Skip to content

1.0 CBL-Mariner April Update 2021

Compare
Choose a tag to compare
@jslobodzian jslobodzian released this 07 May 07:36
· 1385 commits to 1.0 since this release
340f9f8

Add bmake package
Add custom installkernel package
Add ESpeakUp Accessibility support in ISO.
Update Kubernetes

Configure /proc with hidepid by default and add doPseudoFsMount to addEntryToFstab

Enable CONFIG_CRYPTO_DRBG_HASH, CONFIG_CRYPTO_DRBG_CTR
Enable Secure Boot
Enable multiple CBL-Mariner branches to build publicly, update documentation to use blob-store for tar.gz files instead of SRPM files.

Upgrade OpenSSL to 1.1.1k
Upgrade kernel to 5.10.28.1
Upgrade openvswitch to 2.12.3
Upgrade mariadb to 10.3.28
Upgrade cairo to 1.17.4
Upgrade moby-engine and moby-cli to version 19.10.15
Upgrade ClamAV to 0.103.2 to fix multiple CVEs
Upgrade sqlite to 3.34.1 to fix CVE-2021-20227
Upgrade Nettle to 3.7.2 for CVE-2021-20305
Upgrade OpenSSL to 1.1.1k
Upgrade curl to 7.76
Update license info for 'kubernetes' and 'coredns'.
Upgrade OpenJDK8 to patch 292 (address multiple CVEs)
Upgrade icu to 68.2.0.6
Upgrade tzdata to 2021a
Upgrade mysql to 8.0.24 to fix 30 CVEs
Upgrade dnsmasq to 2.85 to fix CVE-2021-3348
Upgrade git to 2.23.4 for CVE-2021-21300

Fix growpart disk-lock timeout issue (patched workaround)
Fix c-ares/grpc issue. Remove grpc vendoring of c-ares.
Fix python3 test_ssl tests
Fix ARM64 ISO Installer Boot issue (Disable CONFIG_EFI_DISABLE_PCI_DMA)
Fixed ABI incompatibility issue: 'keepalived' now links against latest 'net-snmp' library.
Fix installation and removal of atd.service

CVE-2020-27618, CVE-2020-35492, CVE-2020-36323, CVE-2020-36317

CVE-2021-1386, CVE-2021-1404, CVE-2021-1405, CVE-2021-2164, CVE-2021-2169, CVE-2021-2170, CVE-2021-2171, CVE-2021-2172, CVE-2021-2174, CVE-2021-2179, CVE-2021-2180, CVE-2021-2193, CVE-2021-2194, CVE-2021-2196, CVE-2021-2201, CVE-2021-2203, CVE-2021-2208, CVE-2021-2212, CVE-2021-2215, CVE-2021-2217, CVE-2021-2226, CVE-2021-2230, CVE-2021-2232, CVE-2021-2278, CVE-2021-2293, CVE-2021-2298, CVE-2021-2300, CVE-2021-2299, CVE-2021-2301, CVE-2021-2304, CVE-2021-2305, CVE-2021-2307, CVE-2021-2308, CVE-2021-3348, CVE-2021-3392, CVE-2021-3409, CVE-2021-3416, CVE-2021-3421, CVE-2021-3449, CVE-2021-3450, CVE-2021-3470, CVE-2021-20227, CVE-2021-20271, CVE-2021-20305, CVE-2021-21300, CVE-2021-22876, CVE-2021-22890, CVE-2021-27506, CVE-2020-27827, CVE-2021-27928, CVE-2021-28153, CVE-2021-28875, CVE-2021-28876, CVE-2021-28877, CVE-2021-28878, CVE-2021-28879, CVE-2021-29648, CVE-2021-30004