Add configurability in systemd to control default value of UseDomains parameter Add image-id file in etc dir to support off-cycle container and image upgrades Bump golang.org/x/net from 0.18.0 to 0.23.0 in /toolkit/tools Cherry-pick delta for Overlay Dracut Module from 3.0-dev to main. Downgrade cloud-init to 23.3 via epoch. (New version is 1:23.3-2) Enable CONFIG_NFT_OBJREF Fix CVE-2024-22189 in coredns by patching vendored package quic-go
Fix CVE-2024-28085 in util-linux by backporting the patch
Fix extended build breaks for libotr, gupnp, samba Fix openssl unconstrained session cache growth in TLSv1.3 Fix the date in logs Fixed setting of the ToolkitVersion variable for our Go tools. Moved distroless cert dependencies out of the meta package distroless-packages. Patch Perl for CVE-2023-47100, CVE-2023-31484, CVE-2023-31486 Patch cri-o to fix CVE-2021-3602, CVE-2022-27651, CVE-2022-2995, CVE-2023-42821 Patch cups for CVE-2023-4504, CVE-2023-32324 and CVE-2023-34241 Patch kubernetes for CVE-2023-5408
Patch less for cve-2024-32487 Patch libreswan for cve-2024-3652 Patch libvirt for CVE-2024-2494 Patch nodejs to fix CVE-2024-27983 Patch pytorch for CVE-2024-27319, CVE-2024-31580 CVE-2024-31583 Patch ruby for CVE-2024-27280 and CVE-2024-27281 Patch terraform for CVE-2024-3817 vendored go-getter Remove Kernel Required Configs Check Remove nodejs(16) as it's End of Life Remove obsolete build dependency from moby-containerd-cc Update selinux-policy to add checkpoint restore for getty. Update sos to copy kernel config and vmcore Upgrade ca-certificates Msft cert change Upgrade conmon to 2.1.2 to fix CVE-2022-1708 Upgrade cri-o to 1.21.7 for CVE-2022-0811, add patch for CVE-2022-1708
Upgrade dhcp to 4.4.3 to fix CVE-2022-2928 and CVE-2022-2929 Upgrade fluent-bit to 2.2.2 to fix CVE-2024-23722 Upgrade git-lfs from 3.4.1 -> 3.5.1 to address CVE-2023-39325 & CVE-2023-45288 Upgrade git-lfs to 3.4.1 to fix multiple CVEs
Upgrade moby-engine & moby-cli from 20.10.27 -> 24.0.9 Upgrade msft-golang from 1.21.8 -> 1.22.2 Upgrade opa to 0.63.0 to fix CVE-2023-45142 Upgrade packer to 1.10.1 to address CVE-2023-49569
Upgrade skopeo from 0.14.1 -> 0.14.2 to include Docker Daemon fix Upgrade telegraf to 1.29.4 to fix CVE-2023-50658 [kata-cc] kata-packages-uvm: add cifs-utils as dependency
[kata-cc] kernel-uvm: enable CIFS modules