Releases | Linux for containers

Fix Linux remote denial of service (FragmentSmack, CVE-2018-5391)
Fix Linux privileged memory access via speculative execution (L1TF/Foreshadow, CVE-2018-3620, CVE-2018-3646)

Updates:

intel-microcode 20180703
Linux 4.14.63

1800.6.0

Release Date: Aug 8, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.59 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Linux local denial of service as Xen PV guest (CVE-2018-14678)

Bug fixes:

Fix failure to mount large ext4 filesystems (#2485)

1800.5.0

Release Date: Jul 31, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.59 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix kernel CIFS client (#2480)

Updates:

Linux 4.14.59

1800.4.0

Release Date: Jul 26, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.55 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

No changes for stable promotion

1745.7.0

Release Date: Jun 15, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.48 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix TCP connection stalls (#2457)

1745.6.0

Release Date: Jun 13, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.48 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix Hyper-V network driver regression (#2454)

Updates:

Linux 4.14.48

1745.5.0

Release Date: Jun 1, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.44 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Git arbitrary code execution when cloning untrusted repositories (CVE-2018-11235)

Bug fixes:

Fix failure to set network interface MTU (#2443)

Updates:

Git 2.16.4
Linux 4.14.44

1745.4.0

Release Date: May 27, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.42 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix inadvertent change of network interface names (#2437)

1745.3.1

Release Date: May 26, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.42 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Updates:

Ignition 0.24.1
Linux 4.14.42

1688.5.3

Release Date: Apr 25, 2018

docker 17.12.1 ignition 0.22.0 kernel 4.14.32 rkt 1.29.0 systemd 237

Flatcar updates

Initial Flatcar release.

Bug fixes:

Fix GRUB crash at boot (#2284)
Fix poweroff problems (#8080)

Notes:

Previous test images have been removed from the release servers. This is due to a new update key being generated using our updated security policy which we included in the first public image.

Upstream Container Linux updates:

Bug fixes:

~~Avoid GRUB crash at boot (#2284)~~ We’ve included the real fix for this.
Fix kernel panic with vxlan (#2382)

1995.1.0

Release Date: Jan 18, 2019

docker 18.06.1 ignition 0.29.1 kernel 4.19.13 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Updates:

Linux 4.19.13

1967.2.0

Release Date: Dec 21, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.88 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Go CPU denial of service in X.509 verification (CVE-2018-16875)
Fix PolicyKit always authorizing UIDs greater than INT_MAX (CVE-2018-19788)

Updates:

Go 1.10.6
Go 1.11.3
Linux 4.14.88

1967.1.0

Release Date: Dec 6, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.84 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

Switch to the LTS Linux version 4.14.84 for the beta channel

1939.2.1

Release Date: Nov 21, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.81 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Disable containerd CRI plugin to stop it from listening on a TCP port (#2524)

Updates:

Linux 4.14.81

1939.1.0

Release Date: Nov 8, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.79 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix systemd re-executing with arbitrary supplied state (CVE-2018-15686)
Fix systemd race allowing changing file permissions (CVE-2018-15687)
Fix systemd-networkd buffer overflow in the dhcp6 client (CVE-2018-15688)

Changes:

Switch to the LTS Linux version 4.14.79 for the beta channel

1911.2.0

Release Date: Oct 26, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.78 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Git remote code execution during recursive clone (CVE-2018-17456)

Bug fixes:

Fix missing kernel headers (#2505)

Updates:

Git 2.16.5
Linux 4.14.78

1911.1.1

Release Date: Oct 11, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.74 rkt 1.30.0 systemd 238

Flatcar updates

Changes:

Add new image signing subkey to flatcar-install (flatcar-linux/init#4)

Bug fixes:

Fix /usr/lib/coreos symlink for Container Linux compatibility (flatcar-linux/coreos-overlay#8)

Upstream Container Linux updates:

Changes:

Switch to the LTS Linux version 4.14.74 for the beta channel

1883.1.0

Release Date: Sep 14, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.69 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix Docker mounting named volumes (#2497)

Changes:

Switch to the LTS Linux version 4.14.69 for the beta channel

Updates:

intel-microcode 20180807a

1855.3.0

Release Date: Sep 5, 2018

docker 18.06.1 ignition 0.26.0 kernel 4.14.67 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

Drop AWS PV images from regions which do not support PV

Updates:

containerd 1.1.2
Docker 18.06.1-ce
intel-microcode 20180807a
Linux 4.14.67

1855.2.0

Release Date: Aug 17, 2018

docker 18.06.0 ignition 0.26.0 kernel 4.14.63 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Linux remote denial of service (FragmentSmack, CVE-2018-5391)
Fix Linux privileged memory access via speculative execution (L1TF/Foreshadow, CVE-2018-3620, CVE-2018-3646)

Bug fixes:

Fix PXE systems attempting to mount an ESP (#2491)

Changes:

Switch to the LTS Linux version 4.14.63 for the beta channel

1828.3.0

Release Date: Aug 8, 2018

docker 18.03.1 ignition 0.26.0 kernel 4.14.60 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Linux local denial of service as Xen PV guest (CVE-2018-14678)

Bug fixes:

Fix failure to mount large ext4 filesystems (#2485)

Updates:

Linux 4.14.60

1828.2.0

Release Date: Jul 31, 2018

docker 18.03.1 ignition 0.26.0 kernel 4.14.59 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix kernel CIFS client (#2480)

Updates:

Linux 4.14.59

1828.1.0

Release Date: Jul 26, 2018

docker 18.03.1 ignition 0.26.0 kernel 4.14.57 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

Switch to the LTS Docker version 18.03.1-ce for the beta channel
Switch to the LTS Linux version 4.14.57 for the beta channel

1800.3.0

Release Date: Jul 13, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.55 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Updates:

Linux 4.14.55

1800.2.0

Release Date: Jun 22, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.50 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

Switch to the LTS Docker version 18.03.1-ce for the beta channel
Switch to the LTS Linux version 4.14.50 for the beta channel

1772.4.0

Release Date: Jun 15, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.49 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix TCP connection stalls (#2457)

Updates:

Linux 4.14.49

1772.3.0

Release Date: Jun 13, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.48 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix Hyper-V network driver regression (#2454)

Updates:

Linux 4.14.48

1772.2.0

Release Date: Jun 1, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.47 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Git arbitrary code execution when cloning untrusted repositories (CVE-2018-11235)

Bug fixes:

Fix inadvertent change of network interface names (#2437)
Fix failure to set network interface MTU (#2443)

Updates:

Git 2.16.4
Linux 4.14.47

1772.1.1

Release Date: May 26, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.42 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

Switch to the LTS Docker version 18.03.1-ce for the beta channel
Switch to the LTS Linux version 4.14.42 for the beta channel

Updates:

Ignition 0.24.1

1745.2.0

Release Date: May 11, 2018

docker 18.03.1 ignition 0.24.0 kernel 4.14.39 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix ntp clock manipulation from ephemeral connections (CVE-2016-1549, CVE-2018-7170)
Fix ntp denial of service from out of bounds read (CVE-2018-7182)
Fix ntp denial of service from packets with timestamp 0 (CVE-2018-7184, CVE-2018-7185)
Fix ntp remote code execution (CVE-2018-7183)

Updates:

containerd 1.0.3
Docker 18.03.1-ce
Linux 4.14.39
ntp 4.2.8p11

1745.1.0

Release Date: Apr 26, 2018

docker 18.03.0 ignition 0.24.0 kernel 4.14.35 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix docker2aci tar conversion (#2402)

Changes:

Switch to the LTS Linux version 4.14.35 for the beta channel

1722.2.0

Release Date: Apr 25, 2018

docker 17.12.1 ignition 0.23.0 kernel 4.14.30 rkt 1.29.0 systemd 237

Flatcar updates

Initial Flatcar release.

Bug fixes:

Fix GRUB crash at boot (#2284)
Fix poweroff problems (#8080)

Notes:

Previous test images have been removed from the release servers. This is due to a new update key being generated using our updated security policy which we included in the first public image.

Upstream Container Linux updates:

Bug fixes:

Fix kernel panic with vxlan (#2382)

2023.0.0

Release Date: Jan 18, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.15 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix systemd-journald privilege escalation (CVE-2018-16864, CVE-2018-16865)
Fix systemd-journald out of bounds read (CVE-2018-16866)
Fix ntpq, ntpdc buffer overflow (CVE-2018-12327)
Fix etcd improper authentication with RBAC and client certs (CVE-2018-16886)

Changes:

Add ip_vs_mh kernel module (#2542)

Updates:

etcd 3.3.11
etcdctl 3.3.11
Linux 4.19.15
ntp 4.2.8p12
sudo 1.8.25p1

2016.0.0

Release Date: Jan 18, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.13 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix monitoring process events over netlink (#2537)

Updates:

Ignition 0.30.0
Go 1.10.7
Go 1.11.4
Linux 4.19.13

1995.0.0

Release Date: Dec 21, 2018

docker 18.06.1 ignition 0.29.1 kernel 4.19.9 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Go CPU denial of service in X.509 verification (CVE-2018-16875)
Fix PolicyKit always authorizing UIDs greater than INT_MAX (CVE-2018-19788)

Bug fixes:

Fix AWS, Azure, and GCE disk aliases in the initramfs for Ignition (#2531)

Updates:

Go 1.10.6
Go 1.11.3
Ignition 0.29.1
Linux 4.19.9
Rust 1.31.0
wa-linux-agent 2.2.32

1981.0.0

Release Date: Dec 6, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.19.6 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Updates:

Linux 4.19.6
iptables 1.6.2

1967.0.0

Release Date: Nov 21, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.19.2 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Disable containerd CRI plugin to stop it from listening on a TCP port (#2524)
Fix curl buffer overrun in NTLM authentication code (CVE-2018-14618)
Fix OpenSSL TLS client denial of service (CVE-2018-0732)
Fix OpenSSL timing side channel in DSA signature generation (CVE-2018-0734)
Fix OpenSSL timing side channel via SMT port contention (CVE-2018-5407)

Updates:

coreos-metadata 3.0.2
curl 7.61.1
Go 1.10.5
Go 1.11.2
Linux 4.19.2
OpenSSL 1.0.2p
Rust 1.30.1

1953.0.0

Release Date: Nov 8, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.19.1 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix systemd re-executing with arbitrary supplied state (CVE-2018-15686)
Fix systemd race allowing changing file permissions (CVE-2018-15687)
Fix systemd-networkd buffer overflow in the dhcp6 client (CVE-2018-15688)

Bug fixes:

Add AWS and GCE disk aliases in the initramfs for Ignition (#2481)
Add compatibility nf_conntrack_ipv4 kernel module to fix kube-proxy IPVS on Linux 4.19 (#2518)

Updates:

IANA timezone database 2018e
kexec-tools 2.0.17
Linux 4.19.1

1939.0.0

Release Date: Oct 26, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.19.0 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Git remote code execution during recursive clone (CVE-2018-17456)
Fix OpenSSH user enumeration (CVE-2018-15473)
Fix Rust standard library integer overflow (CVE-2018-1000810)

Bug fixes:

Fix missing kernel headers (#2505)

Updates:

coreos-metadata 3.0.1
etcd-wrapper 3.3.10
etcdctl 3.3.10
Git 2.18.1
Linux 4.19
linux-firmware 20181001
OpenSSH 7.7p1
Rust 1.29.1

1925.0.0

Release Date: Oct 11, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.18.12 rkt 1.30.0 systemd 238

Flatcar updates

Changes:

Add new image signing subkey to flatcar-install (flatcar-linux/init#4)

Bug fixes:

Fix /usr/lib/coreos symlink for Container Linux compatibility (flatcar-linux/coreos-overlay#8)

Upstream Container Linux updates:

Updates:

glibc 2.26
Go 1.11.1
Linux 4.18.12
nfs-utils 2.3.1
open-vm-tools 10.3.0

1911.0.2

Release Date: Oct 1, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.18.9 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix Google Compute Engine OS Login activation (#2503)

Updates:

Linux 4.18.9

1897.0.0

Release Date: Sep 14, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.18.7 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix Docker mounting named volumes (#2497)
Fix Azure disk detection in Ignition (#2481)

Changes:

Add support for Google Compute Engine OS Login
Enable support for Mellanox Ethernet switches

Updates:

coreos-metadata 3.0.0
Go 1.10.4
Go 1.11
intel-microcode 20180807a
Linux 4.18.7
update-ssh-keys 0.3.0

1883.0.0

Release Date: Aug 29, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.18.5 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

Add CIFS userspace utilities (#571)
Drop AWS PV images from regions which do not support PV

Updates:

containerd 1.1.2
Docker 18.06.1-ce
Ignition 0.28.0
Linux 4.18.5
Rust 1.28.0

1871.0.0

Release Date: Aug 17, 2018

docker 18.06.0 ignition 0.27.0 kernel 4.17.15 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Linux remote denial of service (FragmentSmack, CVE-2018-5391)
Fix Linux privileged memory access via speculative execution (L1TF/Foreshadow, CVE-2018-3620, CVE-2018-3646)
Fix curl SMTP buffer overflow (CVE-2018-0500)

Bug fixes:

Fix PXE systems attempting to mount an ESP (#2491)

Updates:

coreos-metadata 2.0.0
curl 7.61.0
Ignition 0.27.0
Linux 4.17.15
update-ssh-keys 0.2.1

1855.1.0

Release Date: Aug 8, 2018

docker 18.06.0 ignition 0.26.0 kernel 4.17.12 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Linux local denial of service as Xen PV guest (CVE-2018-14678)

Bug fixes:

Fix failure to mount large ext4 filesystems (#2485)

Updates:

Linux 4.17.12

1855.0.0

Release Date: Jul 31, 2018

docker 18.06.0 ignition 0.26.0 kernel 4.17.11 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

Updates:

etcd 3.3.9
etcdctl 3.3.9
Linux 4.17.11

1849.0.0

Release Date: Jul 26, 2018

docker 18.06.0 ignition 0.26.0 kernel 4.17.9 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

Add torcx remotes support

Updates:

containerd 1.1.1
Docker 18.06.0-ce
intel-microcode 20180703
Linux 4.17.9
Update Engine 0.4.9

1828.0.0

Release Date: Jul 5, 2018

docker 18.05.0 ignition 0.26.0 kernel 4.17.3 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix curl buffer overflows (CVE-2018-1000300, CVE-2018-1000301)
Fix Linux random seed during early boot (CVE-2018-1108)

Changes:

Reads of /dev/urandom early in boot will block until entropy pool is fully initialized
Support friendly AWS EBS NVMe device names (#2399)

Updates:

cryptsetup 1.7.5
curl 7.60.0
etcd-wrapper 3.3.8
etcdctl 3.3.8
intel-microcode 20180616
kmod 25
Linux 4.17.3
linux-firmware 20180606
Locksmith 0.6.2
OpenSSL 1.0.2o

1814.0.0

Release Date: Jun 22, 2018

docker 18.05.0 ignition 0.26.0 kernel 4.16.16 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix Hyper-V network driver regression (#2454)

Changes:

Drop obsolete cros_sdk method of entering SDK

Updates:

etcd 3.3.7
etcdctl 3.3.7
Go 1.9.7
Go 1.10.3
Ignition 0.26.0
Linux 4.16.16
torcx 0.2.0

1800.1.0

Release Date: Jun 13, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.14 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix Hyper-V network driver regression (#2454)

1800.0.0

Release Date: Jun 12, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.14 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix multiple procps vulnerabilities (CVE-2018-1120, CVE-2018-1121, CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126, CVE-2018-1120, CVE-2018-1121, CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1126)
Fix shadow privilege escalation (CVE-2018-7169)
Fix samba man-in-the-middle attack (CVE-2016-2119)
Fix Git arbitrary code execution when cloning untrusted repositories (CVE-2018-11235)

Bug fixes:

Fix failure to set network interface MTU (#2443)
Fix inadvertent change of network interface names (#2437)
Fix Docker bind mounts from root filesystem (#2440)

Changes:

Update VMware virtual hardware version to 11 (ESXi > 6.0)

Updates:

1786.2.0

Release Date: Jun 1, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.13 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix Git arbitrary code execution when cloning untrusted repositories (CVE-2018-11235)

Bug fixes:

Fix failure to set network interface MTU (#2443)

Updates:

Git 2.16.4
Linux 4.16.13

1786.1.0

Release Date: May 27, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.10 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix inadvertent change of network interface names (#2437)
Fix Docker bind mounts from root filesystem (#2440)

1786.0.1

Release Date: May 26, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.10 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix ncurses denial of service and arbitrary code execution (CVE-2017-10684, CVE-2017-10685, CVE-2017-11112, CVE-2017-11113, CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733, CVE-2017-13734, CVE-2017-16879)
Fix rsync arbitrary command execution (CVE-2018-5764)
Fix wget cookie injection (CVE-2018-0494)

Changes:

Enable QLogic FCoE offload support (#2367)
Enable hardware RNG kernel drivers (#2430)
Add notrap to ntpd default access restrictions (#2220)
Allow booting default GRUB menu entry if GRUB password is enabled (#1597)
coreos-install -i no longer modifies grub.cfg (#2291)
QEMU wrapper script now enables VirtIO RNG device

Updates:

bind-tools 9.11.2-P1
Docker 18.05.0-ce
etcd-wrapper 3.3.5
etcdctl 3.3.5
GnuPG 2.2.7
GPT fdisk 1.0.3
Ignition 0.25.1
Less 529
Linux 4.16.10
rsync 3.1.3
Rust 1.26
util-linux 2.32
vim 8.0.1298
wget 1.19.5

1772.0.0

Release Date: May 11, 2018

docker 18.04.0 ignition 0.24.0 kernel 4.16.7 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

Fix GRUB free magic error on existing systems (#2400)

Changes:

Support storing sudoers in SSSD and LDAP
No longer publish Oracle Cloud release images

Updates:

1758.0.0

Release Date: Apr 26, 2018

docker 18.04.0 ignition 0.24.0 kernel 4.16.3 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Fix ntp clock manipulation from ephemeral connections (CVE-2016-1549, CVE-2018-7170)
Fix ntp denial of service from out of bounds read (CVE-2018-7182)
Fix ntp denial of service from packets with timestamp 0 (CVE-2018-7184, CVE-2018-7185)
Fix ntp remote code execution (CVE-2018-7183)

Bug fixes:

Pass /etc/machine-id from the host to the kubelet
Fix docker2aci tar conversion (#2402)
Switch /boot from FAT16 to FAT32 (#2246)

Changes:

Make Ignition failures more visible on the console

Updates:

1745.0.0

Release Date: Apr 25, 2018

docker 18.03.0 ignition 0.24.0 kernel 4.15.15 rkt 1.29.0 systemd 238

Flatcar updates

Initial Flatcar release.

Notes:

Previous test images have been removed from the release servers. This is due to a new update key being generated using our updated security policy which we included in the first public image.

Upstream Container Linux updates:

Security fixes:

Fix curl out of bounds read (CVE-2018-1000005)
Fix curl authentication data leak (CVE-2018-1000007)
Fix curl buffer overflow (CVE-2018-1000120)
Fix glibc integer overflow in libcidn (CVE-2017-14062)
Fix glibc memory issues in glob() with ~ (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804)
Fix glibc mishandling RPATHs with $ORIGIN on setuid binaries (CVE-2017-16997)
Fix glibc buffer underflow in realpath() (CVE-2018-1000001)
Fix glibc integer overflow and heap corruption in memalign() (CVE-2018-6485)

Bug fixes:

Fix GRUB crash at boot (#2284)

Updates:

curl 7.59.0
etcd-wrapper 3.3.3
etcdctl 3.3.3
glibc 2.25
Ignition 0.24.0
Linux 4.15.15
Update Engine 0.4.6

Release Channels

Stable

Beta

Alpha

Release Notes

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Flatcar updates

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Flatcar updates

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Flatcar updates

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Flatcar updates

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Flatcar updates

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Upstream Container Linux updates:

Flatcar updates

Upstream Container Linux updates: