Skip to content

3.0.20241005

Compare
Choose a tag to compare
@jslobodzian jslobodzian released this 16 Oct 02:47
· 120 commits to 3.0 since this release
3fc3abd

389-ds-base: init at v3.1.0
Add exclude snapshot repo option to virtual snapshot
Add host metadata to logs (Host distro & version and versions of dependencies)
add missing tags
add missing vendor and distribution tags in new specs
add missing vendor and distribution tags to core specs
Add Mosh to Extended packages
Add package libmd
Add package php-pecl-apcu v5.1.23
Add packages subunit and python-junitxml
add patch for edk2 CVE-2024-6119
Add patch to fix CVE-2024-43788 in python-tensorboard
Add patch to resolve CVE 2024 28085
add perl-Devel-Refcount
add perl-Match-Simple and perl-Sub-Infix
Add postgresql-service subpackage
Add REPO_SNAPSHOT_TIME to the toolkit for package and image build.
Add Valkey to 3.0
Adding swtpmtools to list of required packages for kubevirt
Azurelinux-rpm-macros: include release in elf module version
Azurelinux-sysinfo: add rpm as a requirement
Blobfuse2: upgrade to 2.3.2 to fix CVE-2024-35255
Build Break: Bump dracut to rebuild with latest systemd
Build mpt2sas and mpt3sas drivers, and pata_legacy as modules
Bump Go Version to 1.22.7-1
ccache: remove dangling link to host-cc
cmake: Fix CVE-2024-6197, CVE-2024-6874, and CVE-2024-8096
cmake: Update to 3.30.3 to fix CVE-2024-24806
cni: address CVE-2022-32149
Creating Busybox SBOM by not deleting the rpm db
Disable xen debugfs, and I2C Baytrail configs
edk2: Deprecate hvloader; introduce edk2-hvloader
Enable building mokutil for aarch64
Enable CET, IBT, and Paravirt spinlocks
Enable check section for glibc
Enable check section in python-platformdirs
Enable iptables by default
Enable nfsd v4 security label
Enable usb hiddev and serial ch341
Enable virtio console by default and build e1000 drivers as modules
Enabled ccache and set ptest retries to 1 for PR checks (CP: #8503, #10133)
Enabled circular deps PR check for fast-track PRs.
Extended spec PR check to validate the Distribution and Vendor tags.
Filter out debuginfo packages when running sodiff
Fix bad interactions between timeouts and build retires
Fix CVE-2024-6104 in cert-manager by patching vendor gomodules
Fix CVE-2024-6345 in setuptools
Fix for Azure Linux 3.0 Arm64 ISO OS installation issue
Fix for CVE-2024-39908 in rubygem-rexml
Fix nfs-utils to build rsc.svcgssd and provide the missing rpc-gssd
Fix ocaml test issues
Fix use static search path for toolchain GPG keys during validation
Fixed nbdkit test-time dependency on /sbin/ss.
Fixed nghttp2 test-time dependency on CUnit.
Fixed numpy ptests. Added python3-pyproject-metadata.
Fixed tdnf provides parsing to recognize epochs in package names.
Fixed spec entanglement PR check
Fixed toolchain tests blocking non-toolchain packages' tests.
Fixed toolkit's handling of RPMs with epoch values in their name
GitHub actions: Update version of actions/upload-artifact task
golang: bump Go version to 1.22.7-3
haproxy: upgrade to 2.9.11 to fix CVE-2024-45506
ig: Bump to v0.32.0.
Image Customizer: Add doc for 'sshPublicKeys'.
Image Customizer: Add doc for cloning an RPM repo.
Image Customizer: Add support for 'vfat' filesystem.
Image Customizer: Add tests for Azure Linux 3.0.
Image Customizer: Allow omitting disk maxSize and partition start.
Image Customizer: Allow verity partitions to be specified by 'id'.
Image Customizer: Bump version to v0.7
Image Customizer: Change additionalFiles to a list.
Image Customizer: Fix 'TestCustomizeImagePartitionsSizeOnly' test.
Image Customizer: Fix merge conflict.
Image Customizer: Functional tests for kernel modules API.
Image Customizer: Rename 'fileSystems' to 'filesystems'.
Image Customizer: Rename 'isRootfsOverlay' to 'isInitrdOverlay'.
Image Customizer: Rename additionDirs fields.
Image Customizer: Support filesystem-less partitions.
ImageCustomizer: Implement new MIC Overlays APIs.
Install UKI and sd-boot binaries to ESP
jx: Add patch to resolve CVE-2023-45288
keda: upgrade to 2.14.1 to fix CVE-2024-35255
kernel-uki: drop dbus in initrd
kernel-uki: remove usrmount from initrd
kernel: enable MLX5 TC Offload
krb5: Add patch for fixing CVE-2024-26458 and CVE-2024-26461
libnbd: CVE-2024-7383 (azl 3)
libsafec: upgrade to 3.8.1
libsolv: enable zstd support to match createrepo_c
libzip: fix package tests
Makefile: fix typo clean-imggen
minimal-os image definition.
mock: upgrade and port from extended to core (including dependencies)
move perl strictures and bareword-filehandles
move perl-indirect from extended to core
multus: Add patch to resolve CVE-2023-3978
nginx: Address CVE-2024-7347
nss: Disable DBM backend.
openldap: enable slapd
Optimizing OverlayFS module with new IFS separator and new supported mode.
OSModifier: Add support for updating grub
OSModifier: allow two linux cmdline in grub.cfg
OSModifier: Read root device from grub.cfg
Patch CVE-2019-10906 in nodejs
Patch CVE-2024-29018 in moby-engine to fix
Patch CVE-2024-3651 for python-pip
Patch CVE-2024-43796 in python-tensorboard
Patch CVE-2024-45590 in python-tensorboard
Patch CVE-2024-6197 in curl
patch CVE-2024-6232 and CVE-2024-8088 for python3 3.0
Patch CVE-2024-6923 in python3
Patch gdk-pixbuf2 for CVE-2022-48622
Patch ruby for CVE-2024-41946 in bundled gem rexml
patch wget to prevent debug output from printing binary request bodies
perl-sub-name update to v0.27
port 3 perl packages from extended into core
port more perl packages from extended
port perl module from extended into core: part-3
port perl module from extended into core: part-4
port perl modules from extended into core - part 6
port perl modules from extended into core: part-7
port perl modules from extended to core
port perl-Algorithm-C3
port perl-Devel-GlobalDestruction
port perl-IO-String from extended into core
port perl-Sub-Exporter-Progressive
Prepare October 2024 Update
python-argcomplete: drop check dep BR fish to enable build
python-ldap: upgrade 3.4.0 -> 3.4.4
python-packaging: fix provides
pytorch: add patch for CVE-2024-27318, CVE-2022-1941
rabbitmq-server: upgrade to 3.13.7 to fix CVE-2023-50966
Remove exit 1 for glibc check section
remove unused source signature
remove unused source signature from extra-cmake-modules
remove unused source signature: plexus-utils
remove unused source signature: rabbitmq-server
Resolve CVE-2024-41946 by upgrading ruby to 3.3.5
selinux-policy: Add cloud-utils-growpart fix.
Set ptest retries to 1 for PR package build check. (CP: #10133)
swap fix-ssl-read-and-write-error-check.patch for a slightly different version from upstream
sysstat: upgrade 12.7.4 -> 12.7.6 to address CVE-2018-19416
tensorflow: CVE-2024-7592
tensorflow: patch for CVE-2024-6232, CVE-2024-8088, CVE-2024-3651
toolkit: pkgbld: add ccache option & switch QUICK_REBUILD_PACKAGES=y
toolkit: scripts: use '#!/usr/bin/env python3' instead of hardcoding interpreter
unbound: Add patch to resolve CVE-2024-33655
update clang llvm lld with fixes and add libcxx spec
Update MIC doc to reference overlay driver and fstab for overlay feature.
Update openssl to 3.3.2 under cloud-hypervisor-cvm in order to address CVE-2024-6119
Update virt_launcher.cil installation path in virt-handler container
update wget to fix potential infinite loop
update wget with patches from fedora
Updated raw toolchain source for 3.0 PR check ADO builds.
Upgrade and build samba in 3.0
Upgrade cert-manager to 1.12.13 to get upstream patches for CVE-2024-25620 and CVE-2024-26147
Upgrade CharLS version 2.0.0 -> 2.4.2
Upgrade expat to 2.6.3 to fix CVE-2024-45490, CVE-2024-45491, CVE-2024-45492
Upgrade Kernel RT to version 6.6.44.1-rt39
Upgrade Kernel to version 6.6.51.1 to address CVE-2024-38381 CVE-2024-39472 CVE-2024-43884 CVE-2024-44946 CVE-2024-44985 CVE-2024-44974 CVE-2024-44987 CVE-2024-44986 CVE-2024-43891 CVE-2024-45006 CVE-2024-45000 CVE-2024-44990 CVE-2024-44999 CVE-2024-44989 CVE-2024-44998 CVE-2024-44995 CVE-2024-44997 CVE-2024-45002 CVE-2024-44983 CVE-2024-45029 CVE-2024-45028 CVE-2024-45022 CVE-2024-45020 CVE-2024-45009 CVE-2024-46677 CVE-2024-46674 CVE-2024-45025 CVE-2024-45030 CVE-2024-45016 CVE-2024-45021 CVE-2024-45018 CVE-2024-45015 CVE-2024-46673 CVE-2024-45011 CVE-2024-46672 CVE-2024-46693 CVE-2024-45010 CVE-2024-45026 CVE-2024-45012 CVE-2024-45019 CVE-2024-46692 CVE-2024-46686 CVE-2024-46687 CVE-2024-46685 CVE-2024-44947 CVE-2024-44996
Upgrade openssl to 3.3.2
Upgrade perl-sub-install to v0.929
Upgrade realmd version 0.16.3 -> 0.17.1
Upgrade tdnf to version 3.5.8 and Fix the ptests
Upgraded keepalived to 2.3.1 and patched CVE-2024-41184
Use build type RelWithDebInfo to generate debug info with sources
Use Toolchain RPMS when building Golden Container
util-linux: Upgrade from 2.39.2 to 2.40.2
vte291: patch CVE-2024-37535