Releases

Release Channels

Stable
2191.5.0

The Stable channel is intended for use in production clusters. Versions of Flatcar Linux have been tested as they move through Alpha and Beta channels before being promoted to stable.

Beta
2247.2.0

The Beta channel is where Flatcar Linux stability is solidified. We encourage including some beta machines in production clusters in order to catch any issues that may arise with your setup.

Alpha
2261.0.0

The Alpha channel follows a more frequent release cadence and is where new updates are introduced. Users can try the new versions of the Linux kernel, systemd and other core packages.

The Edge channel includes expiremental features and patches of the Linux kernel and other core OS packages. It is designed for experimental purposes and is not supported.

Release Notes

Release Date: Sep 5, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.68 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix pam_systemd bug allowing authenticated remote users to perform polkit actions as if locally logged in (CVE-2019-3842)
  • Fix systemd-resolved bug allowing unprivileged users to change DNS settings (CVE-2019-15718)

Bug fixes:

  • Fix GCE agent crash loop in new installs (#2608)

Updates:

Release Date: Aug 30, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.66 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix wget buffer overflow allowing arbitrary code execution (CVE-2019-5953)

Updates:

Release Date: Aug 16, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.65 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Flatcar updates

Bug fixes:

Changes:

Release Date: Aug 1, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.56 rkt 1.30.0 systemd 241

Release Date: Jul 3, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.50 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix Ignition panic when no guestinfo.(coreos|ignition).config parameters are specified on VMware (coreos/ignition#821)

Updates:

Release Date: Jul 1, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.50 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

No changes for stable promotion

Release Date: Jun 19, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.43 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix invalid bzip2 compression of Container Linux release images (#2589)

Release Date: Jun 6, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.43 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix systemd MountFlags=shared option (#2579)

Changes:

  • Pin network interface naming to systemd v238 scheme (#2578)

Release Date: May 16, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.43 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Apr 26, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.34 rkt 1.30.0 systemd 241

Flatcar updates

Bug fixes:

Release Date: Apr 25, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.34 rkt 1.30.0 systemd 241

Flatcar updates

Bug fixes:

Release Date: Apr 24, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.34 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

No changes for stable promotion

Release Date: Mar 12, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.25 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix systemd crash from a specially-crafted D-Bus message (CVE-2019-6454)

Bug fixes:

  • Fix systemd-journald memory leak (#2564)

Updates:

Release Date: Feb 27, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.23 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Release Date: Feb 21, 2019

docker 18.06.1 ignition 0.28.0 kernel 4.14.96 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix kernel POSIX timer rearming (#2549)

Release Date: Feb 14, 2019

docker 18.06.1 ignition 0.28.0 kernel 4.14.96 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Release Date: Jan 30, 2019

docker 18.06.1 ignition 0.28.0 kernel 4.14.96 rkt 1.30.0 systemd 238

Release Date: Jan 28, 2019

docker 18.06.1 ignition 0.28.0 kernel 4.14.88 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

No changes for stable promotion

Flatcar updates

Changes:

Release Date: Jan 28, 2019

docker 18.06.1 ignition 0.28.0 kernel 4.14.88 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

No changes for stable promotion

Release Date: Dec 21, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.84 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Go CPU denial of service in X.509 verification (CVE-2018-16875)
  • Fix PolicyKit always authorizing UIDs greater than INT_MAX (CVE-2018-19788)

Updates:

Release Date: Nov 27, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.81 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Disable containerd CRI plugin to stop it from listening on a TCP port (#2524)

Updates:

Release Date: Nov 8, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.78 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix systemd re-executing with arbitrary supplied state (CVE-2018-15686)
  • Fix systemd race allowing changing file permissions (CVE-2018-15687)
  • Fix systemd-networkd buffer overflow in the dhcp6 client (CVE-2018-15688)

Release Date: Oct 26, 2018

docker 18.06.1 ignition 0.26.0 kernel 4.14.74 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Git remote code execution during recursive clone (CVE-2018-17456)

Updates:

Release Date: Oct 11, 2018

docker 18.06.1 ignition 0.26.0 kernel 4.14.67 rkt 1.30.0 systemd 238

Flatcar updates

Changes:

Release Date: Sep 14, 2018

docker 18.06.1 ignition 0.26.0 kernel 4.14.67 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix Docker mounting named volumes (#2497)

Release Date: Aug 17, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.63 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Aug 8, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.59 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix failure to mount large ext4 filesystems (#2485)

Release Date: Jul 31, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.59 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix kernel CIFS client (#2480)

Updates:

Release Date: Jul 26, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.55 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

No changes for stable promotion

Release Date: Jun 15, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.48 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix TCP connection stalls (#2457)

Release Date: Jun 13, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.48 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix Hyper-V network driver regression (#2454)

Updates:

Release Date: Jun 1, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.44 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Git arbitrary code execution when cloning untrusted repositories (CVE-2018-11235)

Bug fixes:

  • Fix failure to set network interface MTU (#2443)

Updates:

Release Date: May 27, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.42 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix inadvertent change of network interface names (#2437)

Release Date: May 26, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.42 rkt 1.29.0 systemd 238

Release Date: Apr 25, 2018

docker 17.12.1 ignition 0.22.0 kernel 4.14.32 rkt 1.29.0 systemd 237

Flatcar updates

Initial Flatcar release.

Bug fixes:

Notes:

  • Previous test images have been removed from the release servers. This is due to a new update key being generated using our updated security policy which we included in the first public image.

Upstream Container Linux updates:

Bug fixes:

Release Date: Sep 19, 2019

docker 19.03.2 ignition 0.33.0 kernel 5.2.13 rkt 1.30.0 systemd 242

Flatcar updates

Security fixes:

  • Fix systemd-resolved bug allowing unprivileged users to change DNS settings (CVE-2019-15718)

Bug fixes:

Updates:

Release Date: Sep 3, 2019

docker 19.03.1 ignition 0.33.0 kernel 5.2.11 rkt 1.30.0 systemd 241

Flatcar updates

Security fixes:

Bug fixes:

Updates:

Release Date: Aug 28, 2019

docker 19.03.1 ignition 0.33.0 kernel 5.2.9 rkt 1.30.0 systemd 241

Flatcar updates

Security fixes:

Bug fixes:

Updates:

Release Date: Aug 9, 2019

docker 18.09.7 ignition 0.33.0 kernel 5.2.7 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix Linux information leak attack vector via speculative side channel (CVE-2019-1125)

Flatcar updates

Security fixes:

Bug fixes:

Updates:

Changes:

Release Date: Aug 5, 2019

docker 18.09.7 ignition 0.33.0 kernel 5.2.5 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix Ignition fetching from S3 URLs when network is slow to start (ignition#826)

Flatcar updates

Bug fixes:

Updates:

Changes:

Release Date: Jul 29, 2019

docker 18.09.7 ignition 0.33.0 kernel 5.2.1 rkt 1.30.0 systemd 241

Release Date: Jul 17, 2019

docker 18.09.7 ignition 0.33.0 kernel 5.2.1 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix Docker device or resource busy error when creating overlay mounts, introduced in 2191.99.0

Flatcar updates

Updates:

Release Date: Jul 9, 2019

docker 18.09.7 ignition 0.33.0 kernel 5.2.0 rkt 1.30.0 systemd 241

Flatcar updates

Bug fixes:

Updates:

Release Date: Jul 4, 2019

docker 18.06.3 ignition 0.33.0 kernel 5.1.15 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Bug fixes:

Updates:

Flatcar updates

Bug fixes:

Updates:

Changes:

Release Date: Jun 21, 2019

docker 18.06.3 ignition 0.32.0 kernel 5.1.11 rkt 1.30.0 systemd 241

Flatcar updates

Security fixes:

Updates:

Release Date: May 28, 2019

docker 18.06.3 ignition 0.32.0 kernel 5.1.5 rkt 1.30.0 systemd 241

Flatcar updates

Security fixes:

Bug fixes:

Updates:

Release Date: May 15, 2019

docker 18.06.3 ignition 0.32.0 kernel 5.1.0 rkt 1.30.0 systemd 241

Initial release

This is the first release meant to be used by the public so all the Edge changes are listed.

Flatcar updates

Changes:

Updates:

Release Date: Apr 29, 2019

docker 18.06.3 ignition 0.32.0 kernel 5.0.9 rkt 1.30.0 systemd 241

Flatcar updates

Changes:

Updates:

Release Date: Apr 26, 2019

docker 18.06.3 ignition 0.31.0 kernel 5.0.7 rkt 1.30.0 systemd 241

Flatcar updates

Changes:

Updates:

Release Date: Apr 26, 2019

docker 18.06.3 ignition 0.31.0 kernel 5.0.1 rkt 1.30.0 systemd 241

Flatcar updates

Updates:

Release Date: Apr 26, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.20 rkt 1.30.0 systemd 238

Flatcar updates

Bug fixes:

Release Date: Apr 26, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.20 rkt 1.30.0 systemd 238

Release Date: Sep 13, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.71 rkt 1.30.0 systemd 241

Release Date: Sep 5, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.69 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix pam_systemd bug allowing authenticated remote users to perform polkit actions as if locally logged in (CVE-2019-3842)
  • Fix systemd-resolved bug allowing unprivileged users to change DNS settings (CVE-2019-15718)

Bug fixes:

  • Fix GCE agent crash loop in new installs (#2608)

Updates:

Release Date: Aug 30, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.68 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix wget buffer overflow allowing arbitrary code execution (CVE-2019-5953)

Updates:

Release Date: Aug 16, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.65 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Flatcar updates

Bug fixes:

Release Date: Aug 8, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.65 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix Linux information leak attack vector via speculative side channel (CVE-2019-1125)

Updates:

Flatcar updates

Changes:

Release Date: Aug 1, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.62 rkt 1.30.0 systemd 241

Release Date: Jul 17, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.56 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

No changes for beta promotion

Release Date: Jul 3, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.55 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix Ignition panic when no guestinfo.(coreos|ignition).config parameters are specified on VMware (coreos/ignition#821)

Updates:

Release Date: Jul 1, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.55 rkt 1.30.0 systemd 241

Release Date: Jun 19, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.50 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix invalid bzip2 compression of Container Linux release images (#2589)

Updates:

Release Date: May 21, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.44 rkt 1.30.0 systemd 241

Release Date: May 16, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.43 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: May 8, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.36 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix systemd MountFlags=shared option (#2579)

Changes:

  • Pin network interface naming to systemd v238 scheme (#2578)

Release Date: Apr 24, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.36 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Disable new sticky directory protections for backward compatibility (#2577)

Changes:

  • Enable atlantic kernel module (#2576)

Updates:

Release Date: Apr 17, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.34 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Disable new sticky directory protections for backwards compatibility (#2577)

Changes:

  • Enable atlantic kernel module (#2576)

Updates:

Release Date: Mar 26, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.31 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix systemd presets incorrectly handling escaped unit names (#2569)

Updates:

Release Date: Mar 12, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.28 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix systemd-journald memory leak (#2564)

Updates:

Release Date: Feb 27, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.25 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Linux use-after-free in sockfs_setattr (CVE-2019-8912)
  • Fix systemd crash from a specially-crafted D-Bus message (CVE-2019-6454)

Updates:

Release Date: Feb 21, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.23 rkt 1.30.0 systemd 238

Release Date: Feb 14, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.20 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Changes:

  • Revert /sys/bus/rbd/add to Linux 4.14 behavior (#2544)

Updates:

Release Date: Jan 30, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.18 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Jan 18, 2019

docker 18.06.1 ignition 0.29.1 kernel 4.19.13 rkt 1.30.0 systemd 238

Release Date: Dec 21, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.88 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Go CPU denial of service in X.509 verification (CVE-2018-16875)
  • Fix PolicyKit always authorizing UIDs greater than INT_MAX (CVE-2018-19788)

Updates:

Release Date: Dec 6, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.84 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

  • Switch to the LTS Linux version 4.14.84 for the beta channel

Release Date: Nov 21, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.81 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Disable containerd CRI plugin to stop it from listening on a TCP port (#2524)

Updates:

Release Date: Nov 8, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.79 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix systemd re-executing with arbitrary supplied state (CVE-2018-15686)
  • Fix systemd race allowing changing file permissions (CVE-2018-15687)
  • Fix systemd-networkd buffer overflow in the dhcp6 client (CVE-2018-15688)

Changes:

  • Switch to the LTS Linux version 4.14.79 for the beta channel

Release Date: Oct 26, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.78 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Git remote code execution during recursive clone (CVE-2018-17456)

Bug fixes:

  • Fix missing kernel headers (#2505)

Updates:

Release Date: Oct 11, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.74 rkt 1.30.0 systemd 238

Flatcar updates

Changes:

Bug fixes:

Upstream Container Linux updates:

Changes:

  • Switch to the LTS Linux version 4.14.74 for the beta channel

Release Date: Sep 14, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.14.69 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix Docker mounting named volumes (#2497)

Changes:

  • Switch to the LTS Linux version 4.14.69 for the beta channel

Updates:

Release Date: Sep 5, 2018

docker 18.06.1 ignition 0.26.0 kernel 4.14.67 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

  • Drop AWS PV images from regions which do not support PV

Updates:

Release Date: Aug 17, 2018

docker 18.06.0 ignition 0.26.0 kernel 4.14.63 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix PXE systems attempting to mount an ESP (#2491)

Changes:

  • Switch to the LTS Linux version 4.14.63 for the beta channel

Release Date: Aug 8, 2018

docker 18.03.1 ignition 0.26.0 kernel 4.14.60 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix failure to mount large ext4 filesystems (#2485)

Updates:

Release Date: Jul 31, 2018

docker 18.03.1 ignition 0.26.0 kernel 4.14.59 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix kernel CIFS client (#2480)

Updates:

Release Date: Jul 26, 2018

docker 18.03.1 ignition 0.26.0 kernel 4.14.57 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

  • Switch to the LTS Docker version 18.03.1-ce for the beta channel
  • Switch to the LTS Linux version 4.14.57 for the beta channel

Release Date: Jul 13, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.55 rkt 1.30.0 systemd 238

Release Date: Jun 22, 2018

docker 18.03.1 ignition 0.25.1 kernel 4.14.50 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

  • Switch to the LTS Docker version 18.03.1-ce for the beta channel
  • Switch to the LTS Linux version 4.14.50 for the beta channel

Release Date: Jun 15, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.49 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix TCP connection stalls (#2457)

Updates:

Release Date: Jun 13, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.48 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix Hyper-V network driver regression (#2454)

Updates:

Release Date: Jun 1, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.47 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Git arbitrary code execution when cloning untrusted repositories (CVE-2018-11235)

Bug fixes:

  • Fix inadvertent change of network interface names (#2437)
  • Fix failure to set network interface MTU (#2443)

Updates:

Release Date: May 26, 2018

docker 18.03.1 ignition 0.24.1 kernel 4.14.42 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

  • Switch to the LTS Docker version 18.03.1-ce for the beta channel
  • Switch to the LTS Linux version 4.14.42 for the beta channel

Updates:

Release Date: May 11, 2018

docker 18.03.1 ignition 0.24.0 kernel 4.14.39 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Apr 26, 2018

docker 18.03.0 ignition 0.24.0 kernel 4.14.35 rkt 1.29.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix docker2aci tar conversion (#2402)

Changes:

  • Switch to the LTS Linux version 4.14.35 for the beta channel

Release Date: Apr 25, 2018

docker 17.12.1 ignition 0.23.0 kernel 4.14.30 rkt 1.29.0 systemd 237

Flatcar updates

Initial Flatcar release.

Bug fixes:

Notes:

  • Previous test images have been removed from the release servers. This is due to a new update key being generated using our updated security policy which we included in the first public image.

Upstream Container Linux updates:

Bug fixes:

  • Fix kernel panic with vxlan (#2382)

Release Date: Sep 13, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.71 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix systemd-resolved bug allowing unprivileged users to change DNS settings (CVE-2019-15718)

Bug fixes:

  • Fix GCE agent crash loop in new installs (#2608)

Updates:

Release Date: Sep 5, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.69 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix systemd-resolved bug allowing unprivileged users to change DNS settings (CVE-2019-15718)

Bug fixes:

  • Fix GCE agent crash loop in new installs (#2608)

Updates:

Release Date: Aug 30, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.68 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Aug 16, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.65 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Flatcar updates

Bug fixes:

Release Date: Aug 8, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.65 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix Linux information leak attack vector via speculative side channel (CVE-2019-1125)

Updates:

Flatcar updates

Changes:

Release Date: Aug 1, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.62 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix Ignition fetching from S3 URLs when network is slow to start (ignition#826)

Updates:

Release Date: Jul 17, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.58 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Fix Docker device or resource busy error when creating overlay mounts, introduced in 2191.0.0

Updates:

Release Date: Jul 3, 2019

docker 18.06.3 ignition 0.33.0 kernel 4.19.56 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix Ignition panic when no guestinfo.(coreos|ignition).config parameters are specified on VMware (coreos/ignition#821)

Updates:

Release Date: Jul 1, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.55 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Temporarily revert bunzip2 change in 2163.0.0 causing decompression failures for invalid archives created by older versions of lbzip2, including Container Linux release images (#2589)

Updates:

Release Date: Jun 19, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.50 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Jun 12, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.47 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Bug fixes:

  • Temporarily revert bunzip2 change in 2163.0.0 causing decompression failures for invalid archives created by older versions of lbzip2, including Container Linux release images (#2589)

Release Date: Jun 6, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.47 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix curl TFTP buffer overflow with non-default block size (CVE-2019-5436)

Updates:

Release Date: May 21, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.44 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Updates:

Release Date: May 16, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.43 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: May 8, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.37 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix systemd MountFlags=shared option (#2579)

Changes:

  • Use Amazon’s recommended NVMe timeout for new EC2 installs (#2484)
  • Pin network interface naming to systemd v238 scheme (#2578)
  • Enable XDP sockets (#2580)

Updates:

Release Date: May 3, 2019

docker 18.06.3 ignition 0.32.0 kernel 4.19.36 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Disable new sticky directory protections for backward compatibility (#2577)

Changes:

  • Enable atlantic kernel module (#2576)

Updates:

Release Date: Apr 9, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.34 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Mar 26, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.31 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

  • Fix OpenSSH scp allowing remote servers to change target directory permissions (CVE-2018-20685)
  • Fix OpenSSH outputting ANSI control codes from remote servers (CVE-2019-6109, CVE-2019-6110)
  • Fix OpenSSH scp allowing remote servers to overwrite arbitrary files (CVE-2019-6111)
  • Fix OpenSSL side-channel timing attack (CVE-2018-5407)
  • Fix OpenSSL padding oracle attack in misbehaving applications (CVE-2019-1559)
  • Fix ntp ntpd denial of service by authenticated user (CVE-2019-8936)
  • Fix ntp buffer overflow in ntpq and ntpdc (CVE-2018-12327)

Bug fixes:

  • Fix systemd presets incorrectly handling escaped unit names (#2569)

Updates:

Release Date: Mar 12, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.28 rkt 1.30.0 systemd 241

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix systemd-journald memory leak (#2564)

Changes:

  • Enable vhost_vsock kernel module (#2563)

Updates:

Release Date: Feb 27, 2019

docker 18.06.3 ignition 0.31.0 kernel 4.19.25 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Feb 14, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.20 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Changes:

  • Revert /sys/bus/rbd/add to Linux 4.14 behavior (#2544)
  • Add a new subkey for signing release images

Updates:

Release Date: Jan 30, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.18 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Updates:

Release Date: Jan 18, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.15 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Changes:

  • Add ip_vs_mh kernel module (#2542)

Updates:

Release Date: Jan 18, 2019

docker 18.06.1 ignition 0.30.0 kernel 4.19.13 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix monitoring process events over netlink (#2537)

Updates:

Release Date: Dec 21, 2018

docker 18.06.1 ignition 0.29.1 kernel 4.19.9 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Go CPU denial of service in X.509 verification (CVE-2018-16875)
  • Fix PolicyKit always authorizing UIDs greater than INT_MAX (CVE-2018-19788)

Bug fixes:

  • Fix AWS, Azure, and GCE disk aliases in the initramfs for Ignition (#2531)

Updates:

Release Date: Dec 6, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.19.6 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Updates:

Release Date: Nov 21, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.19.2 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Disable containerd CRI plugin to stop it from listening on a TCP port (#2524)
  • Fix curl buffer overrun in NTLM authentication code (CVE-2018-14618)
  • Fix OpenSSL TLS client denial of service (CVE-2018-0732)
  • Fix OpenSSL timing side channel in DSA signature generation (CVE-2018-0734)
  • Fix OpenSSL timing side channel via SMT port contention (CVE-2018-5407)

Updates:

Release Date: Nov 8, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.19.1 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix systemd re-executing with arbitrary supplied state (CVE-2018-15686)
  • Fix systemd race allowing changing file permissions (CVE-2018-15687)
  • Fix systemd-networkd buffer overflow in the dhcp6 client (CVE-2018-15688)

Bug fixes:

  • Add AWS and GCE disk aliases in the initramfs for Ignition (#2481)
  • Add compatibility nf_conntrack_ipv4 kernel module to fix kube-proxy IPVS on Linux 4.19 (#2518)

Updates:

Release Date: Oct 26, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.19.0 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix missing kernel headers (#2505)

Updates:

Release Date: Oct 11, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.18.12 rkt 1.30.0 systemd 238

Flatcar updates

Changes:

Bug fixes:

Upstream Container Linux updates:

Updates:

Release Date: Oct 1, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.18.9 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix Google Compute Engine OS Login activation (#2503)

Updates:

Release Date: Sep 14, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.18.7 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix Docker mounting named volumes (#2497)
  • Fix Azure disk detection in Ignition (#2481)

Changes:

  • Add support for Google Compute Engine OS Login
  • Enable support for Mellanox Ethernet switches

Updates:

Release Date: Aug 29, 2018

docker 18.06.1 ignition 0.28.0 kernel 4.18.5 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

  • Add CIFS userspace utilities (#571)
  • Drop AWS PV images from regions which do not support PV

Updates:

Release Date: Aug 17, 2018

docker 18.06.0 ignition 0.27.0 kernel 4.17.15 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix PXE systems attempting to mount an ESP (#2491)

Updates:

Release Date: Aug 8, 2018

docker 18.06.0 ignition 0.26.0 kernel 4.17.12 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix failure to mount large ext4 filesystems (#2485)

Updates:

Release Date: Jul 31, 2018

docker 18.06.0 ignition 0.26.0 kernel 4.17.11 rkt 1.30.0 systemd 238

Release Date: Jul 26, 2018

docker 18.06.0 ignition 0.26.0 kernel 4.17.9 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Changes:

  • Add torcx remotes support

Updates:

Release Date: Jul 5, 2018

docker 18.05.0 ignition 0.26.0 kernel 4.17.3 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Changes:

  • Reads of /dev/urandom early in boot will block until entropy pool is fully initialized
  • Support friendly AWS EBS NVMe device names (#2399)

Updates:

Release Date: Jun 22, 2018

docker 18.05.0 ignition 0.26.0 kernel 4.16.16 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix Hyper-V network driver regression (#2454)

Changes:

Updates:

Release Date: Jun 13, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.14 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix Hyper-V network driver regression (#2454)

Release Date: Jun 12, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.14 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix failure to set network interface MTU (#2443)
  • Fix inadvertent change of network interface names (#2437)
  • Fix Docker bind mounts from root filesystem (#2440)

Changes:

  • Update VMware virtual hardware version to 11 (ESXi > 6.0)

Updates:

Release Date: Jun 1, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.13 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

  • Fix Git arbitrary code execution when cloning untrusted repositories (CVE-2018-11235)

Bug fixes:

  • Fix failure to set network interface MTU (#2443)

Updates:

Release Date: May 27, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.10 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix inadvertent change of network interface names (#2437)
  • Fix Docker bind mounts from root filesystem (#2440)

Release Date: May 26, 2018

docker 18.05.0 ignition 0.25.1 kernel 4.16.10 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Changes:

  • Enable QLogic FCoE offload support (#2367)
  • Enable hardware RNG kernel drivers (#2430)
  • Add notrap to ntpd default access restrictions (#2220)
  • Allow booting default GRUB menu entry if GRUB password is enabled (#1597)
  • coreos-install -i no longer modifies grub.cfg (#2291)
  • QEMU wrapper script now enables VirtIO RNG device

Updates:

Release Date: May 11, 2018

docker 18.04.0 ignition 0.24.0 kernel 4.16.7 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Bug fixes:

  • Fix GRUB free magic error on existing systems (#2400)

Changes:

  • Support storing sudoers in SSSD and LDAP
  • No longer publish Oracle Cloud release images

Updates:

Release Date: Apr 26, 2018

docker 18.04.0 ignition 0.24.0 kernel 4.16.3 rkt 1.30.0 systemd 238

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Pass /etc/machine-id from the host to the kubelet
  • Fix docker2aci tar conversion (#2402)
  • Switch /boot from FAT16 to FAT32 (#2246)

Changes:

  • Make Ignition failures more visible on the console

Updates:

Release Date: Apr 25, 2018

docker 18.03.0 ignition 0.24.0 kernel 4.15.15 rkt 1.29.0 systemd 238

Flatcar updates

Initial Flatcar release.

Notes:

  • Previous test images have been removed from the release servers. This is due to a new update key being generated using our updated security policy which we included in the first public image.

Upstream Container Linux updates:

Security fixes:

Bug fixes:

  • Fix GRUB crash at boot (#2284)

Updates: