.64](https://lwn.net/Articles/906630), [5.15.63](https://lwn.net/Articles/906059), [5.15.62](https://lwn.net/Articles/905533), [5.15.61](https://lwn.net/Articles/904959), [5.15.60](https://lwn.net/Articles/904461), [5.15.59](https://lwn.net/Articles/903688), [5.15.58](https://lwn.net/Articles/902917), [5.15.57](https://lwn.net/Articles/902317), [5.15.56](https://lwn.net/Articles/902101), [5.15.55](https://lwn.net/Articles/901380), [5.15.54](https://lwn.net/Articles/900911), [5.15.53](https://lwn.net/Articles/900321), [5.15.52](https://lwn.net/Articles/899788), [5.15.51](https://lwn.net/Articles/899370), [5.15.50](https://lwn.net/Articles/899091), [5.15.49](https://lwn.net/Articles/898622), [5.15.48](https://lwn.net/Articles/898124), [5.15.47](https://lwn.net/Articles/897904), [5.15.46](https://lwn.net/Articles/897377), [5.15.45](https://lwn.net/Articles/897167), [5.15.44](https://lwn.net/Articles/896647), [5.15.43](https://lwn.net/Articles/896220), [5.15.42](https://lwn.net/Articles/896226), [5.15.41](https://lwn.net/Articles/895645), [5.15.40](https://lwn.net/Articles/895318), [5.15.39](https://lwn.net/Articles/895070), [5.15.38](https://lwn.net/Articles/894357), [5.15.37](https://lwn.net/Articles/893264), [5.15.36](https://lwn.net/Articles/892812), [5.15.35](https://lwn.net/Articles/892002), [5.15.34](https://lwn.net/Articles/891251), [5.15.33](https://lwn.net/Articles/890722), [5.15.32](https://lwn.net/Articles/889438), [5.15.31](https://lwn.net/Articles/889001), [5.15.30](https://lwn.net/Articles/888521), [5.15.29](https://lwn.net/Articles/888116), [5.15.28](https://lwn.net/Articles/887638), [5.15.27](https://lwn.net/Articles/887219), [5.15.26](https://lwn.net/Articles/886569), [5.15.25](https://lwn.net/Articles/885895), [5.15.24](https://lwn.net/Articles/884973), [5.15.23](https://lwn.net/Articles/884527), [5.15.22](https://lwn.net/Articles/884107), [5.15.21](https://lwn.net/Articles/883958), [5.15.20](https://lwn.net/Articles/883951), [5.15.19](https://lwn.net/Articles/883441), [5.15.18](https://lwn.net/Articles/883326), [5.15.17](https://lwn.net/Articles/882911), [5.15.16](https://lwn.net/Articles/881963), [5.15.15](https://lwn.net/Articles/881548), [5.15.14](https://lwn.net/Articles/881018), [5.15.13](https://lwn.net/Articles/880469), [5.15.12](https://lwn.net/Articles/879997), [5.15.11](https://lwn.net/Articles/879496), [5.15.10](https://lwn.net/Articles/879023), [5.15.9](https://lwn.net/Articles/878898), [5.15.8](https://lwn.net/Articles/878631), [5.15.7](https://lwn.net/Articles/878040), [5.15.6](https://lwn.net/Articles/877286), [5.15.5](https://lwn.net/Articles/876860), [5.15.4](https://lwn.net/Articles/876611)))<br>- Linux Firmware ([20230117](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20230117) (includes [20221214](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20221214), [20221109](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20221109), [20221012](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20221012), [20220913](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20220913), [20220815](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20220815), [20220708](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20220708), [20220610](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20220610), [20220509](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20220509), [20220411](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20220411), [20220310](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20220310), [20220209](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20220209)))<br>- Linux Headers ([5.15](https://lwn.net/Articles/876611/))<br>- Go ([1.19.5](https://go.dev/doc/devel/release#go1.19.5) (includes [1.19.4](https://go.dev/doc/devel/release#go1.19.4), [1.19.3](https://go.dev/doc/devel/release#go1.19.3), [1.18.10](https://go.dev/doc/devel/release#go1.18.10), [1.18.9](https://go.dev/doc/devel/release#go1.18.9), [1.18.7](https://go.dev/doc/devel/release#1.18.7), [1.18.6](https://go.dev/doc/devel/release#go1.18.6), [1.18.4](https://go.dev/doc/devel/release#go1.18.4), [1.18.2](https://go.googlesource.com/go/+/refs/tags/go1.18.2), [1.17.9](https://go.googlesource.com/go/+/refs/tags/go1.17.9)))<br>- Docker ([20.10.23](https://docs.docker.com/engine/release-notes/#201023) (includes [20.10.22](https://docs.docker.com/engine/release-notes/#201022), [20.10.21](https://docs.docker.com/engine/release-notes/#201021), [20.10.20](https://docs.docker.com/engine/release-notes/#201020), [20.10.18](https://docs.docker.com/engine/release-notes/#201018), [20.10.17](https://docs.docker.com/engine/release-notes/#201017), [20.10.16](https://docs.docker.com/engine/release-notes/#201016), [20.10.15](https://docs.docker.com/engine/release-notes/#201015), [20.10.14](https://docs.docker.com/engine/release-notes/#201014), [20.10.13](https://docs.docker.com/engine/release-notes/#201013)))<br>- acl ([2.3.1](https://git.savannah.nongnu.org/cgit/acl.git/log/?h=v2.3.1))<br>- new: acpid ([2.0.33](https://sourceforge.net/p/acpid2/code/ci/2.0.33/tree/Changelog)) <br>- adcli ([0.9.2](https://gitlab.freedesktop.org/realmd/adcli/-/releases#0.9.2) (includes [0.9.1](https://gitlab.freedesktop.org/realmd/adcli/-/releases#0.9.1)))<br>- afterburn ([5.2.0](https://github.com/coreos/afterburn/releases/tag/v5.2.0))<br>- attr ([2.5.1](https://git.savannah.nongnu.org/cgit/attr.git/log/?h=v2.5.1))<br>- audit ([3.0.6](https://listman.redhat.com/archives/linux-audit/2021-October/msg00000.html))<br>- automake ([1.16.5](https://savannah.gnu.org/forum/forum.php?forum_id=10055))<br>- bind tools ([9.16.36](https://bind9.readthedocs.io/en/v9_16_36/notes.html#notes-for-bind-9-16-36) (includes [9.16.35](https://bind9.readthedocs.io/en/v9_16_34/notes.html#notes-for-bind-9-16-35), [9.16.34](https://bind9.readthedocs.io/en/v9_16_35/notes.html#notes-for-bind-9-16-34), [9.16.33](https://gitlab.isc.org/isc-projects/bind9/-/raw/v9_16_33/CHANGES), [9.16.27](https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_16_27/CHANGES)))<br>- binutils ([2.39](https://sourceware.org/pipermail/binutils/2022-August/122246.html) (includes [2.38](https://lwn.net/Articles/884264)))<br>- boost ([1.79](https://www.boost.org/users/history/version_1_79_0.html) (includes [1.76.0](https://www.boost.org/users/history/version_1_76_0.html)))<br>- bpftool ([5.19.12](https://lwn.net/Articles/909678/) (includes [5.19.8](https://lwn.net/Articles/907523/), [5.19.2](https://lwn.net/Articles/904957/), [5.18.11](https://lwn.net/Articles/900912/), [5.15.8](https://lwn.net/Articles/878631/)))<br>- bridge-utils ([1.7.1](https://git.kernel.org/pub/scm/network/bridge/bridge-utils.git/log/?h=v1.7.1))<br>- btrfs-progs ([5.15.1](https://btrfs.wiki.kernel.org/index.php/Changelog#btrfs-progs_v5.15_.28Nov_2021.29))<br>- ca-certificates ([3.93](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_93.html) (includes [3.90](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_90.html), [3.78](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_78.html)))<br>- cifs-utils ([6.15](https://lists.samba.org/archive/samba-technical/2022-April/137335.html) (includes [6.13](https://lkml.kernel.org/linux-cifs/CAKywueSqRGSFmeDHQacyu831BNUeGFxGg3vgBmozzhkGBCjyXQ@mail.gmail.com/T/)))<br>- conntrack-tools ([1.4.6](https://lists.netfilter.org/pipermail/netfilter-announce/2020/000240.html))<br>- containerd ([1.6.16](https://github.com/containerd/containerd/releases/tag/v1.6.16) (includes [1.6.15](https://github.com/containerd/containerd/releases/tag/v1.6.15), [1.6.14](https://github.com/containerd/containerd/releases/tag/v1.6.14), [1.6.13](https://github.com/containerd/containerd/releases/tag/v1.6.13), [1.6.12](https://github.com/containerd/containerd/releases/tag/v1.6.12), [1.6.10](https://github.com/containerd/containerd/releases/tag/v1.6.10), [1.6.9](https://github.com/containerd/containerd/releases/tag/v1.6.9), [1.6.8](https://github.com/containerd/containerd/releases/tag/v1.6.8), [1.6.7](https://github.com/containerd/containerd/releases/tag/v1.6.7), [1.6.6](https://github.com/containerd/containerd/releases/tag/v1.6.6), [1.6.4](https://github.com/containerd/containerd/releases/tag/v1.6.4), [1.6.3](https://github.com/containerd/containerd/releases/tag/v1.6.3), [1.6.2](https://github.com/containerd/containerd/releases/tag/v1.6.2), [1.6.1](https://github.com/containerd/containerd/releases/tag/v1.6.1), [1.6.0](https://github.com/containerd/containerd/releases/tag/v1.6.0)))<br>- coreutils ([8.32](https://lists.gnu.org/archive/html/coreutils-announce/2020-03/msg00000.html))<br>- cpio ([2.13](https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00000.html))<br>- cri-tools ([1.24.2](https://github.com/kubernetes-sigs/cri-tools/releases/tag/v1.24.2))<br>- cryptsetup ([2.4.3](https://lore.kernel.org/all/572c18a7bf60cb1b0f67c3a03c531d7e7ed31832.camel@scientia.net/T/))<br>- curl ([7.87.0](https://curl.se/changes.html#7_87_0) (includes [7.86](https://curl.se/changes.html#7_86_0), [7.85](https://curl.se/mail/archive-2022-08/0012.html), [7.84.0](https://github.com/curl/curl/releases/tag/curl-7_84_0), [7.83.1](https://curl.se/mail/lib-2022-05/0010.html)))<br>- Cyrus SASL ([2.1.28](https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28))<br>- dbus ([1.14.4](https://gitlab.freedesktop.org/dbus/dbus/-/raw/dbus-1.14.4/NEWS) (includes [1.12.22](https://gitlab.freedesktop.org/dbus/dbus/-/blob/177ab044bc87cbc4ded75d21b900795a6fefef76/NEWS)))<br>- diffutils ([3.8](https://lists.gnu.org/archive/html/info-gnu/2021-08/msg00000.html))<br>- dosfstools ([4.2](https://github.com/dosfstools/dosfstools/releases/tag/v4.2))<br>- duktape ([2.7.0](https://github.com/svaarala/duktape/releases/tag/v2.7.0))<br>- e2fsprogs ([1.46.5](http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.46.5) (includes [1.46.4](http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.46.4)))<br>- elfutils ([0.188](https://sourceware.org/pipermail/elfutils-devel/2022q4/005561.html) (includes [0.187](https://sourceware.org/pipermail/elfutils-devel/2022q2/004978.html), [0.186](https://sourceware.org/git/?p=elfutils.git;a=blob;f=NEWS;h=490932ae4ef9b5a3af01d2c8c616f14d57586046;hb=983e86fd89e8bf02f2d27ba5dce5bf078af4ceda)))<br>- ethtool ([5.10](https://git.kernel.org/pub/scm/network/ethtool/ethtool.git/tree/NEWS?h=v5.10))<br>- expat ([2.5.0](https://github.com/libexpat/libexpat/blob/R_2_5_0/expat/Changes) (includes [2.4.9](https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes)))<br>- findutils ([4.8.0](https://savannah.gnu.org/forum/forum.php?forum_id=9914))<br>- gawk ([5.2.1](https://lists.gnu.org/archive/html/help-gawk/2022-11/msg00008.html) (contains [5.2.0](https://lists.gnu.org/archive/html/help-gawk/2022-09/msg00000.html)))<br>- gcc ([11.3.0](https://gcc.gnu.org/gcc-11/changes.html) (includes [10.3.0](https://gcc.gnu.org/gcc-10/changes.html), [9.4.0](https://lists.gnu.org/archive/html/info-gnu/2021-06/msg00000.html)))<br>- gdb ([11.2](https://lists.gnu.org/archive/html/info-gnu/2022-01/msg00009.html))<br>- gdbm ([1.22](https://lists.gnu.org/archive/html/info-gnu/2021-10/msg00006.html))<br>- gettext ([0.21.1](https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=blob;f=NEWS;h=cdbb16746c23555e70bb1e16917f5c349ce92d9e;hb=8b38ee827251cadbb90cb6cb576ae98702566288) (includes [0.21](https://www.gnu.org/software/gettext/)))<br>- git ([2.39.1](https://github.com/git/git/blob/v2.39.1/Documentation/RelNotes/2.39.1.txt) (includes [2.39.0](https://github.com/git/git/blob/v2.39.0/Documentation/RelNotes/2.39.0.txt), [2.38.3](https://github.com/git/git/blob/v2.38.3/Documentation/RelNotes/2.38.3.txt), [2.37.4](https://github.com/git/git/blob/master/Documentation/RelNotes/2.37.4.txt), [2.37.3](https://github.com/git/git/blob/v2.37.3/Documentation/RelNotes/2.37.3.txt), [2.37.1](https://github.com/git/git/blob/v2.37.1/Documentation/RelNotes/2.37.1.txt), [2.35.3](https://github.com/git/git/blob/v2.35.3/Documentation/RelNotes/2.35.3.txt)))<br>- glib ([2.74.4](https://gitlab.gnome.org/GNOME/glib/-/tags/2.74.4) (includes [2.74.1](https://gitlab.gnome.org/GNOME/glib/-/tags/2.74.1), [2.72.3](https://gitlab.gnome.org/GNOME/glib/-/tags/2.73.3), [2.68.4](https://gitlab.gnome.org/GNOME/glib/-/releases/2.68.4)))<br>- glibc ([2.36](https://sourceware.org/pipermail/libc-alpha/2022-August/141193.html) (includes [2.35](https://savannah.gnu.org/forum/forum.php?forum_id=10111), [2.34](https://sourceware.org/pipermail/libc-alpha/2021-August/129718.html)))<br>- gnupg ([2.2.35](https://dev.gnupg.org/T5928))<br>- gnutls ([3.7.8](https://lists.gnupg.org/pipermail/gnutls-help/2022-September/004765.html) (includes [3.7.7](https://gitlab.com/gnutls/gnutls/-/tags/3.7.7), [3.7.3](https://gitlab.com/gnutls/gnutls/-/merge_requests/1517)))<br>- grep ([3.7](https://savannah.gnu.org/forum/forum.php?forum_id=10037))<br>- gzip ([1.12](https://savannah.gnu.org/forum/forum.php?forum_id=10157) (includes [1.11](https://lists.gnu.org/archive/html/info-gnu/2021-09/msg00002.html)))<br>- i2c-tools ([4.3](https://git.kernel.org/pub/scm/utils/i2c-tools/i2c-tools.git/tree/CHANGES?id=d8bc1f1ff4b00a6bd988aa114100ae9b787f50d8) (includes [4.2](https://git.kernel.org/pub/scm/utils/i2c-tools/i2c-tools.git/log/?h=v4.2)))<br>- ignition ([2.14.0](https://github.com/coreos/ignition/releases/tag/v2.14.0) (includes [2.13.0](https://github.com/coreos/ignition/releases/tag/v2.13.0)))<br>- intel-microcode ([20220809](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220809) (includes [20220510](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220510), [20220207_p20220207](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220207), [20221108](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20221108)))<br>- iperf ([3.10.1](https://github.com/esnet/iperf/blob/master/RELNOTES.md#iperf-3101-2021-06-03))<br>- iproute2 ([5.15](https://lwn.net/ml/linux-kernel/20211101164705.6f4f2e41%40hermes.local/))<br>- ipset ([7.11](https://ipset.netfilter.org/changelog.html))<br>- iptables ([1.8.8](https://www.netfilter.org/projects/iptables/files/changes-iptables-1.8.8.txt))<br>- iputils ([20211215](https://github.com/iputils/iputils/releases/tag/20211215) (includes [20210722](https://github.com/iputils/iputils/releases/tag/20210722)))<br>- ipvsadm ([1.27](http://archive.linuxvirtualserver.org/html/lvs-devel/2013-09/msg00011.html))<br>- jansson ([2.14](https://github.com/akheron/jansson/blob/v2.14/CHANGES))<br>- kmod ([29](https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git/commit/?id=b6ecfc916a17eab8f93be5b09f4e4f845aabd3d1))<br>- ldb ([2.4.1](https://gitlab.com/samba-team/samba/-/commit/a795e0c84597aa045d011e663dbad3cdabf0f1e6))<br>- less ([590](https://www.greenwoodsoftware.com/less/news.590.html))<br>- libarchive ([3.6.1](https://github.com/libarchive/libarchive/releases/tag/v3.6.1) (includes [3.5.3](https://github.com/libarchive/libarchive/releases/tag/v3.5.3), [3.5.2](https://github.com/libarchive/libarchive/releases/tag/v3.5.2)))<br>- libbsd ([0.11.3](https://gitlab.freedesktop.org/libbsd/libbsd/-/commits/0.11.3/))<br>- libcap ([2.66](https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.d9ygdose5kw) (includes [2.65](https://sites.google.com/site/fullycapable/release-notes-for-libcap?authuser=0#h.wfblevfzkj0)))<br>- libcap-ng ([0.8.3](https://people.redhat.com/sgrubb/libcap-ng/ChangeLog) (includes [0.8.2](https://github.com/stevegrubb/libcap-ng/releases/tag/v0.8.2)))<br>- libksba ([1.6.3](https://dev.gnupg.org/T6304) (includes [1.6.2](https://dev.gnupg.org/T6230)))<br>- libnetfilter_queue ([1.0.5](https://git.netfilter.org/libnetfilter_queue/log/?h=libnetfilter_queue-1.0.5))<br>- libpcap ([1.10.1](https://git.tcpdump.org/libpcap/blob/c7642e2cc0c5bd65754685b160d25dc23c76c6bd:/CHANGES))<br>- libseccomp ([2.5.4](https://github.com/seccomp/libseccomp/releases/tag/v2.5.4) (contains [2.5.3](https://github.com/seccomp/libseccomp/releases/tag/v2.5.3), [2.5.2](https://github.com/seccomp/libseccomp/releases/tag/v2.5.2), [2.5.1](https://github.com/seccomp/libseccomp/releases/tag/v2.5.1)))<br>- libtasn1 ([4.19.0](https://lists.gnu.org/archive/html/help-libtasn1/2022-08/msg00001.html) (includes [4.17.0](https://gitlab.com/gnutls/libtasn1/-/blob/v4.17.0/NEWS)))<br>- liburing ([2.1](https://github.com/axboe/liburing/commits/liburing-2.1))<br>- libxml2 ([2.10.3](https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3) (includes [2.10.2](https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.2), [2.9.14](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.9.14), [2.9.13](http://www.xmlsoft.org/news.html)))<br>- logrotate ([3.20.1](https://github.com/logrotate/logrotate/releases/tag/3.20.1))<br>- lshw ([02.19.2b_p20210121](https://www.ezix.org/project/wiki/HardwareLiSter#Changes))<br>- lsof ([4.94.0](https://github.com/lsof-org/lsof/releases/tag/4.94.0))<br>- lsscsi ([0.32](https://sg.danny.cz/scsi/lsscsi.ChangeLog))<br>- mantle ([0.18.0](https://github.com/flatcar-linux/mantle/releases/tag/v0.18.0) (includes [0.17.0](https://github.com/flatcar-linux/mantle/releases/tag/v0.17.0)))<br>- mdadm ([4.2](https://lore.kernel.org/all/28fdbc45-96ca-7cdb-3ced-a5f65d978048@trained-monkey.org/T/))<br>- MIT Kerberos V ([1.20.1](https://web.mit.edu/kerberos/krb5-1.20/krb5-1.20.1.html))<br>- multipath-tools ([0.9.3](https://github.com/opensvc/multipath-tools/releases/tag/0.9.3) (includes [0.8.7](https://github.com/opensvc/multipath-tools/commits/0.8.7)))<br>- ncurses ([6.3_p20220423](https://lists.gnu.org/archive/html/info-gnu/2021-11/msg00001.html))<br>- nettle ([3.8.1](https://git.lysator.liu.se/nettle/nettle/-/blob/990abad16ceacd070747dcc76ed16a39c129321e/ChangeLog))<br>- nfs-utils ([2.5.4](https://lore.kernel.org/linux-fsdevel/c8795653-7728-18a4-93dc-58943ad0fe09@redhat.com/))<br>- nghttp2 ([1.45.1](https://github.com/nghttp2/nghttp2/releases/tag/v1.45.1))<br>- nmap ([7.93](https://nmap.org/changelog.html#7.93))<br>- nvidia-drivers ([510.73.05](https://docs.nvidia.com/datacenter/tesla/tesla-release-notes-510-73-05/index.html))<br>- nvme-cli ([1.16](https://github.com/linux-nvme/nvme-cli/commits/deee9cae1ac94760deebd71f8e5449061338666c))<br>- oniguruma ([6.9.8](https://github.com/kkos/oniguruma/releases/tag/v6.9.8) (includes [6.9.7.1](https://github.com/kkos/oniguruma/releases/tag/v6.9.7.1)))<br>- open-isns ([0.101](https://github.com/open-iscsi/open-isns/blob/v0.101/ChangeLog))<br>- openssh ([9.1](http://www.openssh.com/releasenotes.html#9.1) (includes [8.8](http://www.openssh.com/txt/release-8.8)))<br>- openssl ([3.0.7](https://www.openssl.org/news/openssl-3.0-notes.html) (includes [3.0.3](https://www.openssl.org/news/changelog.html#openssl-30), [3.0.2](https://www.openssl.org/news/changelog.html#openssl-30), [3.0.1](https://www.openssl.org/news/changelog.html#openssl-30)))<br>- pam ([1.5.1_p20210622](https://github.com/linux-pam/linux-pam/commit/fe1307512fb8892b5ceb3d884c793af8dbd4c16a))<br>- pambase (20220214)<br>- parted ([3.4](https://savannah.gnu.org/forum/forum.php?forum_id=9924) (includes [3.3](https://savannah.gnu.org/forum/forum.php?forum_id=9569)))<br>- pciutils ([3.7.0](https://github.com/pciutils/pciutils/commit/864aecdea9c7db626856d8d452f6c784316a878c))<br>- pcre2 ([10.39](https://github.com/PhilipHazel/pcre2/blob/pcre2-10.39/NEWS))<br>- pinentry ([1.2.0](https://dev.gnupg.org/T5566))<br>- polkit ([121](https://gitlab.freedesktop.org/polkit/polkit/-/commit/827b0ddac5b1ef00a47fca4526fcf057bee5f1db) (includes [0.120](https://gitlab.freedesktop.org/polkit/polkit/-/blob/0.120/NEWS)))<br>- quota ([4.06](https://sourceforge.net/p/linuxquota/code/ci/0acd4cc6275122fd9864cb7b5d349e65a2622920/))<br>- rpcbind ([1.2.6](https://git.linux-nfs.org/?p=steved/rpcbind.git;a=shortlog;h=refs/tags/rpcbind-1_2_6))<br>- rsync ([3.2.7](https://download.samba.org/pub/rsync/NEWS#3.2.7) (includes [3.2.6](https://github.com/WayneD/rsync/releases/tag/v3.2.6), [3.2.4](https://download.samba.org/pub/rsync/NEWS.html#3.2.4)))<br>- runc ([1.1.4](https://github.com/opencontainers/runc/releases/tag/v1.1.4) (includes [1.1.3](https://github.com/opencontainers/runc/releases/tag/v1.1.3), [1.1.2](https://github.com/opencontainers/runc/releases/tag/v1.1.2), [1.1.1](https://github.com/opencontainers/runc/releases/tag/v1.1.1), [1.1.0](https://github.com/opencontainers/runc/releases/tag/v1.1.0)))<br>- samba ([4.15.4](https://www.samba.org/samba/history/samba-4.15.4.html))<br>- sed ([4.8](https://savannah.gnu.org/forum/forum.php?forum_id=9647))<br>- shadow ([4.13](https://github.com/shadow-maint/shadow/releases/tag/4.13) (includes [4.12.3](https://github.com/shadow-maint/shadow/releases/tag/4.12.3), [4.11.1](https://github.com/shadow-maint/shadow/releases/tag/v4.11.1)))<br>- socat ([1.7.4.3](https://repo.or.cz/socat.git/blob/refs/tags/tag-1.7.4.3:/CHANGES))<br>- sqlite ([3.40.1](https://www.sqlite.org/releaselog/3_40_1.html) (contains [3.40.0](https://www.sqlite.org/releaselog/3_40_0.html), [3.39.4](https://sqlite.org/releaselog/3_39_4.html), [3.38.1](https://www.sqlite.org/releaselog/3_38_1.html)))<br>- strace ([5.19](https://github.com/strace/strace/releases/tag/v5.19))<br>- sudo ([1.9.12_p2](https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_12p2) (includes [1.9.12_p1](https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_12p1), [1.9.10](https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_10)))<br>- systemd ([252.11](https://github.com/systemd/systemd-stable/releases/tag/v252.11) (includes [252.5](https://github.com/systemd/systemd-stable/releases/tag/v252.5), [252](https://github.com/systemd/systemd/releases/tag/v252), [251.10](https://github.com/systemd/systemd-stable/commits/v251.10), [251](https://github.com/systemd/systemd/releases/tag/v251), [250.7](https://github.com/systemd/systemd-stable/releases/tag/v250.7), [250.3](https://github.com/systemd/systemd-stable/releases/tag/v250.3), [249.7](https://github.com/systemd/systemd-stable/blob/v249.7/NEWS)))<br>- talloc ([2.3.3](https://gitlab.com/samba-team/samba/-/commit/bc1ee7ca0640f0136e5af7dcc4ca8ed0a5893053))<br>- tcpdump ([4.99.1](https://git.tcpdump.org/tcpdump/blob/5f552b5e6e9fe05f7ad9681d51d0303233daba6a:/CHANGES))<br>- tevent ([0.11.0](https://gitlab.com/samba-team/samba/-/commit/de4e8a1af9564f6056f9af90867c2f013449051c))<br>- thin-provisioning-tools ([0.9.0](https://github.com/jthornber/thin-provisioning-tools/blob/d6d93c3157631b242a13a81d30f75453e576c55a/CHANGES#L1-L9))<br>- timezone-data ([2021a](https://mm.icann.org/pipermail/tz-announce/2021-January/000065.html))<br>- unzip ([6.0_p27](https://metadata.ftp-master.debian.org/changelogs//main/u/unzip/unzip_6.0-27_changelog) (includes [6.0_p26](https://metadata.ftp-master.debian.org/changelogs//main/u/unzip/unzip_6.0-26_changelog)))<br>- usbutils ([014](https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usbutils.git/commit/?id=57fb18e59cce31a50a1ca62d1e192512c905ba00))<br>- util-linux ([2.37.4](https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.4-ChangeLog))<br>- vim ([9.0.1157](https://github.com/vim/vim/releases/tag/v9.0.1157) (includes [9.0.1000](https://github.com/vim/vim/releases/tag/v9.0.1000), [9.0.0828](https://github.com/vim/vim/releases/tag/v9.0.0828), [9.0.0655](https://github.com/vim/vim/releases/tag/v9.0.0655), [9.0.0469](https://github.com/vim/vim/releases/tag/v9.0.0469), [8.2.5066](https://github.com/vim/vim/releases/tag/v8.2.5066), [8.2.4328](https://github.com/vim/vim/releases/tag/v8.2.4328), [8.2.3582](https://github.com/vim/vim/releases/tag/v8.2.3582)))<br>- wget ([1.21.3](https://lists.gnu.org/archive/html/info-gnu/2022-02/msg00017.html))<br>- whois ([5.5.14](https://github.com/rfc1036/whois/commit/ab10466cf2e1ec4887f6a44375c3e29c1720157f) (includes [5.5.13](https://github.com/rfc1036/whois/blob/v5.5.13/debian/changelog), [5.5.11](https://github.com/rfc1036/whois/commit/5f5ba8312c04a759dad05723c035549273d07461)))<br>- wireguard-tools ([1.0.20210914](https://github.com/WireGuard/wireguard-tools/releases/tag/v1.0.20210914))<br>- xfsprogs ([5.14.2](https://marc.info/?l=linux-xfs&m=163883318025390&w=2))<br>- xz-utils ([5.4.1](https://github.com/tukaani-project/xz/releases/tag/v5.4.1) (includes [5.4.0](https://github.com/tukaani-project/xz/releases/tag/v5.4.0), [5.2.10](https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;h=d92fa88a835180af5d6ff22ad0e240d6468f81af;hb=f7c2cc55618b9af3318f0c908cf8db0df1e28e7c), [5.2.9](https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;h=ebb303084403445088ec97dfedf0461a6e5b5077;hb=d8a898eb9974683bc725c49ec76722f9a8758f48), [5.2.8](https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;h=c244b42a6771a6e8af206318dfc500d78929fd6f;hb=5476089d9c42b9b04e92b80e1800b384a98265cb), [5.2.7](https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;h=0205423e79ce8297102096b0fc8b030ddf5b2023;hb=d24a57b7fc7e5e9267b84367cb0788d3acf7f569), [5.2.6](https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;h=4c79b18ff26a1c479a920b21f07d050599c04c9e;hb=8dfed05bdaa4873833ba24279f02ad2db25effea)))<br>- zlib ([1.2.13](https://github.com/madler/zlib/releases/tag/v1.2.13) (includes [1.2.12](https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/ChangeLog#L4)))<br>- GCE: google-compute-image-packages ([20190124](https://github.com/GoogleCloudPlatform/compute-image-packages/releases/tag/20190124))<br>- OEM: distro ([1.7.0](https://github.com/python-distro/distro/releases/tag/v1.7.0))<br>- OEM: libmspack ([0.10.1_alpha](https://github.com/kyz/libmspack/blob/v0.10.1alpha/libmspack/ChangeLog))<br>- OEM: python ([3.9.16](https://www.python.org/downloads/release/python-3916/) (includes [3.9.12](https://www.python.org/downloads/release/python-3912/), [3.9.8](https://www.python.org/downloads/release/python-398/)))<br>- SDK: bison ([3.8.2](https://lists.gnu.org/archive/html/bug-bison/2021-09/msg00056.html))<br>- SDK: boost ([1.81.0](https://www.boost.org/users/history/version_1_81_0.html))<br>- SDK: catalyst ([3.0.21](https://gitweb.gentoo.org/proj/catalyst.git/log/?h=3.0.21))<br>- SDK: cmake ([3.23.3](https://cmake.org/cmake/help/v3.23/release/3.23.html))<br>- SDK: edk2-ovmf ([202105](https://github.com/tianocore/edk2/releases/tag/edk2-stable202105))<br>- SDK: file ([5.44](https://github.com/file/file/blob/FILE5_44/ChangeLog) (includes [5.43](https://mailman.astron.com/pipermail/file/2022-September/000857.html), [5.40](https://mailman.astron.com/pipermail/file/2021-March/000478.html)))<br>- SDK: gcc-config ([2.5](https://gitweb.gentoo.org/proj/gcc-config.git/tag/?h=v2.5))<br>- SDK: iasl ([20200717](https://www.acpica.org/node/183))<br>- SDK: ipxe ([1.21.1](https://github.com/ipxe/ipxe/releases/tag/v1.21.1))<br>- SDK: kexec-tools ([2.0.22](https://www.spinics.net/lists/kexec/msg26864.html))<br>- SDK: libpng ([1.6.39](http://www.libpng.org/pub/png/src/libpng-1.6.39-README.txt) (includes [1.6.38](http://www.libpng.org/pub/png/src/libpng-1.6.38-README.txt)))<br>- SDK: libtool ([2.4.7](https://savannah.gnu.org/forum/forum.php?forum_id=10139))<br>- SDK: libxslt ([1.1.37](https://gitlab.gnome.org/GNOME/libxslt/-/tags/v1.1.37) (includes [1.1.35](https://gitlab.gnome.org/GNOME/libxslt/-/tags/v1.1.35)))<br>- SDK: man-db ([2.9.4](https://gitlab.com/cjwatson/man-db/-/tags/2.9.4))<br>- SDK: man-pages ([5.12-r2](https://man7.org/linux/man-pages/changelog.html#release_5.12))<br>- SDK: meson ([0.62.2](https://mesonbuild.com/Release-notes-for-0-62-0.html))<br>- SDK: netperf ([2.7.0](https://github.com/HewlettPackard/netperf/blob/netperf-2.7.0/Release_Notes))<br>- SDK: ninja ([1.11.0](https://groups.google.com/g/ninja-build/c/R2oCyDctDf8/m/-U94Y5I8AgAJ?pli=1))<br>- SDK: pahole ([1.23](https://git.kernel.org/pub/scm/devel/pahole/pahole.git/tag/?h=v1.23))<br>- SDK: perl ([5.36.0](https://perldoc.perl.org/5.36.0/perldelta) (includes [5.34.1](https://perldoc.perl.org/5.34.1/perldelta), [5.15](https://kernelnewbies.org/LinuxChanges#Linux_5.15.Tracing.2C_perf_and_BPF)))<br>- SDK: pkgconf ([1.8.0](https://gitea.treehouse.systems/ariadne/pkgconf/src/tag/pkgconf-1.8.0/NEWS))<br>- SDK: portage ([3.0.43](https://github.com/gentoo/portage/blob/portage-3.0.43/NEWS) (includes [3.0.42](https://github.com/gentoo/portage/blob/portage-3.0.42/NEWS), [3.0.41](https://gitweb.gentoo.org/proj/portage.git/tree/NEWS?h=portage-3.0.41)))<br>- SDK: Python ([3.9.12](https://www.python.org/downloads/release/python-3912/) (includes [3.9.8](https://www.python.org/downloads/release/python-398/)))<br>- SDK: qemu ([7.2.0](https://wiki.qemu.org/ChangeLog/7.2) (includes [7.1.0](https://wiki.qemu.org/ChangeLog/7.1), [7.0.0](https://wiki.qemu.org/ChangeLog/7.0), [6.1.0](https://wiki.qemu.org/ChangeLog/6.1)))<br>- SDK: Rust ([1.67.0](https://github.com/rust-lang/rust/releases/tag/1.67.0) (includes [1.66.1](https://github.com/rust-lang/rust/releases/tag/1.66.1), [1.66.0](https://github.com/rust-lang/rust/releases/tag/1.66.0), [1.65.0](https://github.com/rust-lang/rust/releases/tag/1.65.0), [1.64.0](https://github.com/rust-lang/rust/releases/tag/1.64.0), [1.63.0](https://github.com/rust-lang/rust/releases/tag/1.63.0), [1.62.1](https://github.com/rust-lang/rust/releases/tag/1.62.1), [1.62.0](https://github.com/rust-lang/rust/releases/tag/1.62.0), [1.61.0](https://github.com/rust-lang/rust/releases/tag/1.61.0), [1.60.0](https://github.com/rust-lang/rust/releases/tag/1.60.0), [1.59.0](https://github.com/rust-lang/rust/releases/tag/1.59.0), [1.58.1](https://github.com/rust-lang/rust/releases/tag/1.58.1), [1.57.0](https://github.com/rust-lang/rust/releases/tag/1.57.0)))<br>- SDK: sbsigntools ([0.9.4](https://git.kernel.org/pub/scm/linux/kernel/git/jejb/sbsigntools.git/tag/?h=v0.9.4))<br>- SDK: seabios ([1.14.0](https://seabios.org/Releases#SeaBIOS_1.14.0))<br>- SDK: sgabios ([0.1_pre10](https://git.qemu.org/?p=sgabios.git;a=tree;h=a85446adb0e0))<br>- SDK: squashfs-tools ([4.5_p20210914](https://lore.kernel.org/lkml/CAB3woddJss+ziGp-RjJ-yiax6pc_HLMdxk3Qk5nJdRgjpEYWBg@mail.gmail.com/))<br>- VMware: open-vm-tools ([12.1.5](https://github.com/vmware/open-vm-tools/releases/tag/stable-12.1.5) (includes [12.1.0](https://github.com/vmware/open-vm-tools/releases/tag/stable-12.1.0), [12.0.5](https://github.com/vmware/open-vm-tools/releases/tag/stable-12.0.5), [12.0.0](https://github.com/vmware/open-vm-tools/releases/tag/stable-12.0.0)))<br>Packages:<br>- containerd 1.6.16<br>- docker 20.10.23<br>- ignition 2.14.0<br>- kernel 5.15.132<br>- systemd 252<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-10-05T10:09:06+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.93033.3.92024-03-20T12:53:28.616724+00:00_Changes since **LTS 3033.3.8**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2022-3424](https://nvd.nist.gov/vuln/detail/CVE-2022-3424), [CVE-2022-3534](https://nvd.nist.gov/vuln/detail/CVE-2022-3534), [CVE-2022-3545](https://nvd.nist.gov/vuln/detail/CVE-2022-3545), [CVE-2022-3623](https://nvd.nist.gov/vuln/detail/CVE-2022-3623), [CVE-2022-36280](https://nvd.nist.gov/vuln/detail/CVE-2022-36280), [CVE-2022-3643](https://nvd.nist.gov/vuln/detail/CVE-2022-3643), [CVE-2022-41218](https://nvd.nist.gov/vuln/detail/CVE-2022-41218), [CVE-2022-4378](https://nvd.nist.gov/vuln/detail/CVE-2022-4378), [CVE-2022-45934](https://nvd.nist.gov/vuln/detail/CVE-2022-45934), [CVE-2022-47929](https://nvd.nist.gov/vuln/detail/CVE-2022-47929), [CVE-2023-0266](https://nvd.nist.gov/vuln/detail/CVE-2023-0266), [CVE-2023-0394](https://nvd.nist.gov/vuln/detail/CVE-2023-0394), [CVE-2023-23454](https://nvd.nist.gov/vuln/detail/CVE-2023-23454), [CVE-2023-23455](https://nvd.nist.gov/vuln/detail/CVE-2023-23455))<br><br>#### Bug fixes:<br><br><br>#### Changes:<br><br><br>#### Updates:<br><br>- Linux ([5.10.164](https://lwn.net/Articles/920322) (includes [5.10.163](https://lwn.net/Articles/920013), [5.10.162](https://lwn.net/Articles/919055), [5.10.161](https://lwn.net/Articles/918330), [5.10.160](https://lwn.net/Articles/918207), [5.10.159](https://lwn.net/Articles/917899), [5.10.158](https://lwn.net/Articles/917402)))<br>- ca-certificates ([3.87](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_87.html) (includes [3.86](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_86.html)))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.164<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-01-24T13:14:09+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.83033.3.82024-03-20T12:53:28.612294+00:00 _Changes since **LTS 3033.3.7**_<br> <br>#### Security fixes:<br> <br>- Linux ([CVE-2022-3169](https://nvd.nist.gov/vuln/detail/CVE-2022-3169), [CVE-2022-3521](https://nvd.nist.gov/vuln/detail/CVE-2022-3521))<br><br>#### Updates:<br> <br>- Linux ([5.10.157](https://lwn.net/Articles/916764) (includes [5.10.156](https://lwn.net/Articles/915992), [5.10.155](https://lwn.net/Articles/915101)))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.157<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-12-09T09:46:54+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.73033.3.72024-03-20T12:53:28.608444+00:00 _Changes since **LTS 3033.3.6**_<br> <br> #### Security fixes:<br> <br> - Linux ([CVE-2021-4037](https://nvd.nist.gov/vuln/detail/CVE-2021-4037), [CVE-2022-0171](https://nvd.nist.gov/vuln/detail/CVE-2022-0171), [CVE-2022-2602](https://nvd.nist.gov/vuln/detail/CVE-2022-2602), [CVE-2022-2663](https://nvd.nist.gov/vuln/detail/CVE-2022-2663), [CVE-2022-3061](https://nvd.nist.gov/vuln/detail/CVE-2022-3061), [CVE-2022-3303](https://nvd.nist.gov/vuln/detail/CVE-2022-3303), [CVE-2022-3535](https://nvd.nist.gov/vuln/detail/CVE-2022-3535), [CVE-2022-3542](https://nvd.nist.gov/vuln/detail/CVE-2022-3542), [CVE-2022-3565](https://nvd.nist.gov/vuln/detail/CVE-2022-3565), [CVE-2022-3586](https://nvd.nist.gov/vuln/detail/CVE-2022-3586), [CVE-2022-3594](https://nvd.nist.gov/vuln/detail/CVE-2022-3594), [CVE-2022-3621](https://nvd.nist.gov/vuln/detail/CVE-2022-3621), [CVE-2022-3646](https://nvd.nist.gov/vuln/detail/CVE-2022-3646), [CVE-2022-3649](https://nvd.nist.gov/vuln/detail/CVE-2022-3649), [CVE-2022-39842](https://nvd.nist.gov/vuln/detail/CVE-2022-39842), [CVE-2022-40307](https://nvd.nist.gov/vuln/detail/CVE-2022-40307), [CVE-2022-40768](https://nvd.nist.gov/vuln/detail/CVE-2022-40768), [CVE-2022-41674](https://nvd.nist.gov/vuln/detail/CVE-2022-41674), [CVE-2022-42719](https://nvd.nist.gov/vuln/detail/CVE-2022-42719), [CVE-2022-42720](https://nvd.nist.gov/vuln/detail/CVE-2022-42720), [CVE-2022-42721](https://nvd.nist.gov/vuln/detail/CVE-2022-42721), [CVE-2022-42722](https://nvd.nist.gov/vuln/detail/CVE-2022-42722), [CVE-2022-43750](https://nvd.nist.gov/vuln/detail/CVE-2022-43750))<br> <br> #### Updates:<br> <br> - Linux ([5.10.154](https://lwn.net/Articles/914423) (includes [5.10.153](https://lwn.net/Articles/913682) [5.10.152](https://lwn.net/Articles/913110), [5.10.151](https://lwn.net/Articles/912993), [5.10.150](https://lwn.net/Articles/912501), [5.10.149](https://lwn.net/Articles/911488), [5.10.148](https://lwn.net/Articles/911276), [5.10.147](https://lwn.net/Articles/910399), [5.10.146](https://lwn.net/Articles/909680), [5.10.145](https://lwn.net/Articles/909213), [5.10.144](https://lwn.net/Articles/908783), [5.10.143](https://lwn.net/Articles/908141)))<br> - ca-certificates ([3.84](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_84.html))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.154<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-11-17T12:03:56+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.63033.3.62024-03-20T12:53:28.602993+00:00_Changes since **LTS 3033.3.5**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2022-2905](https://nvd.nist.gov/vuln/detail/CVE-2022-2905), [CVE-2022-3028](https://nvd.nist.gov/vuln/detail/CVE-2022-3028), [CVE-2022-39190](https://nvd.nist.gov/vuln/detail/CVE-2022-39190))<br>- torcx ([CVE-2021-38561](https://nvd.nist.gov/vuln/detail/CVE-2021-38561), [CVE-2021-43565](https://nvd.nist.gov/vuln/detail/CVE-2021-43565), [CVE-2022-27191](https://nvd.nist.gov/vuln/detail/CVE-2022-27191))<br><br>#### Bug fixes:<br><br>- Equinix Metal: Fixed serial console settings for the `m3.small.x86` instance by expanding the GRUB check for `i386` to `x86_64` [coreos-overlay#2122](https://github.com/flatcar-linux/coreos-overlay/pull/2122)<br><br>#### Changes:<br><br>- emerge-gitclone: Migrate emerge-gitclone to use scripts repo tags and submodule refs<br><br>#### Updates:<br><br>- Linux ([5.10.142](https://lwn.net/Articles/907525) (includes [5.10.141](https://lwn.net/Articles/907205), [5.10.140](https://lwn.net/Articles/906628), [5.10.139](https://lwn.net/Articles/906359), [5.10.138](https://lwn.net/Articles/906062)))<br>- ca-certificates ([3.83](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_83.html))<br>- locksmith([0.7.0](https://github.com/flatcar/locksmith/blob/v0.7.0/CHANGELOG.md#v070--30112021))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.142<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-10-17T14:39:29+00:00https://github.com/kinvolk/manifest/releases/tag/v3033.3.53033.3.52024-03-20T12:53:28.598696+00:00_Changes since **LTS 3033.3.4**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2022-1679](https://nvd.nist.gov/vuln/detail/CVE-2022-1679), [CVE-2022-2153](https://nvd.nist.gov/vuln/detail/CVE-2022-2153), [CVE-2022-2585](https://nvd.nist.gov/vuln/detail/CVE-2022-2585), [CVE-2022-2586](https://nvd.nist.gov/vuln/detail/CVE-2022-2586), [CVE-2022-2588](https://nvd.nist.gov/vuln/detail/CVE-2022-2588), [CVE-2022-26373](https://nvd.nist.gov/vuln/detail/CVE-2022-26373), [CVE-2022-36946](https://nvd.nist.gov/vuln/detail/CVE-2022-36946))<br><br>#### Changes:<br><br>- The new image signing subkey was added to the public key embedded into `flatcar-install` (the old expired on 10th August 2022), only an updated `flatcar-install` script can verify releases signed with the new key ([init#79](https://github.com/flatcar/init/pull/79))<br><br>#### Updates:<br><br>- Linux ([5.10.137](https://lwn.net/Articles/905534) (includes [5.10.136](https://lwn.net/Articles/904462), [5.10.135](https://lwn.net/Articles/903689)))<br>- ca-certificates ([3.82](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_82.html))<br><br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.137<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-09-01T12:58:14+00:00https://github.com/kinvolk/manifest/releases/tag/v3033.3.43033.3.42024-03-20T12:53:28.594133+00:00New LTS-2022 Release 3033.3.4<br><br>Changes since LTS-2022 3033.3.3<br><br>## Security fixes:<br><br>- Linux ([CVE-2022-23816](https://nvd.nist.gov/vuln/detail/CVE-2022-23816), [CVE-2022-23825](https://nvd.nist.gov/vuln/detail/CVE-2022-23825), [CVE-2022-29900](https://nvd.nist.gov/vuln/detail/CVE-2022-29900), [CVE-2022-29901](https://nvd.nist.gov/vuln/detail/CVE-2022-29901))<br><br>## Bug fixes:<br><br><br>## Changes:<br><br><br>## Updates:<br><br>- Linux ([5.10.134](https://lwn.net/Articles/902918) (includes [5.10.133](https://lwn.net/Articles/902372), [5.10.132](https://lwn.net/Articles/902102)))<br>- ca-certificates ([3.81](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_81.html))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.134<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-08-04T12:04:45+00:00https://github.com/kinvolk/manifest/releases/tag/v3033.3.33033.3.32024-03-20T12:53:28.588346+00:00New **LTS-2022** Release **3033.3.3**<br><br>_Changes since **LTS 3033.3.2**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2021-33655](https://nvd.nist.gov/vuln/detail/CVE-2021-33655), [CVE-2021-33656](https://nvd.nist.gov/vuln/detail/CVE-2021-33656), [CVE-2022-2318](https://nvd.nist.gov/vuln/detail/CVE-2022-2318), [CVE-2022-26365](https://nvd.nist.gov/vuln/detail/CVE-2022-26365), [CVE-2022-32296](https://nvd.nist.gov/vuln/detail/CVE-2022-32296), [CVE-2022-33740](https://nvd.nist.gov/vuln/detail/CVE-2022-33740), [CVE-2022-33741](https://nvd.nist.gov/vuln/detail/CVE-2022-33741), [CVE-2022-33742](https://nvd.nist.gov/vuln/detail/CVE-2022-33742), [CVE-2022-33743](https://nvd.nist.gov/vuln/detail/CVE-2022-33743), [CVE-2022-33744](https://nvd.nist.gov/vuln/detail/CVE-2022-33744), [CVE-2022-34918](https://nvd.nist.gov/vuln/detail/CVE-2022-34918))<br>- containerd ([CVE-2022-31030](https://nvd.nist.gov/vuln/detail/CVE-2022-31030))<br><br>#### Bug fixes:<br><br>- Removed outdated LTS channel information printed on login ([init#75](https://github.com/flatcar/init/pull/75))<br><br>#### Changes:<br><br>- Enabled `containerd.service` unit, `br_netfilter` and `overlay` modules by default to follow Kubernetes requirements ([coreos-overlay#1944](https://github.com/flatcar/coreos-overlay/pull/1944), [init#72](https://github.com/flatcar/init/pull/72))<br>- DigitalOcean: In addition to the `bz2` image, a `gz` compressed image is published. This helps against hitting the compression timeout that sometimes lets the image import fail.<br>- OpenStack: In addition to the `bz2` image, a `gz` compressed image is published. This allows Glance to directly consume the images by simply passing in the URL of the image.<br>- SDK: The image compression format is now configurable. Supported formats are: `bz2`, `gz`, `zip`, `none`, `zst`. Selecting the image format can now be done by passing the `--image_compression_formats` option. This flag gets a comma separated list of formats.<br><br>#### Updates:<br><br>- Linux ([5.10.131](https://lwn.net/Articles/901381/) (includes [5.10.130](https://lwn.net/Articles/900910), [5.10.129](https://lwn.net/Articles/900322), [5.10.128](https://lwn.net/Articles/899789), [5.10.127](https://lwn.net/Articles/899371), [5.10.126](https://lwn.net/Articles/899121), [5.10.125](https://lwn.net/Articles/899090), [5.10.124](https://lwn.net/Articles/898623)))<br>- ca-certificates ([3.80](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_80.html))<br>- containerd ([1.5.13](https://github.com/containerd/containerd/releases/tag/v1.5.13))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.131<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-07-21T15:46:59+00:00https://github.com/kinvolk/manifest/releases/tag/v3033.3.23033.3.22024-03-20T12:53:28.581840+00:00New **LTS-2022** Release **3033.3.2**<br><br>Changes since **LTS 3033.3.1**<br><br>#### Security fixes:<br><br>- Linux ([CVE-2022-1012](https://nvd.nist.gov/vuln/detail/CVE-2022-1012), [CVE-2022-1789](https://nvd.nist.gov/vuln/detail/CVE-2022-1789), [CVE-2022-1852](https://nvd.nist.gov/vuln/detail/CVE-2022-1852), [CVE-2022-1972](https://nvd.nist.gov/vuln/detail/CVE-2022-1972), [CVE-2022-2078](https://nvd.nist.gov/vuln/detail/CVE-2022-2078), [CVE-2022-21499](https://nvd.nist.gov/vuln/detail/CVE-2022-21499), [CVE-2022-32250](https://nvd.nist.gov/vuln/detail/CVE-2022-32250), [CVE-2022-32981](https://nvd.nist.gov/vuln/detail/CVE-2022-32981))<br>- libpcre2 ([CVE-2022-1586](https://nvd.nist.gov/vuln/detail/CVE-2022-1586), [CVE-2022-1587](https://nvd.nist.gov/vuln/detail/CVE-2022-1587))<br><br>#### Updates:<br><br>- Linux ([5.10.123](https://lwn.net/Articles/898125) (includes [5.10.122](https://lwn.net/Articles/897903), [5.10.121](https://lwn.net/Articles/897378), [5.10.120](https://lwn.net/Articles/897168), [5.10.119](https://lwn.net/Articles/896648))<br>- ca-certificates ([3.79](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_79.html))<br>- libpcre2 ([10.40](https://github.com/PCRE2Project/pcre2/blob/pcre2-10.40/NEWS))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.123<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-06-23T11:49:00+00:00https://github.com/kinvolk/manifest/releases/tag/v3033.3.13033.3.12024-03-20T12:53:28.576148+00:00New **LTS-2022** Release **3033.3.1**<br><br>_Changes since **LTS-2022 3033.3.0**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2022-28390](https://nvd.nist.gov/vuln/detail/CVE-2022-28390), [CVE-2022-0168](https://nvd.nist.gov/vuln/detail/CVE-2022-0168), [CVE-2022-1158](https://nvd.nist.gov/vuln/detail/CVE-2022-1158), [CVE-2022-1353](https://nvd.nist.gov/vuln/detail/CVE-2022-1353), [CVE-2022-30594](https://nvd.nist.gov/vuln/detail/CVE-2022-30594), [CVE-2022-1198](https://nvd.nist.gov/vuln/detail/CVE-2022-1198), [CVE-2022-28389](https://nvd.nist.gov/vuln/detail/CVE-2022-28389), [CVE-2022-28388](https://nvd.nist.gov/vuln/detail/CVE-2022-28388), [CVE-2022-1516](https://nvd.nist.gov/vuln/detail/CVE-2022-1516), [CVE-2022-29582](https://nvd.nist.gov/vuln/detail/CVE-2022-29582), [CVE-2021-4197](https://nvd.nist.gov/vuln/detail/CVE-2021-4197), [CVE-2022-1204](https://nvd.nist.gov/vuln/detail/CVE-2022-1204), [CVE-2022-1205](https://nvd.nist.gov/vuln/detail/CVE-2022-1205), [CVE-2022-29581](https://nvd.nist.gov/vuln/detail/CVE-2022-29581), [CVE-2022-1836](https://nvd.nist.gov/vuln/detail/CVE-2022-1836), [CVE-2022-1734](https://nvd.nist.gov/vuln/detail/CVE-2022-1734), [CVE-2022-0494](https://nvd.nist.gov/vuln/detail/CVE-2022-0494), [CVE-2022-28893](https://nvd.nist.gov/vuln/detail/CVE-2022-28893), [CVE-2022-1729](https://nvd.nist.gov/vuln/detail/CVE-2022-1729), [CVE-2022-0854](https://nvd.nist.gov/vuln/detail/CVE-2022-0854))<br><br>#### Bug fixes:<br><br>- Ensured `/etc/flatcar/update.conf` exists because it happens to be used as flag file for Ansible ([init#71](https://github.com/flatcar/init/pull/71))<br><br>#### Updates:<br><br>- Linux ([5.10.118](https://lwn.net/Articles/896225/) (includes [5.10.117](https://lwn.net/Articles/895646), [5.10.116](https://lwn.net/Articles/895319), [5.10.115](https://lwn.net/Articles/895071), [5.10.114](https://lwn.net/Articles/894358), [5.10.113](https://lwn.net/Articles/892813), [5.10.112](https://lwn.net/Articles/891997), [5.10.111](https://lwn.net/Articles/891252), [5.10.110](https://lwn.net/Articles/890723)))<br>- ca-certificates ([3.78](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_78.html))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.118<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-06-02T15:10:04+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.183033.3.182024-03-20T12:53:28.571002+00:00_Changes since **LTS 3033.3.17**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2023-31085](https://nvd.nist.gov/vuln/detail/CVE-2023-31085), [CVE-2023-34324](https://nvd.nist.gov/vuln/detail/CVE-2023-34324), [CVE-2023-39189](https://nvd.nist.gov/vuln/detail/CVE-2023-39189), [CVE-2023-39192](https://nvd.nist.gov/vuln/detail/CVE-2023-39192), [CVE-2023-39193](https://nvd.nist.gov/vuln/detail/CVE-2023-39193), [CVE-2023-4244](https://nvd.nist.gov/vuln/detail/CVE-2023-4244), [CVE-2023-42752](https://nvd.nist.gov/vuln/detail/CVE-2023-42752), [CVE-2023-42753](https://nvd.nist.gov/vuln/detail/CVE-2023-42753), [CVE-2023-42754](https://nvd.nist.gov/vuln/detail/CVE-2023-42754), [CVE-2023-42755](https://nvd.nist.gov/vuln/detail/CVE-2023-42755), [CVE-2023-45871](https://nvd.nist.gov/vuln/detail/CVE-2023-45871), [CVE-2023-4623](https://nvd.nist.gov/vuln/detail/CVE-2023-4623), [CVE-2023-4921](https://nvd.nist.gov/vuln/detail/CVE-2023-4921), [CVE-2023-5197](https://nvd.nist.gov/vuln/detail/CVE-2023-5197))<br>- curl ([CVE-2023-38545](https://nvd.nist.gov/vuln/detail/CVE-2023-38545), [CVE-2023-38546](https://nvd.nist.gov/vuln/detail/CVE-2023-38546))<br><br>#### Bug fixes:<br><br><br>#### Changes:<br><br>- Add support for Microsoft Azure Network Adapter (MANA) NICs on Azure ([scripts#1131](https://github.com/flatcar/scripts/pull/1131))<br><br>#### Updates:<br><br>- ca-certificates ([3.94](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_94.html))<br>- Linux ([5.10.198](https://lwn.net/Articles/947300) (includes [5.10.197](https://lwn.net/Articles/945381), [5.10.196](https://lwn.net/Articles/945131), [5.10.195](https://lwn.net/Articles/944878), [5.10.194](https://lwn.net/Articles/943405)))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.198<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-10-25T08:40:29+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.173033.3.172024-03-20T12:53:28.566196+00:00 _Changes since **LTS 3033.3.16**_<br> <br> #### Security fixes:<br> <br> - Linux ([CVE-2022-40982](https://nvd.nist.gov/vuln/detail/CVE-2022-40982), [CVE-2022-41804](https://nvd.nist.gov/vuln/detail/CVE-2022-41804), [CVE-2023-20569](https://nvd.nist.gov/vuln/detail/CVE-2023-20569), [CVE-2023-23908](https://nvd.nist.gov/vuln/detail/CVE-2023-23908), [CVE-2023-1206](https://nvd.nist.gov/vuln/detail/CVE-2023-1206), [CVE-2023-20588](https://nvd.nist.gov/vuln/detail/CVE-2023-20588), [CVE-2023-40283](https://nvd.nist.gov/vuln/detail/CVE-2023-40283), [CVE-2023-4128](https://nvd.nist.gov/vuln/detail/CVE-2023-4128), [CVE-2023-4147](https://nvd.nist.gov/vuln/detail/CVE-2023-4147), [CVE-2023-4273](https://nvd.nist.gov/vuln/detail/CVE-2023-4273))<br> <br> #### Updates:<br> <br> - Linux ([5.10.193](https://lwn.net/Articles/943114) (includes [5.10.192](https://lwn.net/Articles/942867), [5.10.191](https://lwn.net/Articles/941777),[5.10.190](https://lwn.net/Articles/941276), [5.10.189](https://lwn.net/Articles/940802)))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.193<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-09-06T13:19:04+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.163033.3.162024-03-20T12:53:28.561123+00:00 _Changes since **LTS 3033.3.15**_<br> <br> #### Security fixes:<br> <br> - Linux ([CVE-2023-20593](https://nvd.nist.gov/vuln/detail/CVE-2023-20593), [CVE-2023-2898](https://nvd.nist.gov/vuln/detail/CVE-2023-2898), [CVE-2023-31248](https://nvd.nist.gov/vuln/detail/CVE-2023-31248), [CVE-2023-3390](https://nvd.nist.gov/vuln/detail/CVE-2023-3390), [CVE-2023-35001](https://nvd.nist.gov/vuln/detail/CVE-2023-35001), [CVE-2023-3610](https://nvd.nist.gov/vuln/detail/CVE-2023-3610), [CVE-2023-3611](https://nvd.nist.gov/vuln/detail/CVE-2023-3611), [CVE-2023-3776](https://nvd.nist.gov/vuln/detail/CVE-2023-3776), [CVE-2023-3863](https://nvd.nist.gov/vuln/detail/CVE-2023-3863))<br> - linux-firmware ([CVE-2023-20593](https://nvd.nist.gov/vuln/detail/CVE-2023-20593))<br> <br> #### Updates:<br> <br> - Linux ([5.10.188](https://lwn.net/Articles/939425) (includes [5.10.187](https://lwn.net/Articles/939105)))<br> - ca-certificates ([3.92](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_92.html))<br> - linux-firmware ([20230625](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20230625))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.188<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-08-09T11:41:25+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.153033.3.152024-03-20T12:53:28.556948+00:00 _Changes since **LTS 3033.3.14**_<br> <br> #### Security fixes:<br> <br> - Linux ([CVE-2023-3338](https://nvd.nist.gov/vuln/detail/CVE-2023-3338))<br> <br> #### Bug fixes:<br> <br> <br> #### Changes:<br> <br> - Changed ext4 inode size of root partition to 256 bytes. This improves compatibility with applications and is necessary for 2038 readiness ([Flatcar#1082](https://github.com/flatcar/Flatcar/issues/1082))<br> <br> #### Updates:<br> <br> - Linux ([5.10.186](https://lwn.net/Articles/936676) (includes [5.10.185](https://lwn.net/Articles/935583)))<br> - ca-certificates ([3.91](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_91.html))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.186<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-07-18T09:01:17+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.143033.3.142024-03-20T12:53:28.551812+00:00_Changes since **LTS 3033.3.13**_<br> <br>#### Security fixes:<br> <br>- Linux ([CVE-2022-4269](https://nvd.nist.gov/vuln/detail/CVE-2022-4269))<br> <br>#### Updates:<br> <br>- Linux ([5.10.184](https://lwn.net/Articles/934624) (includes [5.10.183](https://lwn.net/Articles/934321), [5.10.182](https://lwn.net/Articles/933910), [5.10.181](https://lwn.net/Articles/933279)))<br>- ca-certificates ([3.90](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_90.html))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.184<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-06-21T12:18:59+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.133033.3.132024-03-20T12:53:28.546336+00:00 _Changes since **LTS 3033.3.12**_<br> <br>#### Security fixes:<br> <br> - Linux ([CVE-2022-39189](https://nvd.nist.gov/vuln/detail/CVE-2022-39189), [CVE-2023-1380](https://nvd.nist.gov/vuln/detail/CVE-2023-1380), [CVE-2023-2002](https://nvd.nist.gov/vuln/detail/CVE-2023-2002), [CVE-2023-2269](https://nvd.nist.gov/vuln/detail/CVE-2023-2269), [CVE-2023-2513](https://nvd.nist.gov/vuln/detail/CVE-2023-2513), [CVE-2023-31436](https://nvd.nist.gov/vuln/detail/CVE-2023-31436), [CVE-2023-32233](https://nvd.nist.gov/vuln/detail/CVE-2023-32233))<br> <br>#### Bug fixes:<br> <br> <br>#### Changes:<br> <br> <br>#### Updates:<br> <br> - Linux ([5.10.180](https://lwn.net/Articles/932135) (includes [5.10.179](https://lwn.net/Articles/930264)))<br> - ca-certificates ([3.89.1](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_89_1.html))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.180<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-06-01T11:48:40+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.123033.3.122024-03-20T12:53:28.540691+00:00_Changes since **LTS 3033.3.11**_<br><br>#### Security fixes:<br><br>- nvidia-drivers ([CVE-2022-31607](https://nvd.nist.gov/vuln/detail/CVE-2022-31607), [CVE-2022-31608](https://nvd.nist.gov/vuln/detail/CVE-2022-31608), [CVE-2022-31615](https://nvd.nist.gov/vuln/detail/CVE-2022-31615), [CVE-2022-34665](https://nvd.nist.gov/vuln/detail/CVE-2022-34665), [CVE-2022-34666](https://nvd.nist.gov/vuln/detail/CVE-2022-34666), [CVE-2022-34670](https://nvd.nist.gov/vuln/detail/CVE-2022-34670), [CVE-2022-34673](https://nvd.nist.gov/vuln/detail/CVE-2022-34673), [CVE-2022-34674](https://nvd.nist.gov/vuln/detail/CVE-2022-34674), [CVE-2022-34676](https://nvd.nist.gov/vuln/detail/CVE-2022-34676), [CVE-2022-34677](https://nvd.nist.gov/vuln/detail/CVE-2022-34677), [CVE-2022-34678](https://nvd.nist.gov/vuln/detail/CVE-2022-34678), [CVE-2022-34679](https://nvd.nist.gov/vuln/detail/CVE-2022-34679), [CVE-2022-34680](https://nvd.nist.gov/vuln/detail/CVE-2022-34680), [CVE-2022-34682](https://nvd.nist.gov/vuln/detail/CVE-2022-34682), [CVE-2022-34684](https://nvd.nist.gov/vuln/detail/CVE-2022-34684), [CVE-2022-42254](https://nvd.nist.gov/vuln/detail/CVE-2022-42254), [CVE-2022-42255](https://nvd.nist.gov/vuln/detail/CVE-2022-42255), [CVE-2022-42256](https://nvd.nist.gov/vuln/detail/CVE-2022-42256), [CVE-2022-42257](https://nvd.nist.gov/vuln/detail/CVE-2022-42257), [CVE-2022-42258](https://nvd.nist.gov/vuln/detail/CVE-2022-42258), [CVE-2022-42259](https://nvd.nist.gov/vuln/detail/CVE-2022-42259), [CVE-2022-42260](https://nvd.nist.gov/vuln/detail/CVE-2022-42260), [CVE-2022-42261](https://nvd.nist.gov/vuln/detail/CVE-2022-42261), [CVE-2022-42263](https://nvd.nist.gov/vuln/detail/CVE-2022-42263), [CVE-2022-42264](https://nvd.nist.gov/vuln/detail/CVE-2022-42264), [CVE-2022-42265](https://nvd.nist.gov/vuln/detail/CVE-2022-42265))<br><br>#### Bug fixes:<br>- Fix the broken emerge-gitclone in the dev-container owing to the missing migration action around the unification of the Flatcar core repositories<br><br>#### Changes:<br>- The package upgrade for nvidia-drivers might result in not supporting a few of the older NVIDIA Tesla GPUs. If you are facing issues, set `NVIDIA_DRIVER_VERSION=460.106.00` in `/etc/flatcar/nvidia-metadata`<br><br>#### Updates:<br><br>- Linux ([5.10.178](https://lwn.net/Articles/929680/))<br>- nvidia-drivers ([525.105.17](https://docs.nvidia.com/datacenter/tesla/tesla-release-notes-525-105-17/index.html))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.178<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-04-25T13:46:55+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.113033.3.112024-03-20T12:53:28.532262+00:00_Changes since **LTS 3033.3.10**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2022-4379](https://nvd.nist.gov/vuln/detail/CVE-2022-4379), [CVE-2023-1076](https://nvd.nist.gov/vuln/detail/CVE-2023-1076), [CVE-2023-1077](https://nvd.nist.gov/vuln/detail/CVE-2023-1077), [CVE-2023-1079](https://nvd.nist.gov/vuln/detail/CVE-2023-1079), [CVE-2023-1118](https://nvd.nist.gov/vuln/detail/CVE-2023-1118), [CVE-2023-1611](https://nvd.nist.gov/vuln/detail/CVE-2023-1611), [CVE-2023-1670](https://nvd.nist.gov/vuln/detail/CVE-2023-1670), [CVE-2023-1829](https://nvd.nist.gov/vuln/detail/CVE-2023-1829), [CVE-2023-1855](https://nvd.nist.gov/vuln/detail/CVE-2023-1855), [CVE-2023-1989](https://nvd.nist.gov/vuln/detail/CVE-2023-1989), [CVE-2023-1990](https://nvd.nist.gov/vuln/detail/CVE-2023-1990), [CVE-2023-23004](https://nvd.nist.gov/vuln/detail/CVE-2023-23004), [CVE-2023-25012](https://nvd.nist.gov/vuln/detail/CVE-2023-25012), [CVE-2023-28466](https://nvd.nist.gov/vuln/detail/CVE-2023-28466), [CVE-2023-30456](https://nvd.nist.gov/vuln/detail/CVE-2023-30456), [CVE-2023-30772](https://nvd.nist.gov/vuln/detail/CVE-2023-30772))<br><br>#### Bug fixes:<br><br><br>#### Changes:<br><br>- Added new image signing pub key to `flatcar-install`, needed for download verification of releases built from July 2023 onwards, if you have copies of `flatcar-install` or the image signing pub key, you need to update them as well ([init#92](https://github.com/flatcar/init/pull/92))<br><br>#### Updates:<br><br>- ca-certificates ([3.89](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_89.html))<br>- Linux ([5.10.177](https://lwn.net/Articles/928342) (includes [5.10.176](https://lwn.net/Articles/926874), [5.10.175](https://lwn.net/Articles/926416), [5.10.174](https://lwn.net/Articles/925992), [5.10.173](https://lwn.net/Articles/925935)))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.177<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-04-17T13:20:00+00:00https://github.com/flatcar/scripts/releases/tag/lts-3033.3.103033.3.102024-03-20T12:53:28.524109+00:00 _Changes since **LTS 3033.3.9**_<br> <br> #### Security fixes:<br> <br> - Linux ([CVE-2022-2196](https://nvd.nist.gov/vuln/detail/CVE-2022-2196), [CVE-2022-3707](https://nvd.nist.gov/vuln/detail/CVE-2022-3707), [CVE-2022-4129](https://nvd.nist.gov/vuln/detail/CVE-2022-4129), [CVE-2022-4382](https://nvd.nist.gov/vuln/detail/CVE-2022-4382), [CVE-2023-1073](https://nvd.nist.gov/vuln/detail/CVE-2023-1073), [CVE-2023-1074](https://nvd.nist.gov/vuln/detail/CVE-2023-1074), [CVE-2023-1078](https://nvd.nist.gov/vuln/detail/CVE-2023-1078), [CVE-2023-22998](https://nvd.nist.gov/vuln/detail/CVE-2023-22998), [CVE-2023-23559](https://nvd.nist.gov/vuln/detail/CVE-2023-23559), [CVE-2023-26545](https://nvd.nist.gov/vuln/detail/CVE-2023-26545))<br> <br> #### Updates:<br> <br> - Linux ([5.10.172](https://lwn.net/Articles/925079) (includes [5.10.171](https://lwn.net/Articles/925065), [5.10.170](https://lwn.net/Articles/924440), [5.10.169](https://lwn.net/Articles/924074), [5.10.168](https://lwn.net/Articles/923395), [5.10.167](https://lwn.net/Articles/922341), [5.10.166](https://lwn.net/Articles/921852), [5.10.165](https://lwn.net/Articles/921030)))<br> - ca-certificates ([3.88.1](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_88_1.html))<br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.172<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2023-03-07T15:25:03+00:00https://github.com/kinvolk/manifest/releases/tag/v3033.3.03033.3.02024-03-20T12:53:28.515840+00:00New **LTS-2022** Release **3033.3.0**<br><br>_Changes since **LTS-2021 2605.27.1**_<br><br>Update to CGroupsV2: Flatcar Container Linux migrates to the unified cgroup hierarchy (aka cgroups v2)! New nodes will utilize cgroups v2 by default. Existing nodes remain on cgroups v1 and need to be manually migrated to cgroups v2. To learn more about the cgroups v2 on Flatcar Container Linux and the migration guide, please refer to https://flatcar-linux.org/docs/latest/container-runtimes/switching-to-unified-cgroups/<br><br>Other notable changes: cri-tools and lbzip2 got added, PAM tally2 got replaced by PAM faillock, only a single Docker version is now shipped (20.10), and rkt, kubelet-wapper, dhcpcd, and containerd-stress got removed.<br><br>### Security fixes:<br><br>(Note: Not all fixed issues may have been present in the old versions)<br>- Linux ([CVE-2020-27170](https://nvd.nist.gov/vuln/detail/CVE-2020-27170), [CVE-2020-25220](https://nvd.nist.gov/vuln/detail/CVE-2020-25220), [CVE-2020-27171](https://nvd.nist.gov/vuln/detail/CVE-2020-27171), [CVE-2020-35499](https://nvd.nist.gov/vuln/detail/CVE-2020-35499), [CVE-2022-0286](https://nvd.nist.gov/vuln/detail/CVE-2022-0286), [CVE-2022-0516](https://nvd.nist.gov/vuln/detail/CVE-2022-0516), [CVE-2021-3411](https://nvd.nist.gov/vuln/detail/CVE-2021-3411), [CVE-2021-3489](https://nvd.nist.gov/vuln/detail/CVE-2021-3489), [CVE-2021-3490](https://nvd.nist.gov/vuln/detail/CVE-2021-3490), [CVE-2021-3491](https://nvd.nist.gov/vuln/detail/CVE-2021-3491), [CVE-2021-3501](https://nvd.nist.gov/vuln/detail/CVE-2021-3501), [CVE-2021-3543](https://nvd.nist.gov/vuln/detail/CVE-2021-3543), [CVE-2021-4001](https://nvd.nist.gov/vuln/detail/CVE-2021-4001), [CVE-2021-4028](https://nvd.nist.gov/vuln/detail/CVE-2021-4028), [CVE-2021-4204](https://nvd.nist.gov/vuln/detail/CVE-2021-4204), [CVE-2021-20268](https://nvd.nist.gov/vuln/detail/CVE-2021-20268), [CVE-2021-22600](https://nvd.nist.gov/vuln/detail/CVE-2021-22600), [CVE-2021-26708](https://nvd.nist.gov/vuln/detail/CVE-2021-26708), [CVE-2021-28039](https://nvd.nist.gov/vuln/detail/CVE-2021-28039), [CVE-2021-28691](https://nvd.nist.gov/vuln/detail/CVE-2021-28691), [CVE-2021-28952](https://nvd.nist.gov/vuln/detail/CVE-2021-28952), [CVE-2021-29266](https://nvd.nist.gov/vuln/detail/CVE-2021-29266), [CVE-2021-29646](https://nvd.nist.gov/vuln/detail/CVE-2021-29646), [CVE-2021-29649](https://nvd.nist.gov/vuln/detail/CVE-2021-29649), [CVE-2021-29657](https://nvd.nist.gov/vuln/detail/CVE-2021-29657), [CVE-2021-34866](https://nvd.nist.gov/vuln/detail/CVE-2021-34866), [CVE-2021-38166](https://nvd.nist.gov/vuln/detail/CVE-2021-38166), [CVE-2021-38206](https://nvd.nist.gov/vuln/detail/CVE-2021-38206), [CVE-2021-38207](https://nvd.nist.gov/vuln/detail/CVE-2021-38207), [CVE-2021-38209](https://nvd.nist.gov/vuln/detail/CVE-2021-38209), [CVE-2021-31440](https://nvd.nist.gov/vuln/detail/CVE-2021-31440), [CVE-2021-41073](https://nvd.nist.gov/vuln/detail/CVE-2021-41073), [CVE-2021-42327](https://nvd.nist.gov/vuln/detail/CVE-2021-42327), [CVE-2021-45402](https://nvd.nist.gov/vuln/detail/CVE-2021-45402), [CVE-2021-43267](https://nvd.nist.gov/vuln/detail/CVE-2021-43267), [CVE-2021-46283](https://nvd.nist.gov/vuln/detail/CVE-2021-46283), [CVE-2022-0847](https://nvd.nist.gov/vuln/detail/CVE-2022-0847))<br>- systemd ([CVE-2020-13529](https://nvd.nist.gov/vuln/detail/CVE-2020-13529), [CVE-2021-3997](https://nvd.nist.gov/vuln/detail/CVE-2021-3997), [CVE-2021-33910](https://nvd.nist.gov/vuln/detail/CVE-2021-33910))<br>- Docker ([CVE-2021-21284](https://nvd.nist.gov/vuln/detail/CVE-2021-21284), [CVE-2021-21285](https://nvd.nist.gov/vuln/detail/CVE-2021-21285), [CVE-2021-41089](https://nvd.nist.gov/vuln/detail/CVE-2021-41089), [CVE-2021-41091](https://nvd.nist.gov/vuln/detail/CVE-2021-41091), [CVE-2021-41092](https://nvd.nist.gov/vuln/detail/CVE-2021-41092))<br>- containerd ([CVE-2020-15257](https://nvd.nist.gov/vuln/detail/CVE-2020-15257), [CVE-2021-21334](https://nvd.nist.gov/vuln/detail/CVE-2021-21334), [CVE-2021-32760](https://nvd.nist.gov/vuln/detail/CVE-2021-32760), [CVE-2021-41103](https://nvd.nist.gov/vuln/detail/CVE-2021-41103), [CVE-2021-43816](https://nvd.nist.gov/vuln/detail/CVE-2021-43816), [CVE-2022-23648](https://nvd.nist.gov/vuln/detail/CVE-2022-23648), [CVE-2022-24769](https://nvd.nist.gov/vuln/detail/CVE-2022-24769))<br>- Docker, containerd ([CVE-2021-41190](https://nvd.nist.gov/vuln/detail/CVE-2021-41190))<br>- glibc ([CVE-2019-25013](https://nvd.nist.gov/vuln/detail/CVE-2019-25013), [CVE-2020-27618](https://nvd.nist.gov/vuln/detail/CVE-2020-27618), [CVE-2020-29562](https://nvd.nist.gov/vuln/detail/CVE-2020-29562), [CVE-2021-3998](https://nvd.nist.gov/vuln/detail/CVE-2021-3998), [CVE-2021-3999](https://nvd.nist.gov/vuln/detail/CVE-2021-3999), [CVE-2021-27645](https://nvd.nist.gov/vuln/detail/CVE-2021-27645), [CVE-2021-33574](https://nvd.nist.gov/vuln/detail/CVE-2021-33574), [CVE-2021-35942](https://nvd.nist.gov/vuln/detail/CVE-2021-35942), [CVE-2021-38604](https://nvd.nist.gov/vuln/detail/CVE-2021-38604), [CVE-2022-23218](https://nvd.nist.gov/vuln/detail/CVE-2022-23218), [CVE-2022-23219](https://nvd.nist.gov/vuln/detail/CVE-2022-23219))<br>- Go ([CVE-2020-28362](https://nvd.nist.gov/vuln/detail/CVE-2020-28362), [CVE-2020-28366](https://nvd.nist.gov/vuln/detail/CVE-2020-28366), [CVE-2020-28367](https://nvd.nist.gov/vuln/detail/CVE-2020-28367), [CVE-2021-27918](https://nvd.nist.gov/vuln/detail/CVE-2021-27918), [CVE-2021-27919](https://nvd.nist.gov/vuln/detail/CVE-2021-27919), [CVE-2021-29923](https://nvd.nist.gov/vuln/detail/CVE-2021-29923), [CVE-2021-31525](https://nvd.nist.gov/vuln/detail/CVE-2021-31525), [CVE-2021-33195](https://nvd.nist.gov/vuln/detail/CVE-2021-33195),[CVE-2021-33196](https://nvd.nist.gov/vuln/detail/CVE-2021-33196),[CVE-2021-33197](https://nvd.nist.gov/vuln/detail/CVE-2021-33197),[CVE-2021-33198](https://nvd.nist.gov/vuln/detail/CVE-2021-33198), [CVE-2021-34558](https://nvd.nist.gov/vuln/detail/CVE-2021-34558), [CVE-2021-36221](https://nvd.nist.gov/vuln/detail/CVE-2021-36221), [CVE-2021-38297](https://nvd.nist.gov/vuln/detail/CVE-2021-38297), [CVE-2021-39293](https://nvd.nist.gov/vuln/detail/CVE-2021-39293), [CVE-2021-44716](https://nvd.nist.gov/vuln/detail/CVE-2021-44716), [CVE-2021-44717](https://nvd.nist.gov/vuln/detail/CVE-2021-44717), [CVE-2021-41771](https://nvd.nist.gov/vuln/detail/CVE-2021-41771), [CVE-2021-41772](https://nvd.nist.gov/vuln/detail/CVE-2021-41772), [CVE-2022-23772](https://nvd.nist.gov/vuln/detail/CVE-2022-23772), [CVE-2022-23773](https://nvd.nist.gov/vuln/detail/CVE-2022-23773), [CVE-2022-23806](https://nvd.nist.gov/vuln/detail/CVE-2022-23806), [CVE-2022-24921](https://nvd.nist.gov/vuln/detail/CVE-2022-24921))<br>- bash ([CVE-2019-9924](https://nvd.nist.gov/vuln/detail/CVE-2019-9924), [CVE-2019-18276](https://nvd.nist.gov/vuln/detail/CVE-2019-18276))<br>- binutils ([CVE-2021-20197](https://nvd.nist.gov/vuln/detail/CVE-2021-20197), [CVE-2021-3487](https://nvd.nist.gov/vuln/detail/CVE-2021-3487), [CVE-2021-3530](https://nvd.nist.gov/vuln/detail/CVE-2021-3530), [CVE-2021-3549](https://nvd.nist.gov/vuln/detail/CVE-2021-3549))<br>- boost ([CVE-2012-2677](https://nvd.nist.gov/vuln/detail/CVE-2012-2677))<br>- bsdiff [CVE-2014-9862](https://nvd.nist.gov/vuln/detail/CVE-2014-9862)<br>- bzip2 ([CVE-2019-12900](https://nvd.nist.gov/vuln/detail/CVE-2019-12900))<br>- curl ([CVE-2021-22876](https://nvd.nist.gov/vuln/detail/CVE-2021-22876), [CVE-2021-22890](https://nvd.nist.gov/vuln/detail/CVE-2021-22890), [CVE-2021-22898](https://nvd.nist.gov/vuln/detail/CVE-2021-22898), [CVE-2021-22901](https://nvd.nist.gov/vuln/detail/CVE-2021-22901), [CVE-2021-22945](https://nvd.nist.gov/vuln/detail/CVE-2021-22945), [CVE-2021-22946](https://nvd.nist.gov/vuln/detail/CVE-2021-22946), [CVE-2021-22947](https://nvd.nist.gov/vuln/detail/CVE-2021-22947), [CVE-2021-22922](https://nvd.nist.gov/vuln/detail/CVE-2021-22922), [CVE-2021-22923](https://nvd.nist.gov/vuln/detail/CVE-2021-22923), [CVE-2021-22924](https://nvd.nist.gov/vuln/detail/CVE-2021-22924), [CVE-2021-22925](https://nvd.nist.gov/vuln/detail/CVE-2021-22925), [CVE-2021-22926](https://nvd.nist.gov/vuln/detail/CVE-2021-22926))<br>- c-ares ([CVE-2020-8277](https://nvd.nist.gov/vuln/detail/CVE-2020-8277), [CVE-2021-3672](https://nvd.nist.gov/vuln/detail/CVE-2021-3672))<br>- ca-certificates ([CVE-2021-43527](https://nvd.nist.gov/vuln/detail/CVE-2021-43527))<br>- cifs-utils ([CVE-2020-14342](https://nvd.nist.gov/vuln/detail/CVE-2020-14342))<br>- coreutils ([CVE-2017-7476](https://nvd.nist.gov/vuln/detail/CVE-2017-7476))<br>- dbus ([CVE-2020-35512](https://nvd.nist.gov/vuln/detail/CVE-2020-35512))<br>- expat ([CVE-2013-0340](https://nvd.nist.gov/vuln/detail/CVE-2013-0340), [CVE-2021-45960](https://nvd.nist.gov/vuln/detail/CVE-2021-45960), [CVE-2021-46143](https://nvd.nist.gov/vuln/detail/CVE-2021-46143), [CVE-2022-22822](https://nvd.nist.gov/vuln/detail/CVE-2022-22822), [CVE-2022-22823](https://nvd.nist.gov/vuln/detail/CVE-2022-22823), [CVE-2022-22824](https://nvd.nist.gov/vuln/detail/CVE-2022-22824), [CVE-2022-22825](https://nvd.nist.gov/vuln/detail/CVE-2022-22825), [CVE-2022-22826](https://nvd.nist.gov/vuln/detail/CVE-2022-22826), [CVE-2022-22827](https://nvd.nist.gov/vuln/detail/CVE-2022-22827), [CVE-2022-23852](https://nvd.nist.gov/vuln/detail/CVE-2022-23852), [CVE-2022-23990](https://nvd.nist.gov/vuln/detail/CVE-2022-23990), [CVE-2022-25235](https://nvd.nist.gov/vuln/detail/CVE-2022-25235), [CVE-2022-25236](https://nvd.nist.gov/vuln/detail/CVE-2022-25236), [CVE-2022-25313](https://nvd.nist.gov/vuln/detail/CVE-2022-25313), [CVE-2022-25314](https://nvd.nist.gov/vuln/detail/CVE-2022-25314), [CVE-2022-25315](https://nvd.nist.gov/vuln/detail/CVE-2022-25315))<br>- gettext ([CVE-2020-12825](https://nvd.nist.gov/vuln/detail/CVE-2020-12825))<br>- git ([CVE-2021-21300](https://nvd.nist.gov/vuln/detail/CVE-2021-21300), [CVE-2021-40330](https://nvd.nist.gov/vuln/detail/CVE-2021-40330))<br>- glib ([CVE-2019-12450](https://nvd.nist.gov/vuln/detail/CVE-2019-12450), [CVE-2021-28153](https://nvd.nist.gov/vuln/detail/CVE-2021-28153), [CVE-2021-27218](https://nvd.nist.gov/vuln/detail/CVE-2021-27218), [CVE-2021-27219](https://nvd.nist.gov/vuln/detail/CVE-2021-27219))<br>- gnupg ([CVE-2020-25125](https://nvd.nist.gov/vuln/detail/CVE-2020-25125))<br>- gnutls ([CVE-2021-20231](https://nvd.nist.gov/vuln/detail/CVE-2021-20231), [CVE-2021-20232](https://nvd.nist.gov/vuln/detail/CVE-2021-20232))<br>- gptfdisk ([CVE-2021-0308](https://nvd.nist.gov/vuln/detail/CVE-2021-0308))<br>- ignition ([CVE-2020-14040](https://nvd.nist.gov/vuln/detail/CVE-2020-14040))<br>- intel-microcode ([CVE-2020-8694](https://nvd.nist.gov/vuln/detail/CVE-2020-8694), [CVE-2020-8695](https://nvd.nist.gov/vuln/detail/CVE-2020-8695), [CVE-2020-8696](https://nvd.nist.gov/vuln/detail/CVE-2020-8696), [CVE-2020-8698](https://nvd.nist.gov/vuln/detail/CVE-2020-8698), [CVE-2020-24489](https://nvd.nist.gov/vuln/detail/CVE-2020-24489), [CVE-2020-24511](https://nvd.nist.gov/vuln/detail/CVE-2020-24511), [CVE-2020-24513](https://nvd.nist.gov/vuln/detail/CVE-2020-24513))<br>- libgcrypt ([CVE-2021-33560](https://nvd.nist.gov/vuln/detail/CVE-2021-33560), [CVE-2021-40528](https://nvd.nist.gov/vuln/detail/CVE-2021-40528))<br>- libpcre ([CVE-2019-20838](https://nvd.nist.gov/vuln/detail/CVE-2019-20838), [CVE-2020-14155](https://nvd.nist.gov/vuln/detail/CVE-2020-14155))<br>- libuv ([CVE-2021-22918](https://nvd.nist.gov/vuln/detail/CVE-2021-22918))<br>- libxml2 ([CVE-2020-24977](https://nvd.nist.gov/vuln/detail/CVE-2020-24977), [CVE-2021-3516](https://nvd.nist.gov/vuln/detail/CVE-2021-3516), [CVE-2021-3517](https://nvd.nist.gov/vuln/detail/CVE-2021-3517), [CVE-2021-3518](https://nvd.nist.gov/vuln/detail/CVE-2021-3518), [CVE-2021-3541](https://nvd.nist.gov/vuln/detail/CVE-2021-3541))<br>- lz4 ([CVE-2021-3520](https://nvd.nist.gov/vuln/detail/CVE-2021-3520))<br>- mit-krb5 ([CVE-2021-36222](https://nvd.nist.gov/vuln/detail/CVE-2021-36222))<br>- ncurses ([CVE-2019-17594](https://nvd.nist.gov/vuln/detail/CVE-2019-17594), [CVE-2019-17595](https://nvd.nist.gov/vuln/detail/CVE-2019-17595))<br>- nettle ([CVE-2021-20305](https://nvd.nist.gov/vuln/detail/CVE-2021-20305), [CVE-2021-3580](https://nvd.nist.gov/vuln/detail/CVE-2021-3580))<br>- ntp ([CVE-2018-8956](https://nvd.nist.gov/vuln/detail/CVE-2018-8956), [CVE-2020-11868](https://nvd.nist.gov/vuln/detail/CVE-2020-11868), [CVE-2020-13817](https://nvd.nist.gov/vuln/detail/CVE-2020-13817), [CVE-2020-15025](https://nvd.nist.gov/vuln/detail/CVE-2020-15025))<br>- nvidia-drivers ([CVE-2022-21813](https://nvd.nist.gov/vuln/detail/CVE-2022-21813), [CVE-2022-21814](https://nvd.nist.gov/vuln/detail/CVE-2022-21814))<br>- open-iscsi ([CVE-2017-17840](https://nvd.nist.gov/vuln/detail/CVE-2017-17840))<br>- openssl ([CVE-2021-3449](https://nvd.nist.gov/vuln/detail/CVE-2021-3449), [CVE-2021-3450](https://nvd.nist.gov/vuln/detail/CVE-2021-3450), [CVE-2022-0778](https://nvd.nist.gov/vuln/detail/CVE-2022-0778))<br>- openldap ([CVE-2020-36221](https://nvd.nist.gov/vuln/detail/CVE-2020-36221), [CVE-2020-36222](https://nvd.nist.gov/vuln/detail/CVE-2020-36222), [CVE-2020-36223](https://nvd.nist.gov/vuln/detail/CVE-2020-36223), [CVE-2020-36224](https://nvd.nist.gov/vuln/detail/CVE-2020-36224), [CVE-2020-36225](https://nvd.nist.gov/vuln/detail/CVE-2020-36225), [CVE-2020-36226](https://nvd.nist.gov/vuln/detail/CVE-2020-36226), [CVE-2020-36227](https://nvd.nist.gov/vuln/detail/CVE-2020-36227), [CVE-2020-36228](https://nvd.nist.gov/vuln/detail/CVE-2020-36228), [CVE-2020-36229](https://nvd.nist.gov/vuln/detail/CVE-2020-36229), [CVE-2020-36230](https://nvd.nist.gov/vuln/detail/CVE-2020-36230), [CVE-2021-27212](https://nvd.nist.gov/vuln/detail/CVE-2021-27212))<br>- pam [CVE-2020-27780](https://nvd.nist.gov/vuln/detail/CVE-2020-27780)<br>- polkit ([CVE-2021-3560](https://nvd.nist.gov/vuln/detail/CVE-2021-3560), [CVE-2021-4034](https://nvd.nist.gov/vuln/detail/CVE-2021-4034))<br>- runc ([CVE-2021-30465](https://nvd.nist.gov/vuln/detail/CVE-2021-30465))<br>- samba ([CVE-2019-3880](https://nvd.nist.gov/vuln/detail/CVE-2019-3880), [CVE-2019-10197](https://nvd.nist.gov/vuln/detail/CVE-2019-10197), [CVE-2019-10218](https://nvd.nist.gov/vuln/detail/CVE-2019-10218), [CVE-2020-10704](https://nvd.nist.gov/vuln/detail/CVE-2020-10704), [CVE-2020-10745](https://nvd.nist.gov/vuln/detail/CVE-2020-10745), [CVE-2020-14318](https://nvd.nist.gov/vuln/detail/CVE-2020-14318), [CVE-2020-14323](https://nvd.nist.gov/vuln/detail/CVE-2020-14323), [CVE-2020-14383](https://nvd.nist.gov/vuln/detail/CVE-2020-14383))<br>- shadow ([CVE-2019-19882](https://nvd.nist.gov/vuln/detail/CVE-2019-19882))<br>- sqlite ([CVE-2021-20227](https://nvd.nist.gov/vuln/detail/CVE-2021-20227))<br>- sssd ([CVE-2018-16838](https://nvd.nist.gov/vuln/detail/CVE-2018-16838), [CVE-2018-16883](https://nvd.nist.gov/vuln/detail/CVE-2018-16883), [CVE-2019-3811](https://nvd.nist.gov/vuln/detail/CVE-2019-3811), [CVE-2021-3621](https://nvd.nist.gov/vuln/detail/CVE-2021-3621))<br>- tar ([CVE-2021-20193](https://nvd.nist.gov/vuln/detail/CVE-2021-20193))<br>- trousers ([CVE-2020-24330](https://nvd.nist.gov/vuln/detail/CVE-2020-24330), [CVE-2020-24331](https://nvd.nist.gov/vuln/detail/CVE-2020-24331))<br>- util-linux ([CVE-2021-37600](https://nvd.nist.gov/vuln/detail/CVE-2021-37600))<br>- vim ([CVE-2021-3770](https://nvd.nist.gov/vuln/detail/CVE-2021-3770), [CVE-2021-3778](https://nvd.nist.gov/vuln/detail/CVE-2021-3778), [CVE-2021-3796](https://nvd.nist.gov/vuln/detail/CVE-2021-3796))<br>- zstd ([CVE-2021-24032](https://nvd.nist.gov/vuln/detail/CVE-2021-24032))<br>- SDK: bison ([CVE-2020-14150](https://nvd.nist.gov/vuln/detail/CVE-2020-14150), [CVE-2020-24240](https://nvd.nist.gov/vuln/detail/CVE-2020-24240))<br>- SDK: dnsmasq ([CVE-2021-3448](https://nvd.nist.gov/vuln/detail/CVE-2021-3448), [CVE-2020-25681](https://nvd.nist.gov/vuln/detail/CVE-2020-25681), [CVE-2020-25682](https://nvd.nist.gov/vuln/detail/CVE-2020-25682), [CVE-2020-25683](https://nvd.nist.gov/vuln/detail/CVE-2020-25683), [CVE-2020-25684](https://nvd.nist.gov/vuln/detail/CVE-2020-25684), [CVE-2020-25685](https://nvd.nist.gov/vuln/detail/CVE-2020-25685), [CVE-2020-25686](https://nvd.nist.gov/vuln/detail/CVE-2020-25686), [CVE-2020-25687](https://nvd.nist.gov/vuln/detail/CVE-2020-25687))<br>- SDK: perl ([CVE-2020-10878](https://nvd.nist.gov/vuln/detail/CVE-2020-10878))<br>- SDK: qemu ([CVE-2020-10717](https://nvd.nist.gov/vuln/detail/CVE-2020-10717), [CVE-2020-13754](https://nvd.nist.gov/vuln/detail/CVE-2020-13754), [CVE-2020-15859](https://nvd.nist.gov/vuln/detail/CVE-2020-15859), [CVE-2020-15863](https://nvd.nist.gov/vuln/detail/CVE-2020-15863), [CVE-2020-16092](https://nvd.nist.gov/vuln/detail/CVE-2020-16092), [CVE-2020-25741](https://nvd.nist.gov/vuln/detail/CVE-2020-25741), [CVE-2020-25742](https://nvd.nist.gov/vuln/detail/CVE-2020-25742), [CVE-2020-25743](https://nvd.nist.gov/vuln/detail/CVE-2020-25743))<br>- SDK: Rust ([CVE-2020-36323](https://nvd.nist.gov/vuln/detail/CVE-2020-36323), [CVE-2021-28876](https://nvd.nist.gov/vuln/detail/CVE-2021-28876), [CVE-2021-28877](https://nvd.nist.gov/vuln/detail/CVE-2021-28877), [CVE-2021-28878](https://nvd.nist.gov/vuln/detail/CVE-2021-28878), [CVE-2021-28879](https://nvd.nist.gov/vuln/detail/CVE-2021-28879), [CVE-2021-31162](https://nvd.nist.gov/vuln/detail/CVE-2021-31162))<br><br><br>### Bug fixes:<br><br>- The Torcx profile `docker-1.12-no` got fixed to reference the current Docker version instead of 19.03 which wasn't found on the image, causing Torcx to fail to provide Docker ([coreos-overlay#1456](https://github.com/flatcar/coreos-overlay/pull/1456))<br>- Ensured that the `/run/xtables.lock` coordination file exists for modifications of the xtables backend from containers (must be bind-mounted) or the `iptables-legacy` binaries on the host ([init#57](https://github.com/flatcar/init/pull/57))<br>- SDK: Fixed build error popping up in the new SDK Container because `policycoreutils` used the wrong ROOT to update the SELinux store ([coreos-overlay#1502](https://github.com/flatcar/coreos-overlay/pull/1502))<br>- Fixed leak of SELinux policy store to the root filesystem top directory due to wrong store path in `policycoreutils` instead of `/var/lib/selinux` ([flatcar-linux/Flatcar#596](https://github.com/flatcar/Flatcar/issues/596))<br>- Disabled the systemd-networkd settings `ManageForeignRoutes` and `ManageForeignRoutingPolicyRules` by default to ensure that CNIs like Cilium don't get their routes or routing policy rules discarded on network reconfiguration events ([Flatcar#620](https://github.com/flatcar/Flatcar/issues/620)).<br>- AWS: specify correct console (ttyS0) on kernel command line for ARM64 instances ([coreos-overlay#1628](https://github.com/flatcar/coreos-overlay/pull/1628))<br>- Prevented hitting races when creating filesystems in Ignition, these races caused boot failures like `fsck[1343]: Failed to stat /dev/disk/by-label/ROOT: No such file or directory` when creating a btrfs root filesystem ([ignition#35](https://github.com/flatcar/ignition/pull/35))<br>- Reverted the Linux kernel change to forbid xfrm id 0 for IPSec state because it broke Cilium ([Flatcar#626](https://github.com/flatcar/Flatcar/issues/626), [coreos-overlay#1682](https://github.com/flatcar/coreos-overlay/pull/1682))<br>- Reverted the Linux kernel commit which broke networking on AWS instances which use Intel 82559 NIC (c4/m4) ([Flatcar#665](https://github.com/flatcar/Flatcar/issues/665), [coreos-overlay#1720](https://github.com/flatcar/coreos-overlay/pull/1720))<br>- Added pahole to developer container, without it kernel modules built against /usr/src/linux may fail to probe with an 'invalid relocation target' error ([coreos-overlay#1839](https://github.com/flatcar/coreos-overlay/pull/1839))<br>- vim with USE=minimal was fixed to run without warning in the beginning [portage-stable#260](https://github.com/flatcar/portage-stable/pull/260)<br>- dev container: Fix github URL for coreos-overlay and portage-stable to use repos from flatcar-linux org directly instead of relying on redirects from the kinvolk org. This fixes checkouts with emerge-gitclone inside dev-container. [scripts#194](https://github.com/flatcar/scripts/pull/194)<br>- Added missing SELinux rule as initial step to resolve Torcx unpacking issue ([coreos-overlay#1426](https://github.com/flatcar/coreos-overlay/pull/1426))<br>- Randomize OEM filesystem UUID if mounting fails ([init#47](https://github.com/flatcar/init/pull/47))<br>- Run emergency.target on ignition/torcx service unit failure in dracut ([bootengine#28](https://github.com/flatcar/bootengine/pull/28))<br>- Re-enabled kernel config FS_ENCRYPTION ([coreos-overlay#1212](https://github.com/flatcar/coreos-overlay/pull/1212/))<br>- Fixed Perl in dev-container ([coreos-overlay#1238](https://github.com/flatcar/coreos-overlay/pull/1238/))<br>- Fixed containerd config after introduction of CGroupsV2 ([coreos-overlay#1214](https://github.com/flatcar/coreos-overlay/pull/1214))<br>- Fixed path for amazon-ssm-agent in base-ec2.ign ([coreos-overlay#1228](https://github.com/flatcar/coreos-overlay/pull/1228))<br>- flatcar-install: randomized OEM filesystem UUID if mounting fails ([init#47](https://github.com/flatcar/init/pull/47))<br>- Fixed null-pointer deref crash in Ignition when specifying the OEM filesystem without a label ([ignition#25](https://github.com/flatcar/ignition/pull/25))<br>- Fixed locksmith adhering to reboot window when getting the etcd lock ([locksmith#10](https://github.com/flatcar/locksmith/pull/10))<br>- Fixed pam.d sssd LDAP auth with sudo ([coreos-overlay#1170](https://github.com/flatcar/coreos-overlay/pull/1170))<br>- Let network-cleanup.service finish before entering rootfs ([coreos-overlay#1182](https://github.com/flatcar/coreos-overlay/pull/1182))<br>- Fixed SELinux policy for Flannel CNI ([coreos-overlay#1181](https://github.com/flatcar/coreos-overlay/pull/1181))<br>- Set the cilium_vxlan interface to be not managed by networkd’s default setup with DHCP as it’s managed by Cilium. ([init#43](https://github.com/flatcar/init/pull/43))<br>- Disabled SELinux by default on dockerd wrapper script ([coreos-overlay#1149](https://github.com/flatcar/coreos-overlay/pull/1149))<br>- Fixed the network-cleanup service race in the initramfs which resulted in a failure being reported<br>- GCE: Granted CAP_NET_ADMIN to set routes for the TCP LB when starting oem-gce.service ([coreos-overlay#1146](https://github.com/flatcar/coreos-overlay/pull/1146))<br>- Add the systemd tag in udev for Azure storage devices, to fix /boot automount ([init#41](https://github.com/flatcar/init/pull/41))<br>- Update-engine sent empty requests when restarted before a pending reboot ([Flatcar#388](https://github.com/flatcar/Flatcar/issues/388))<br>- systemd-networkd: Do not manage loopback network interface ([bootengine#24](https://github.com/flatcar/bootengine/pull/24) [init#40](https://github.com/flatcar/init/pull/40))<br>- flatcar-install: Detect device mapper (e.g., LVM/LUKS) usage when searching for free drives with the -s flag ([Flatcar#332](https://github.com/flatcar/Flatcar/issues/332))<br>- GCE: The old interface name ens4v1 which was replaced by eth0 due to a broken udev rule was restored, but now as alternative interface name, and eth0 will stay the primary name for consistency across cloud environments. ([init#38](https://github.com/flatcar/init/pull/38))<br>- Include firmware files for all modules shipped in our image ([Issue #359](https://github.com/flatcar/Flatcar/issues/359), [coreos-overlay#887](https://github.com/flatcar/coreos-overlay/pull/887))<br>- Add explicit path to the binary call in the coreos-metadata unit file ([Issue #360](https://github.com/flatcar/Flatcar/issues/360))<br>- sys-apps/systemd: Fix unit installation ([coreos-overlay#810](https://github.com/flatcar/coreos-overlay/pull/810))<br>- passwd: use correct GID for tss ([baselayout#15](https://github.com/flatcar/baselayout/pull/15))<br>- coreos-base/gmerge: Stop installing gmerge script ([coreos-overlay#828](https://github.com/flatcar/coreos-overlay/pull/828))<br>- Update sys-apps/coreutils and make sure they have split-usr disabled for generic images ([coreos-overlay#829](https://github.com/flatcar/coreos-overlay/pull/829))<br>- afterburn (coreos-metadata): Restart on failure and keep coreos-metadata unit active ([coreos-overlay#768](https://github.com/flatcar/coreos-overlay/pull/768))<br>- network: Accept ICMPv6 Router Advertisements to fix IPv6 address assignment in the default DHCP setting ([flatcar-linux/init#51](https://github.com/flatcar/init/pull/51), [flatcar-linux/cloudinit#12](https://github.com/flatcar/coreos-cloudinit/pull/12), [flatcar-linux/bootengine#30](https://github.com/flatcar/bootengine/pull/30))<br>- Added a new flatcar-update tool to the image to ease manual updates, rollbacks, channel/release jumping, and airgapped updates ([flatcar-linux/init#53](https://github.com/flatcar/init/pull/53))<br>- Default again to disable SELinux permissions checks in systemd which was missing in the initial systemd 246 update<br>- Default again to set DefaultTasksMax=100% in systemd which was missing in the initial systemd 246 update<br>- Make systemd detect updates again when the /usr partition changes which was missing in the initial systemd 246 update<br>- Default again to disabling IP Forwarding in systemd which was missing in the initial systemd 246 update<br>- Default again to waiting only for one network interface to be ready with systemd-networkd-wait-online which was missing in the initial systemd 246 update<br><br>### Changes:<br><br>- Backported `elf` support for `iproute2` ([coreos-overlay#1256](https://github.com/flatcar/coreos-overlay/pull/1526))<br>- Enabled the FIPS support for the Linux kernel, which users can now choose through a kernel parameter in `grub.cfg` (check it taking effect with `cat /proc/sys/crypto/fips_enabled`) ([coreos-overlay#1602](https://github.com/flatcar/coreos-overlay/pull/1602))<br>- Merge the Flatcar Pro features into the regular Flatcar images ([coreos-overlay#1679](https://github.com/flatcar/coreos-overlay/pull/1679)) <br>- Added support for switching back to CGroupsV1 without requiring a reboot. Create `/etc/flatcar-cgroupv1` through ignition. ([coreos-overlay#1666](https://github.com/flatcar/coreos-overlay/pull/1666))<br>- Enabled FIPS mode for cryptsetup ([coreos-overlay#1747](https://github.com/flatcar/coreos-overlay/pull/1747))<br>- GCE: Enabled GVE kernel driver, which adds support for Google Virtual NIC on GCP ([coreos-overlay#1802](https://github.com/flatcar/coreos-overlay/pull/1802))<br>- Enabled FIPS mode for cryptsetup ([portage-stable#312](https://github.com/flatcar/portage-stable/pull/312))<br>- Added GPIO support ([coreos-overlay#1236](https://github.com/flatcar/coreos-overlay/pull/1236))<br>- Added Azure Generation 2 VM support ([coreos-overlay#1198](https://github.com/flatcar/coreos-overlay/pull/1198))<br>- Switched Docker ecosystem packages to go1.16 ([coreos-overlay#1217](https://github.com/flatcar/coreos-overlay/pull/1217))<br>- Added lbzip2 binary to the image ([coreos-overlay#1221](https://github.com/flatcar/coreos-overlay/pull/1221))<br>- flatcar-install uses lbzip2 if present, falls back on bzip2 if not ([init#46](https://github.com/flatcar/init/pull/46))<br>- Added Intel E800 series network adapter driver ([coreos-overlay#1237](https://github.com/flatcar/coreos-overlay/pull/1237))<br>- Enabled ‘audit’ use flag for sys-libs/pam ([coreos-overlay#1233](https://github.com/flatcar/coreos-overlay/pull/1233))<br>- Bumped etcd and flannel to respectively 3.5.0, 0.14.0 to get multiarch images for arm64 support. Note for users of the old etcd v2 support: ETCDCTL_API=2 must be set to use v2 store as well as ETCD_ENABLE_V2=true in the etcd-member.service - this support will be removed in 3.6.0 ([coreos-overlay#1179](https://github.com/flatcar/coreos-overlay/pull/1179))<br>- cgroups v2 by default for new nodes ([coreos-overlay#931](https://github.com/flatcar/coreos-overlay/pull/931))<br>- Upgrade Docker to 20.10 ([coreos-overlay#931](https://github.com/flatcar/coreos-overlay/pull/931))<br>- update_engine: add postinstall hook to stay on cgroupv1 ([update_engine#13](https://github.com/flatcar/update_engine/pull/13))<br>- Switched to zstd compression for the initramfs ([coreos-overlay#1136](https://github.com/flatcar/coreos-overlay/pull/1136))<br>- Embedded new subkey in flatcar-install ([coreos-overlay#1180](https://github.com/flatcar/coreos-overlay/pull/1180))<br>- Azure: Compile OEM contents for all architectures ([coreos-overlay#1196](https://github.com/flatcar/coreos-overlay/pull/1196))<br>- AWS: Added amazon-ssm-agent ([coreos-overlay#1162](https://github.com/flatcar/coreos-overlay/pull/1162))<br>- Switched dm-verity corruption detection to issue a kernel panic (a panic results in a reboot after 1 minute, this was the case before already) instead of merely failing certain syscalls that try to use the corrupted data<br>- Support BTRFS in OEM and /usr partitions, but only used it for the OEM partition for now. Ignition configurations that refer to the OEM partition will work with any filesystem format specified, a mismatch is not resulting in a boot error. ([coreos-overlay#1106](https://github.com/flatcar/coreos-overlay/pull/1106))<br>- Enabled zstd compression for the initramfs and for amd64 also for the kernel because we hit the vmlinuz size limit on the /boot partition<br>- Deleted the unused kernel+initramfs vmlinuz file from the /usr partition<br>- devcontainer: added support to run on arm64 by switching to an architecture-agnostic partition UUID<br>- Enabled ARM64 SDK bootstrap ([scripts#134](https://github.com/flatcar/scripts/pull/134))<br>- Enable telnet support for curl ([coreos-overlay#1099](https://github.com/flatcar/coreos-overlay/pull/1099))<br>- Enable MDIO_BCM_UNIMAC for arm64 ([coreos-overlay#929](https://github.com/flatcar/coreos-overlay/pull/929))<br>- Disabled SELinux for Docker ([coreos-overlay#1055](https://github.com/flatcar/coreos-overlay/pull/1055))<br>- flatcar-install: Add -D flag to only download the image file ([Flatcar#248](https://github.com/flatcar/Flatcar/issues/248))<br>- Make the hostname setting units optional. Having the hostname units as required by the initrd.target meant that if the unit failed the machine wouldn’t start, disrupting the whole boot. ([bootengine#23](https://github.com/flatcar/bootengine/pull/23))<br>- Enable using iSCSI netroot devices on Flatcar ([bootengine#22](https://github.com/flatcar/bootengine/pull/22))<br>- The virtio network interfaces got predictable interface names as alternative interface names, and thus these names can also be used to match for a specific interface in case there is more than one and the eth0 and eth1 name assignment is not stable. ([init#38](https://github.com/flatcar/init/pull/38))<br>- The pam_faillock PAM module was enabled as replacement for the removed pam_tally2 module and will temporarily lock an account if there were login attempts with a wrong password. The faillock command can be used to show the current state. With pam_tally2 there was no limit for wrong password login attempts but with faillock the default is already restricting the attempts. The default behavior was relaxed to allow 5 wrong passwords per two minutes, and a one minute account lock time. This does not apply to logins with an SSH key. ([baselayout#17](https://github.com/flatcar/baselayout/pull/17))<br>- The etcd and flannel services are now run with Docker and any rkt-based customizations of the etcd-member and flanneld services not supported anymore. Also, because the flanneld service relies on Docker and will restart Docker after applying the new configuration, it is not possible anymore to set Requires=flanneld.service for docker.service and instead it’s enough to have flanneld.service enabled. ([coreos-overlay#857](https://github.com/flatcar/coreos-overlay/pull/857))<br>- sshd: use secure crypto algos only ([coreos-overlay#852](https://github.com/flatcar/coreos-overlay/pull/852))<br>- samba: Update to EAPI=7, add new USE flags and remove deps on icu ([coreos-overlay#864](https://github.com/flatcar/coreos-overlay/pull/864))<br>- kernel: enable kernel config CONFIG_BPF_LSM ([coreos-overlay#846](https://github.com/flatcar/coreos-overlay/pull/846))<br>- bootengine: set hostname for EC2 and OpenStack from metadata ([coreos-overlay#848](https://github.com/flatcar/coreos-overlay/pull/848))<br>- sys-block/open-iscsi: Command substitution in iscsi-init system service ([coreos-overlay#801](https://github.com/flatcar/coreos-overlay/pull/801))<br>- scripts/motdgen: Add OEM information to motd output ([init#34](https://github.com/flatcar/init/pull/34))<br>- torcx: delete Docker 1.12 ([coreos-overlay#826](https://github.com/flatcar/coreos-overlay/pull/826))<br>- portage update: update portage and related packages to newer versions ([coreos-overlay#840](https://github.com/flatcar/coreos-overlay/pull/840))<br>- bin/flatcar-install: add parameters to make wget more resilient ([init#35](https://github.com/flatcar/init/pull/35))<br>- With the open-iscsi update to 2.1.2, the service unit name changed from iscsid to iscsi ([coreos-overlay#682](https://github.com/flatcar/coreos-overlay/pull/682))<br>- Updated nsswitch.conf to use systemd-resolved ([baselayout#10](https://github.com/flatcar/baselayout/pull/10))<br>- Enabled systemd-resolved stub listeners ([baselayout#11](https://github.com/flatcar/baselayout/pull/11))<br>- systemd-resolved: Disabled DNSSEC for the mean time ([baselayout#14](https://github.com/flatcar/baselayout/pull/14))<br>- kernel: enabled CONFIG_DEBUG_INFO_BTF ([coreos-overlay#753](https://github.com/flatcar/coreos-overlay/pull/753))<br>- containerd: Disabled shim debug logs ([coreos-overlay#766](https://github.com/flatcar/coreos-overlay/pull/766))<br>- Enable BCMGENET as a module on arm64_defconfig-5.9 ([coreos-overlay#717](https://github.com/flatcar/coreos-overlay/pull/717))<br>- Enable BCM7XXX_PHY as a module on arm64_defconfig-5.9 for Raspberry Pi 4 ([coreos-overlay#716](https://github.com/flatcar/coreos-overlay/pull/716))<br>- flatcar_production_qemu.sh: Use more CPUs for ARM if available ([scripts#91](https://github.com/flatcar/flatcar-scripts/pull/91))<br>- Enabled the kernel config HOTPLUG_PCI_ACPI for arm64 to support attaching EC2 volumes ([coreos-overlay#705](https://github.com/flatcar/coreos-overlay/pull/705))<br>- Support the lockdown kernel command line parameter ([coreos-overlay#533](https://github.com/flatcar/coreos-overlay/pull/553))<br>- AWS arm64: Enable elastic network adapter module ([coreos-overlay#631](https://github.com/flatcar/coreos-overlay/pull/631))<br>- rkt and kubelet-wrapper are deprecated and removed from Alpha, also from subsequent channels in the future. Please read the [removal announcement](https://groups.google.com/g/flatcar-linux-user/c/MeinndLqJO4) to know more.<br><br><br>### Updates:<br><br>- Linux ([5.10.109](https://lwn.net/Articles/889439)) (from 5.4.188)<br>- Linux Firmware ([20211216](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20211216))<br>- systemd ([249.10](https://github.com/systemd/systemd-stable/releases/tag/v249.10))<br>- glibc ([2.33](https://sourceware.org/glibc/wiki/Release/2.33))<br>- Go ([1.17.8](https://go.googlesource.com/go/+/refs/tags/go1.17.8))<br>- Docker ([20.10.12](https://docs.docker.com/engine/release-notes/#201012))<br>- bash ([5.1](https://lists.gnu.org/archive/html/info-gnu/2020-12/msg00003.html))<br>- c-ares ([1.17.2](https://github.com/c-ares/c-ares/releases/tag/cares-1_17_2))<br>- ca-certificates ([3.73](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_73.html))<br>- containerd ([1.5.11](https://github.com/containerd/containerd/releases/tag/v1.5.11))<br>- coreutils ([8.32](http://savannah.gnu.org/forum/forum.php?forum_id=9693))<br>- cryptsetup ([2.3.6](https://gitlab.com/cryptsetup/cryptsetup/-/blob/v2.3.6/docs/v2.3.6-ReleaseNotes))<br>- curl ([7.79.1](https://curl.se/mail/lib-2021-09/0079.html))<br>- dbus ([1.12.20](https://gitlab.freedesktop.org/dbus/dbus/-/blob/dbus-1.12.20/NEWS))<br>- ebtables ([2.0.11](https://lwn.net/Articles/806179/))<br>- etcd-wrapper ([3.5.0](https://github.com/etcd-io/etcd/releases/tag/v3.5.0))<br>- etcdctl ([3.5.0](https://github.com/etcd-io/etcd/releases/tag/v3.5.0))<br>- expat ([2.4.6](https://github.com/libexpat/libexpat/blob/R_2_4_6/expat/Changes))<br>- flannel-wrapper ([0.14](https://github.com/flannel-io/flannel/releases/tag/v0.14.0))<br>- gawk ([5.1.0](https://lists.gnu.org/archive/html/info-gnu/2020-04/msg00007.html))<br>- gettext ([0.21](https://lists.gnu.org/archive/html/info-gnu/2020-07/msg00009.html))<br>- git ([2.32.0](https://github.com/git/git/blob/master/Documentation/RelNotes/2.32.0.txt))<br>- glib ([2.66.8](https://gitlab.gnome.org/GNOME/glib/-/releases/2.66.8))<br>- gnupg ([2.2.29](https://lists.gnupg.org/pipermail/gnupg-announce/2021q3/000461.html))<br>- gnutls ([3.7.1](https://github.com/gnutls/gnutls/blob/3.7.1/NEWS))<br>- gptfdisk ([1.0.7](http://www.rodsbooks.com/gdisk/))<br>- ignition ([0.36.1](https://github.com/flatcar/ignition/releases/tag/v0.36.1))<br>- intel-microcode ([20210608_p20210608](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608))<br>- iptables ([1.8.7](https://lwn.net/Articles/843069/))<br>- keyutils ([1.6.1](https://lwn.net/Articles/771934/))<br>- ldb ([2.3.0](https://gitlab.com/samba-team/samba/-/blob/ldb-2.3.0/WHATSNEW.txt))<br>- libarchive ([3.5.1](https://github.com/libarchive/libarchive/releases/tag/v3.5.1))<br>- libev ([4.33](http://dist.schmorp.de/libev/))<br>- libgcrypt ([1.9.4](https://dev.gnupg.org/T5402))<br>- libmnl ([1.0.4](https://marc.info/?l=netfilter-devel&m=146745072727070&w=2))<br>- libnftnl ([1.2.0](https://lwn.net/Articles/857198/))<br>- libpcre ([8.44](http://www.rexegg.com/pcre-doc/ChangeLog))<br>- libselinux ([3.1](https://github.com/SELinuxProject/selinux/releases/tag/libselinux-3.1))<br>- libsemanage ([3.1](https://github.com/SELinuxProject/selinux/releases/tag/libsemanage-3.1))<br>- libsepol ([3.1](https://github.com/SELinuxProject/selinux/releases/tag/libsepol-3.1))<br>- libtirpc ([1.3.2](https://www.spinics.net/lists/linux-nfs/msg84129.html))<br>- libuv ([1.41.1](https://github.com/libuv/libuv/releases/tag/v1.41.1))<br>- libverto ([0.3.1](https://github.com/latchset/libverto/releases/tag/0.3.1))<br>- libxml2 ([2.9.12](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.9.12))<br>- lvm2 ([2.02.188](https://github.com/lvmteam/lvm2/blob/v2_02_188/WHATS_NEW))<br>- lz4 ([1.9.3](https://github.com/lz4/lz4/releases/tag/v1.9.3))<br>- mit-krb5 ([1.19.2](https://web.mit.edu/kerberos/krb5-1.19/README-1.19.2.txt))<br>- multipath-tools ([0.8.5](https://github.com/opensvc/multipath-tools/releases/tag/0.8.5))<br>- ncurses ([6.2](https://lists.gnu.org/archive/html/info-gnu/2020-02/msg00010.html))<br>- net-tools ([2.10](https://sourceforge.net/p/net-tools/mailman/message/37192002/))<br>- nettle ([3.7.3](https://lists.gnu.org/archive/html/info-gnu/2021-06/msg00002.html))<br>- nftables ([0.9.9](https://lwn.net/Articles/857369/))<br>- nvidia-drivers ([510.47.03](https://docs.nvidia.com/datacenter/tesla/tesla-release-notes-510-47-03/index.html)) <br>- openldap ([2.4.58](https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/GK4OGTM6VMIAJCAZSG66VXRRN2LVQDVF/))<br>- openssh ([8.7](https://www.openssh.com/txt/release-8.7))<br>- openssl ([1.1.1n](https://www.openssl.org/news/changelog.html#openssl-111))<br>- pam ([1.5.1](https://github.com/linux-pam/linux-pam/releases/tag/v1.5.1))<br>- pambase 20200817<br>- pax-utils ([1.3.1](https://gitweb.gentoo.org/proj/pax-utils.git/tag/?h=v1.3.1))<br>- policycoreutils ([3.1](https://github.com/SELinuxProject/selinux/tree/policycoreutils-3.1))<br>- polkit ([0.119](https://gitlab.freedesktop.org/polkit/polkit/-/blob/0.119/NEWS))<br>- readline ([8.1](https://lwn.net/Articles/839213/))<br>- realmd ([0.17.0](https://gitlab.freedesktop.org/realmd/realmd/-/blob/0.17.0/NEWS))<br>- runc ([1.0.3](https://github.com/opencontainers/runc/releases/tag/v1.0.3))<br>- samba ([4.12.9](https://www.samba.org/samba/history/samba-4.12.9.html))<br>- selinux-base ([2.20200818](https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20200818))<br>- selinux-base-policy ([2.20200818](https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20200818))<br>- selinux-unconfined ([2.20200818](https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20200818))<br>- selinux-virt ([2.20200818](https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20200818))<br>- sssd ([2.3.1](https://sssd.io/release-notes/sssd-2.3.1.html))<br>- strace ([5.12](https://lists.strace.io/pipermail/strace-devel/2021-April/010516.html))<br>- talloc ([2.3.2](https://gitlab.com/samba-team/samba/-/tags/talloc-2.3.2))<br>- tar ([1.34](https://lists.gnu.org/archive/html/info-gnu/2021-02/msg00006.html))<br>- util-linux ([2.37.2](https://www.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.2-ChangeLog))<br>- vim ([8.2.3428](https://github.com/vim/vim/releases/tag/v8.2.3428))<br>- xenstore ([4.14](https://wiki.xenproject.org/wiki/Xen_Project_4.14_Release_Notes))<br>- xz-utils ([5.2.5](https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;h=d3f7d602343b4885e2c5653fefcc86fc2c14a06b;hb=v5.2.5))<br>- zstd ([1.4.9](https://github.com/facebook/zstd/releases/tag/v1.4.9))<br>- Azure: WALinuxAgent ([2.6.0.2](https://github.com/Azure/WALinuxAgent/releases/tag/v2.6.0.2))<br><br>_Changes since **Stable 3033.2.4**_<br><br><br>### Security fixes:<br><br>- nvidia-drivers ([CVE-2022-21814](https://nvd.nist.gov/vuln/detail/CVE-2022-21814), [CVE-2022-21813](https://nvd.nist.gov/vuln/detail/CVE-2022-21813))<br>- containerd ([CVE-2022-24769](https://nvd.nist.gov/vuln/detail/CVE-2022-24769))<br><br>### Bug fixes:<br><br>- AWS: specify correct console (ttyS0) on kernel command line for ARM64 instances ([coreos-overlay#1628](https://github.com/flatcar/coreos-overlay/pull/1628))<br>- Added pahole to developer container, without it kernel modules built against /usr/src/linux may fail to probe with an 'invalid relocation target' error ([coreos-overlay#1839](https://github.com/flatcar/coreos-overlay/pull/1839))<br>- network: Accept ICMPv6 Router Advertisements to fix IPv6 address assignment in the default DHCP setting ([flatcar-linux/init#51](https://github.com/flatcar/init/pull/51), [flatcar-linux/cloudinit#12](https://github.com/flatcar/coreos-cloudinit/pull/12), [flatcar-linux/bootengine#30](https://github.com/flatcar/bootengine/pull/30))<br><br>### Changes:<br><br>- The systemd-networkd `ManageForeignRoutes` and `ManageForeignRoutingPolicyRules` settings are now disabled through a drop-in file and thus can only be enabled again by a drop-in file under `/etc/systemd/networkd.conf.d/` because drop-in files take precedence over `/etc/systemd/networkd.conf` ([init#61](https://github.com/flatcar/init/pull/61))<br>- Excluded special network interface devices like bridge, tunnel, vxlan, and veth devices from the default DHCP configuration to prevent networkd interference ([init#56](https://github.com/flatcar/init/pull/56))<br>- Added a new flatcar-update tool to the image to ease manual updates, rollbacks, channel/release jumping, and airgapped updates ([flatcar-linux/init#53](https://github.com/flatcar/init/pull/53))<br>- Merge the Flatcar Pro features into the regular Flatcar images ([coreos-overlay#1679](https://github.com/flatcar/coreos-overlay/pull/1679))<br>- Enabled the FIPS support for the Linux kernel, which users can now choose through a kernel parameter in `grub.cfg` (check it taking effect with `cat /proc/sys/crypto/fips_enabled`) ([coreos-overlay#1602](https://github.com/flatcar/coreos-overlay/pull/1602))<br>- Merge the Flatcar Pro features into the regular Flatcar images ([coreos-overlay#1679](https://github.com/flatcar/coreos-overlay/pull/1679)) <br>- Enabled FIPS mode for cryptsetup ([flatcar-linux/coreos-overlay#1747](https://github.com/flatcar/coreos-overlay/pull/1747), [portage-stable#312](https://github.com/flatcar/portage-stable/pull/312))<br>- GCE: Enabled GVE kernel driver, which adds support for Google Virtual NIC on GCP ([coreos-overlay#1802](https://github.com/flatcar/coreos-overlay/pull/1802))<br>- SDK: Dropped the mantle binaries (kola, ore, etc.) from the SDK, they are now provided by the `ghcr.io/flatcar/mantle` image ([coreos-overlay#1827](https://github.com/flatcar/coreos-overlay/pull/1827), [scripts#275](https://github.com/flatcar/scripts/pull/275))<br><br>### Updates:<br><br>- Linux ([5.10.109](https://lwn.net/Articles/889439) with [5.10.108](https://lwn.net/Articles/889002))<br>- ca-certificates ([3.77](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_77.html))<br>- containerd ([1.5.11](https://github.com/containerd/containerd/releases/tag/v1.5.11))<br>- nvidia-drivers ([510.47.03](https://docs.nvidia.com/datacenter/tesla/tesla-release-notes-510-47-03/index.html)) <br>- Azure: WALinuxAgent ([2.6.0.2](https://github.com/Azure/WALinuxAgent/releases/tag/v2.6.0.2))<br><br>Packages:<br>- docker 20.10.12<br>- ignition 0.36.1<br>- kernel 5.10.109<br>- systemd 249<br><br>Architectures:<br>- amd64<br>- arm64<br>2022-05-05T08:46:50+00:00https://github.com/flatcar/scripts/releases/tag/lts-2605.32.12605.32.12024-03-20T12:53:28.465301+00:00_Changes since **LTS 2605.31.1**_<br><br>#### Updates:<br><br>- ca-certificates ([3.83](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_83.html))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.210<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2022-10-17T15:09:11+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.31.12605.31.12024-03-20T12:53:28.458505+00:00**NOTE** LTS-2021 is near the designated end of its 18 month lifespan and will only receive 1 more update by the end of September. If you use a fixed LTS channel please switch to LTS-2022, the new LTS which has been published in May. After the next update by end of September there will be no more releases for the LTS-2021 channel. Please check your nodes' `GROUP=` setting in `/etc/flatcar/update.conf` to determine if you need to take action. Please refer to the Flatcar documentation on [switching channels](https://flatcar-linux.org/docs/latest/setup/releases/switching-channels/#freezing-an-lts-stream) to switch to LTS-2022.<br><br><br>_Changes since **LTS 2605.30.1**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2021-4159](https://nvd.nist.gov/vuln/detail/CVE-2021-4159), [CVE-2022-1462](https://nvd.nist.gov/vuln/detail/CVE-2022-1462), [CVE-2022-20369](https://nvd.nist.gov/vuln/detail/CVE-2022-20369), [CVE-2022-21505](https://nvd.nist.gov/vuln/detail/CVE-2022-21505), [CVE-2022-26373](https://nvd.nist.gov/vuln/detail/CVE-2022-26373), [CVE-2022-36123](https://nvd.nist.gov/vuln/detail/CVE-2022-36123), [CVE-2022-36879](https://nvd.nist.gov/vuln/detail/CVE-2022-36879), [CVE-2022-36946](https://nvd.nist.gov/vuln/detail/CVE-2022-36946))<br><br>#### Changes:<br><br>- The new image signing subkey was added to the public key embedded into `flatcar-install` (the old expired on 10th August 2022), only an updated `flatcar-install` script can verify releases signed with the new key ([init#79](https://github.com/flatcar/init/pull/79))<br><br>#### Updates:<br><br>- Linux ([5.4.210](https://lwn.net/Articles/904463) (includes [5.4.209](https://lwn.net/Articles/903690), [5.4.208](https://lwn.net/Articles/902919), [5.4.207](https://lwn.net/Articles/902103)))<br>- ca-certificates ([3.82](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_82.html))<br><br>Note: LTS 2605.32.1 i.e the next release to be release in the month of September would be the last release for LTS-2021. Post that there will be no more releases for the channel. Please upgrade your workloads to LTS-2022 as soon as possible.<br><br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.210<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2022-09-01T12:57:10+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.30.12605.30.12024-03-20T12:53:28.450407+00:00New LTS-2021 Release 2605.30.1<br><br>Changes since LTS-2021 2605.29.1<br><br>## Security fixes:<br><br>- Linux ([CVE-2021-33655](https://nvd.nist.gov/vuln/detail/CVE-2021-33655), [CVE-2021-33656](https://nvd.nist.gov/vuln/detail/CVE-2021-33656), [CVE-2022-2318](https://nvd.nist.gov/vuln/detail/CVE-2022-2318), [CVE-2022-26365](https://nvd.nist.gov/vuln/detail/CVE-2022-26365), [CVE-2022-32296](https://nvd.nist.gov/vuln/detail/CVE-2022-32296), [CVE-2022-33740](https://nvd.nist.gov/vuln/detail/CVE-2022-33740), [CVE-2022-33741](https://nvd.nist.gov/vuln/detail/CVE-2022-33741), [CVE-2022-33742](https://nvd.nist.gov/vuln/detail/CVE-2022-33742), [CVE-2022-33744](https://nvd.nist.gov/vuln/detail/CVE-2022-33744))<br><br>## Bug fixes:<br><br>- Removed outdated LTS channel information printed on login ([init#75](https://github.com/flatcar/init/pull/75))<br><br>## Changes:<br><br><br>## Updates:<br><br>- Linux ([5.4.206](https://lwn.net/Articles/901382) (includes [5.4.205](https://lwn.net/Articles/900908), [5.4.204](https://lwn.net/Articles/900323), [5.4.203](https://lwn.net/Articles/899790), [5.4.202](https://lwn.net/Articles/899372), [5.4.201](https://lwn.net/Articles/899089), [5.4.200](https://lwn.net/Articles/898624)))<br>- ca-certificates ([3.80](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_80.html))<br><br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.206<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2022-08-04T12:03:25+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.29.12605.29.12024-03-20T12:53:28.444240+00:00New **LTS-2021** Release **2605.29.1**<br><br>Changes since **LTS 2605.28.1**<br><br>#### Security fixes:<br><br>- Linux ([CVE-2022-1012](https://nvd.nist.gov/vuln/detail/CVE-2022-1012), [CVE-2022-32250](https://nvd.nist.gov/vuln/detail/CVE-2022-32250), [CVE-2022-21499](https://nvd.nist.gov/vuln/detail/CVE-2022-21499), [CVE-2022-32981](https://nvd.nist.gov/vuln/detail/CVE-2022-32981))<br><br>#### Updates:<br><br>- Linux ([5.4.199](https://lwn.net/Articles/898126) (includes [5.4.198](https://lwn.net/Articles/897902), [5.4.197](https://lwn.net/Articles/897169)))<br>- ca-certificates ([3.79](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_79.html))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.199<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2022-06-23T11:56:51+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.28.12605.28.12024-03-20T12:53:28.439415+00:00# New **LTS-2021** Release **2605.28.1**<br><br>_Changes since **LTS-2021 2605.27.1**_<br><br>## Security fixes:<br><br>- Linux ([CVE-2022-28390](https://nvd.nist.gov/vuln/detail/CVE-2022-28390), [CVE-2022-1158](https://nvd.nist.gov/vuln/detail/CVE-2022-1158), [CVE-2022-1353](https://nvd.nist.gov/vuln/detail/CVE-2022-1353), [CVE-2022-30594](https://nvd.nist.gov/vuln/detail/CVE-2022-30594), [CVE-2022-1198](https://nvd.nist.gov/vuln/detail/CVE-2022-1198), [CVE-2021-4197](https://nvd.nist.gov/vuln/detail/CVE-2021-4197), [CVE-2022-28389](https://nvd.nist.gov/vuln/detail/CVE-2022-28389), [CVE-2022-1516](https://nvd.nist.gov/vuln/detail/CVE-2022-1516), [CVE-2022-1204](https://nvd.nist.gov/vuln/detail/CVE-2022-1204), [CVE-2022-1205](https://nvd.nist.gov/vuln/detail/CVE-2022-1205), [CVE-2022-29581](https://nvd.nist.gov/vuln/detail/CVE-2022-29581), [CVE-2022-28388](https://nvd.nist.gov/vuln/detail/CVE-2022-28388), [CVE-2022-1836](https://nvd.nist.gov/vuln/detail/CVE-2022-1836), [CVE-2022-1048](https://nvd.nist.gov/vuln/detail/CVE-2022-1048), [CVE-2022-1734](https://nvd.nist.gov/vuln/detail/CVE-2022-1734), [CVE-2022-0494](https://nvd.nist.gov/vuln/detail/CVE-2022-0494), [CVE-2022-28893](https://nvd.nist.gov/vuln/detail/CVE-2022-28893), [CVE-2022-1729](https://nvd.nist.gov/vuln/detail/CVE-2022-1729), [CVE-2022-0854](https://nvd.nist.gov/vuln/detail/CVE-2022-0854), [CVE-2022-26490](https://nvd.nist.gov/vuln/detail/CVE-2022-26490), [CVE-2022-28356](https://nvd.nist.gov/vuln/detail/CVE-2022-28356), [CVE-2022-1016](https://nvd.nist.gov/vuln/detail/CVE-2022-1016), [CVE-2022-27666](https://nvd.nist.gov/vuln/detail/CVE-2022-27666))<br><br><br>## Updates:<br><br>- Linux ([5.4.196](https://lwn.net/Articles/896224/) from 5.4.188)<br>- ca-certificates ([3.78](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_78.html))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.196<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2022-06-23T08:51:23+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.27.12605.27.12024-03-20T12:53:28.434326+00:00<br>New **LTS-2021** Release **2605.27.1**<br><br>_Changes since **LTS 2605.26.1**_<br><br>#### Security fixes:<br><br>- Linux ([CVE-2022-0492](https://nvd.nist.gov/vuln/detail/CVE-2022-0492), [CVE-2022-0001](https://nvd.nist.gov/vuln/detail/CVE-2022-0001), [CVE-2022-0002](https://nvd.nist.gov/vuln/detail/CVE-2022-0002), [CVE-2022-1011](https://nvd.nist.gov/vuln/detail/CVE-2022-1011), [CVE-2022-1016](https://nvd.nist.gov/vuln/detail/CVE-2022-1016), [CVE-2022-23036](https://nvd.nist.gov/vuln/detail/CVE-2022-23036), [CVE-2022-23037](https://nvd.nist.gov/vuln/detail/CVE-2022-23037), [CVE-2022-23038](https://nvd.nist.gov/vuln/detail/CVE-2022-23038), [CVE-2022-23039](https://nvd.nist.gov/vuln/detail/CVE-2022-23039), [CVE-2022-23040](https://nvd.nist.gov/vuln/detail/CVE-2022-23040), [CVE-2022-23041](https://nvd.nist.gov/vuln/detail/CVE-2022-23041), [CVE-2022-23042](https://nvd.nist.gov/vuln/detail/CVE-2022-23042), [CVE-2022-23960](https://nvd.nist.gov/vuln/detail/CVE-2022-23960), [CVE-2022-25636](https://nvd.nist.gov/vuln/detail/CVE-2022-25636), [CVE-2022-27666](https://nvd.nist.gov/vuln/detail/CVE-2022-27666), [CVE-2022-28356](https://nvd.nist.gov/vuln/detail/CVE-2022-28356))<br><br>#### Updates:<br><br>- Linux ([5.4.188](https://lwn.net/Articles/889440)) (from 5.4.181)<br>- ca-certificates ([3.77](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_77.html))<br><br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.188<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2022-04-07T12:12:25+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.26.12605.26.12024-03-20T12:53:28.428348+00:00New **LTS-2605** Release **2605.26.1**<br><br>_Changes since **LTS 2605.25.1**_<br><br>#### Security fixes<br>- Linux ([CVE-2021-43976](https://nvd.nist.gov/vuln/detail/CVE-2021-43976), [CVE-2022-0330](https://nvd.nist.gov/vuln/detail/CVE-2022-0330), [CVE-2022-22942](https://nvd.nist.gov/vuln/detail/CVE-2022-22942), [CVE-2022-24448](https://nvd.nist.gov/vuln/detail/CVE-2022-24448), [CVE-2022-0617](https://nvd.nist.gov/vuln/detail/CVE-2022-0617), [CVE-2022-24959](https://nvd.nist.gov/vuln/detail/CVE-2022-24959))<br><br><br>#### Updates<br>- Linux ([5.4.176](https://lwn.net/Articles/883443)) (from 5.4.173)<br><br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.181<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2022-03-07T13:10:55+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.25.12605.25.12024-03-20T12:53:28.424235+00:00New **LTS** release **2605.25.1**<br><br>_Changes since **LTS 2605.24.1**_<br><br>#### Security fixes<br>- Linux ([CVE-2021-4135](https://nvd.nist.gov/vuln/detail/CVE-2021-4135), [CVE-2021-4155](https://nvd.nist.gov/vuln/detail/CVE-2021-4155), [CVE-2021-28711](https://nvd.nist.gov/vuln/detail/CVE-2021-28711), [CVE-2021-28712](https://nvd.nist.gov/vuln/detail/CVE-2021-28712), [CVE-2021-28713](https://nvd.nist.gov/vuln/detail/CVE-2021-28713), [CVE-2021-28714](https://nvd.nist.gov/vuln/detail/CVE-2021-28714), [CVE-2021-28715](https://nvd.nist.gov/vuln/detail/CVE-2021-28715), [CVE-2021-39685](https://nvd.nist.gov/vuln/detail/CVE-2021-39685), [CVE-2021-44733](https://nvd.nist.gov/vuln/detail/CVE-2021-44733), [CVE-2021-45095](https://nvd.nist.gov/vuln/detail/CVE-2021-45095), [CVE-2022-0185](https://nvd.nist.gov/vuln/detail/CVE-2022-0185))<br>- ca-certificates ([CVE-2021-43527](https://nvd.nist.gov/vuln/detail/CVE-2021-43527))<br><br>#### Updates<br>- Linux ([5.4.173](https://lwn.net/Articles/881965)) (includes [5.4.165](https://lwn.net/Articles/878633), [5.4.166](https://lwn.net/Articles/878900), [5.4.167](https://lwn.net/Articles/879025), [5.4.168](https://lwn.net/Articles/879498), [5.4.169](https://lwn.net/Articles/879999), [5.4.170](https://lwn.net/Articles/880467), [5.4.171](https://lwn.net/Articles/881016), [5.4.172](https://lwn.net/Articles/881550))<br>- ca-certificates ([3.74](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_74.html)) (includes [3.73.1](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_73_1.html))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.173<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2022-01-26T08:39:00+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.24.12605.24.12024-03-20T12:53:28.419211+00:00<br><br>New **LTS** release **2605.24.1**<br><br>_Changes since **LTS 2605.23.1**_<br><br>**Security Fixes**<br><br><br><br>* Linux ([CVE-2021-42739](https://nvd.nist.gov/vuln/detail/CVE-2021-42739), [CVE-2021-3640](https://nvd.nist.gov/vuln/detail/CVE-2021-3640), [CVE-2021-4002](https://nvd.nist.gov/vuln/detail/CVE-2021-4002), [CVE-2020-27820](https://nvd.nist.gov/vuln/detail/CVE-2020-27820), [CVE-2021-43975](https://nvd.nist.gov/vuln/detail/CVE-2021-43975))<br>* ca-certificates ([CVE-2021-43527](https://nvd.nist.gov/vuln/detail/CVE-2021-43527))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.164](https://lwn.net/Articles/878042))<br>* ca-certificates ([3.73](https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/vy9284s8APM))<br>* repo ([2.8](https://gerrit.googlesource.com/git-repo/+/refs/tags/v2.8))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.164<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-12-15T19:41:33+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.23.12605.23.12024-03-20T12:53:28.414871+00:00<br>New **LTS** release **2605.23.1**<br><br>_Changes since **LTS 2605.22.1**_<br><br>**Security fixes**<br><br><br><br>* Linux ([CVE-2021-3760](https://nvd.nist.gov/vuln/detail/CVE-2021-3760), [CVE-2021-3772](https://nvd.nist.gov/vuln/detail/CVE-2021-3772), [CVE-2021-43056](https://nvd.nist.gov/vuln/detail/CVE-2021-43056), [CVE-2021-43389](https://nvd.nist.gov/vuln/detail/CVE-2021-43389))<br><br>**Bug fixes**<br><br><br><br>* Use https protocol instead of git for Github URLs ([flatcar-linux/coreos-overlay#1394](https://github.com/flatcar/coreos-overlay/pull/1394))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.157](https://lwn.net/Articles/874853/))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.157<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-11-09T08:12:13+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.22.12605.22.12024-03-20T12:53:28.409874+00:00<br>New **LTS** release **2605.22.1**<br><br>_Changes since **LTS 2605.21.1**_<br><br>**Security fixes**<br><br><br><br>* Linux ([CVE-2021-42252](https://nvd.nist.gov/vuln/detail/CVE-2021-42252), [CVE-2021-20320](https://nvd.nist.gov/vuln/detail/CVE-2021-20320), [CVE-2020-16119](https://nvd.nist.gov/vuln/detail/CVE-2020-16119), [CVE-2021-37159](https://nvd.nist.gov/vuln/detail/CVE-2021-37159), [CVE-2021-3764](https://nvd.nist.gov/vuln/detail/CVE-2021-3764), [CVE-2021-3744](https://nvd.nist.gov/vuln/detail/CVE-2021-3744), [CVE-2021-38300](https://nvd.nist.gov/vuln/detail/CVE-2021-38300), [CVE-2021-20321](https://nvd.nist.gov/vuln/detail/CVE-2021-20321), [CVE-2021-41864](https://nvd.nist.gov/vuln/detail/CVE-2021-41864))<br><br>**Bux fixes**<br><br><br><br>* The tcsd service for TPM 1 is not started on machines with TPM 2 anymore where it fails and isn’t necessary ([flatcar-linux/coreos-overlay#1364](https://github.com/flatcar/coreos-overlay/pull/1364))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.155](https://lwn.net/Articles/873466/))<br>* ca-certificates ([3.69.1](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_69_1.html#nss-3-69-1-release-notes))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.155<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-10-25T15:57:52+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.21.12605.21.12024-03-20T12:53:28.405362+00:00New **LTS** release **2605.21.1**<br><br>_Changes since **LTS 2605.20.1**_<br><br>**Security fixes**<br><br><br><br>* Linux ([CVE-2021-3753](https://nvd.nist.gov/vuln/detail/CVE-2021-3753),[ CVE-2021-3739](https://nvd.nist.gov/vuln/detail/CVE-2021-3739), [CVE-2021-40490](https://nvd.nist.gov/vuln/detail/CVE-2021-40490), [CVE-2021-34556](https://nvd.nist.gov/vuln/detail/CVE-2021-34556), [CVE-2021-35477](https://nvd.nist.gov/vuln/detail/CVE-2021-35477))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.147](https://lwn.net/Articles/869407/))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.147<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-09-27T08:32:37+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.20.12605.20.12024-03-20T12:53:28.400972+00:00New **LTS** release **2605.20.1**<br><br>_Changes since **LTS 2605.19.1**_<br><br>**Security fixes**<br><br><br><br>* Linux ([CVE-2021-3653](https://nvd.nist.gov/vuln/detail/CVE-2021-3653), [CVE-2021-3656](https://nvd.nist.gov/vuln/detail/CVE-2021-3656), [CVE-2021-38166](https://nvd.nist.gov/vuln/detail/CVE-2021-38166)) <br>* openssl ([CVE-2021-3711](https://nvd.nist.gov/vuln/detail/CVE-2021-3711), [CVE-2021-3712](https://nvd.nist.gov/vuln/detail/CVE-2021-3712))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.143](https://lwn.net/Articles/867498/))<br>* openssl ([1.1.1l](https://mta.openssl.org/pipermail/openssl-announce/2021-August/000206.html))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.143<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-09-01T14:16:35+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.19.12605.19.12024-03-20T12:53:28.396017+00:00<br>_Changes since **LTS 2605.18.1**_<br><br>**Security fixes**<br><br><br><br>* Linux ([CVE-2021-38204](https://nvd.nist.gov/vuln/detail/CVE-2021-38204), [CVE-2021-3679](https://nvd.nist.gov/vuln/detail/CVE-2021-3679), [CVE-2021-37576](https://nvd.nist.gov/vuln/detail/CVE-2021-37576), [CVE-2021-33624](https://nvd.nist.gov/vuln/detail/CVE-2021-33624), [CVE-2021-38198](https://nvd.nist.gov/vuln/detail/CVE-2021-38198), [CVE-2021-38205](https://nvd.nist.gov/vuln/detail/CVE-2021-38205))<br>* Systemd ([CVE-2020-13529](https://nvd.nist.gov/vuln/detail/CVE-2020-13529), [CVE-2021-33910](https://nvd.nist.gov/vuln/detail/CVE-2021-33910))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.141](https://lwn.net/Articles/866303/))<br>* Systemd ([246.15](https://github.com/systemd/systemd-stable/releases/tag/v246.15))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.141<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-08-19T13:37:31+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.18.12605.18.12024-03-20T12:53:28.390767+00:00**Security Fixes**<br><br><br><br>* Linux ([CVE-2021-34693](https://nvd.nist.gov/vuln/detail/CVE-2021-34693), [CVE-2020-26541](https://nvd.nist.gov/vuln/detail/CVE-2020-26541), [CVE-2021-35039](https://nvd.nist.gov/vuln/detail/CVE-2021-35039), [CVE-2021-22543](https://nvd.nist.gov/vuln/detail/CVE-2021-22543), [CVE-2020-36311](https://nvd.nist.gov/vuln/detail/CVE-2020-36311), [CVE-2021-3609](https://nvd.nist.gov/vuln/detail/CVE-2021-3609), [CVE-2021-3655](https://nvd.nist.gov/vuln/detail/CVE-2021-3655), [CVE-2021-33909](https://nvd.nist.gov/vuln/detail/CVE-2021-33909))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.134](https://lwn.net/Articles/863649/))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.134<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-07-28T08:28:35+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.17.12605.17.12024-03-20T12:53:28.384264+00:00<br>**Security fixes**<br><br><br><br>* Linux ([CVE-2020-26558](https://nvd.nist.gov/vuln/detail/CVE-2020-26558), [CVE-2021-0129](https://nvd.nist.gov/vuln/detail/CVE-2021-0129), [CVE-2020-24587](https://nvd.nist.gov/vuln/detail/CVE-2020-24587), [CVE-2020-24586](https://nvd.nist.gov/vuln/detail/CVE-2020-24586), [CVE-2020-24588](https://nvd.nist.gov/vuln/detail/CVE-2020-24588), [CVE-2020-26139](https://nvd.nist.gov/vuln/detail/CVE-2020-26139), [CVE-2020-26145](https://nvd.nist.gov/vuln/detail/CVE-2020-26145), [CVE-2020-26141](https://nvd.nist.gov/vuln/detail/CVE-2020-26141), [CVE-2021-3564](https://nvd.nist.gov/vuln/detail/CVE-2021-3564), [CVE-2021-3587](https://nvd.nist.gov/vuln/detail/CVE-2021-3587), [CVE-2021-3573](https://nvd.nist.gov/vuln/detail/CVE-2021-3573))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.125](https://lwn.net/Articles/859023/))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.125<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-06-17T10:32:57+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.16.12605.16.12024-03-20T12:53:28.379897+00:00**Security fixes**<br><br>* Linux ([CVE-2021-31829](https://nvd.nist.gov/vuln/detail/CVE-2021-31829))<br>* runc ([CVE-2021-30465](https://nvd.nist.gov/vuln/detail/CVE-2021-30465))<br><br>**Updates**<br><br>* Linux ([5.4.119](https://lwn.net/Articles/856270/))<br>* systemd ([246.13](https://github.com/systemd/systemd-stable/releases/tag/v246.13))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.119<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-05-19T11:36:59+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.15.12605.15.12024-03-20T12:53:28.376375+00:00<br>**Security fixes**<br><br><br><br>* Linux ([CVE-2021-28964](https://nvd.nist.gov/vuln/detail/CVE-2021-28964), [CVE-2021-28972](https://nvd.nist.gov/vuln/detail/CVE-2021-28972), [CVE-2021-28971](https://nvd.nist.gov/vuln/detail/CVE-2021-28971), [CVE-2021-28688](https://nvd.nist.gov/vuln/detail/CVE-2021-28688), [CVE-2021-29264](https://nvd.nist.gov/vuln/detail/CVE-2021-29264),[CVE-2021-29647](https://nvd.nist.gov/vuln/detail/CVE-2021-29647), [CVE-2021-29650](https://nvd.nist.gov/vuln/detail/CVE-2021-29650), [CVE-2021-29154](https://nvd.nist.gov/vuln/detail/CVE-2021-29154), [CVE-2021-23133](https://nvd.nist.gov/vuln/detail/CVE-2021-23133))<br><br>**Bug fixes**<br><br><br><br>* Fix the patch to update DefaultTasksMax in systemd ([coreos-overlay#971](https://github.com/kinvolk/coreos-overlay/pull/971))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.114](https://lwn.net/Articles/853763/))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.114<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-04-28T13:38:02+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.14.12605.14.12024-03-20T12:53:28.372597+00:00**Security fixes**<br><br><br><br>* Linux ([CVE-2021-28375](https://nvd.nist.gov/vuln/detail/CVE-2021-28375), [CVE-2021-28660](https://nvd.nist.gov/vuln/detail/CVE-2021-28660), [CVE-2021-27363](https://nvd.nist.gov/vuln/detail/CVE-2021-27363), [CVE-2021-27365](https://nvd.nist.gov/vuln/detail/CVE-2021-27365), [CVE-2021-28038](https://nvd.nist.gov/vuln/detail/CVE-2021-28038), [CVE-2021-27364](https://nvd.nist.gov/vuln/detail/CVE-2021-27364), [CVE-2020-25639](https://nvd.nist.gov/vuln/detail/CVE-2020-25639))<br>* openssl ([CVE-2021-23840](https://nvd.nist.gov/vuln/detail/CVE-2021-23840),[ CVE-2021-23841](https://nvd.nist.gov/vuln/detail/CVE-2021-23841), [CVE-2020-1971](https://nvd.nist.gov/vuln/detail/CVE-2020-1971),[ CVE-2021-23840](https://nvd.nist.gov/vuln/detail/CVE-2021-23840),[ CVE-2021-23841](https://nvd.nist.gov/vuln/detail/CVE-2021-23841), [CVE-2021-3449](https://nvd.nist.gov/vuln/detail/CVE-2021-3449),[ CVE-2021-3450](https://nvd.nist.gov/vuln/detail/CVE-2021-3450))<br><br>**Updates**<br><br><br><br>* Linux ([5.4.107](https://lwn.net/Articles/849952/))<br>* openssl ([1.1.1k](https://mta.openssl.org/pipermail/openssl-announce/2021-March/000197.html))<br>* open-iscsi ([2.1.4](https://github.com/open-iscsi/open-iscsi/releases/tag/2.1.4))<br>* containerd ([1.4.4](https://github.com/containerd/containerd/releases/tag/v1.4.4))<br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.107<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-03-25T15:40:57+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.13.12605.13.12024-03-20T12:53:28.368529+00:00**Security fixes**<br><br>* Linux - [CVE-2021-20194](https://nvd.nist.gov/vuln/detail/CVE-2021-20194), [CVE-2021-3348](https://nvd.nist.gov/vuln/detail/CVE-2021-3348), [CVE-2020-27825](https://nvd.nist.gov/vuln/detail/CVE-2020-27825), [CVE-2021-3347](https://nvd.nist.gov/vuln/detail/CVE-2021-3347), [CVE-2021-26931](https://nvd.nist.gov/vuln/detail/CVE-2021-26931), [CVE-2021-26930](https://nvd.nist.gov/vuln/detail/CVE-2021-26930), [CVE-2021-26932](https://nvd.nist.gov/vuln/detail/CVE-2021-26932)<br><br>**Bug fixes**<br><br>* login message (motd): filter out bullet point when parsing failed units ([baselayout#16](https://github.com/kinvolk/baselayout/pull/16))<br>* tcsd.service: use correct file permissions ([coreos-overlay#809](https://github.com/kinvolk/coreos-overlay/pull/809))<br>* Use LTS 2021 as OS codename instead of the wrong LTS 2020 name<br>* Flatcar Pro for AWS: flatcar-eks: add missing mkdir and update to latest versions ([coreos-overlay#817](https://github.com/kinvolk/coreos-overlay/pull/817))<br><br>**Updates**<br><br>* Linux [5.4.101](https://lwn.net/Articles/847590/)<br><br>Packages:<br>- docker 19.03.15<br>- ignition 0.34.0<br>- kernel 5.4.101<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-03-02T12:23:32+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.12.12605.12.12024-03-20T12:53:28.364590+00:00**Security fixes**<br><br>* Linux [CVE-2020-27815](https://www.openwall.com/lists/oss-security/2020/11/30/5), [CVE-2020-29568](https://nvd.nist.gov/vuln/detail/CVE-2020-29568), [CVE-2020-29569](https://nvd.nist.gov/vuln/detail/CVE-2020-29569), [CVE-2020-28374](https://nvd.nist.gov/vuln/detail/CVE-2020-28374),[ CVE-2020-36158](https://nvd.nist.gov/vuln/detail/CVE-2020-36158)<br>* Go[ CVE-2021-3114](https://github.com/golang/go/issues/43786)<br>* sudo [CVE-2021-3156](https://nvd.nist.gov/vuln/detail/CVE-2021-3156),[ CVE-2021-23239](https://nvd.nist.gov/vuln/detail/CVE-2021-23239)<br><br>**Bug fixes**<br><br>* networkd: avoid managing MAC addresses for veth devices ([kinvolk/init#33](https://github.com/kinvolk/init/pull/33))<br>* `/etc/iscsi/initiatorname.iscsi` is generated by the iscsi-init service ([#321](https://github.com/kinvolk/Flatcar/issues/321))<br>* Prevent iscsiadm buffer overflow ([#318](https://github.com/kinvolk/Flatcar/issues/318))<br>* Revert to building docker and containerd with go1.13 instead of go1.15. This reduces the SIGURG log spam ([#315](https://github.com/kinvolk/Flatcar/issues/315))<br><br>**Changes**<br><br>* The containerd socket is now available in the default location (`/run/containerd/containerd.sock`) and also as a symlink in the previous location (`/run/docker/libcontainerd/docker-containerd.sock`) ([#771](https://github.com/kinvolk/coreos-overlay/pull/771))<br>* With the iscsi update, the service unit has changed from iscsid to iscsi ([#791](https://github.com/kinvolk/coreos-overlay/pull/791))<br>* AWS Pro: include scripts to facilitate setup of EKS workers ([#794](https://github.com/kinvolk/coreos-overlay/pull/794))<br><br>**Updates**<br><br>* Linux ([5.4.92](https://lwn.net/Articles/843687/))<br>* open-iscsi ([2.1.3](https://github.com/open-iscsi/open-iscsi/releases/tag/2.1.3))<br>* Go ([1.15.7](https://go.googlesource.com/go/+/refs/tags/go1.15.7))<br>* sudo ([1.9.5p2](https://github.com/sudo-project/sudo/releases/tag/SUDO_1_9_5p2))<br><br>Packages:<br>- docker 19.03.14<br>- ignition 0.34.0<br>- kernel 5.4.92<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2021-02-02T13:26:13+00:00https://github.com/kinvolk/manifest/releases/tag/v2605.10.12605.10.12024-03-20T12:53:28.360086+00:00Changes:<br><br>* The Linux kernel is compiled with FIPS support<br>* Containerd CRI plugin got enabled by default, only the containerd socket path needs to be specified as kubelet parameter for Kubernetes 1.20 to use containerd instead of Docker ([Flatcar#283](https://github.com/kinvolk/Flatcar/issues/283))<br><br>Updates:<br><br>* Linux (5.4.83)<br>* Docker (19.03.14)<br>* containerd (1.4.3)<br>* systemd (246.6)<br><br>Packages:<br>- docker 19.03.14<br>- ignition 0.34.0<br>- kernel 5.4.83<br>- systemd 246<br><br>Architectures:<br>- amd64<br>2020-12-16T12:01:59+00:00