Generic Kernel version-release: kernel-5.15.158.2-1

Added azl-compliance package. Added tzdata dependency for php-pecl-zip. Added back-compat symlink for docker-proxy to moby-engine. Added fix for cloud-init growpart to selinux-policy. Added patch for kubevirt CVE-2024-24786. Added patch for pytorch CVE-2024-27318. Added patch for ruby CVE-2024-35176. Added patch for rubygem-rexml CVE-2024-35176. Added patch in cri-o for CVE-2024-21626. Added patch to moby-engine to address CVE-2023-44487. Added patch to nodejs18 to address CVE-2023-21100. Added patch to add network interface renaming support for CAPM3 Met. Added stable release maintainers to CODEOWNERS. Addressed graphviz CVE-2023-46045 & CVE-2020-18032. Addressed hvloader openssl related CVEs (CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304). Addressed reaper CVE-2024-4068. Addressed hyperv-daemons CVE-2024-26951, CVE-2024-26961, CVE-2024-26965, CVE-2024-26966, CVE-2024-26973, CVE-2024-26977, CVE-2024-26984, CVE-2024-26993, CVE-2024-27000, CVE-2024-27018, CVE-2024-35848, CVE-2024-35912, CVE-2024-36008, CVE-2023-3269, CVE-2023-3338, CVE-2023-33951, CVE-2023-33952, CVE-2023-35826. Addressed kernel CVE-2022-38096, CVE-2023-47233, CVE-2023-52827, CVE-2024-25739, CVE-2024-26900, CVE-2024-26902, CVE-2024-26929, CVE-2024-26934, CVE-2024-26949, CVE-2024-26952, CVE-2024-26979, CVE-2024-27013, CVE-2024-27015, CVE-2024-27016, CVE-2024-27018, CVE-2024-27019, CVE-2024-27020, CVE-2024-35978, CVE-2024-35982, CVE-2024-35984, CVE-2024-35990, CVE-2024-35997, CVE-2024-36008, CVE-2023-52447, CVE-2024-21803, CVE-2024-26587, CVE-2024-26588. Attached EOL manifest to base containers as well. Built redis with BUILD_TLS=yes. CVE-2022-34169: docbook-style-xsl - upgraded embedded xalan jar from 2.7.2 to 2.7.3. Enabled KNI module in DPDK build. Fixed ceph CVE-2023-43040. Fixed dhcp CVE-2022-38177, CVE-2022-38178, CVE-2022-2795 for bind. Fixed fluent-bit CVE-2024-34250. Fixed Fluent-bit issues #8198 and #8025. Fixed glibc nscd breakage and patched CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602. Fixed kubernetes missing autopatch for CVE-2023-5408. Fixed moby-compose CVE-2024-24786, CVE-2024-23650, CVE-2023-2253. Fixed openssl CVE-2023-50782 affecting python-cryptography. Fixed openssl to only free buffers when done. Fixed prometheus-adapter CVE-2024-24786. Fixed python-jinja2 for CVE-2024-34064. Fixed pytorch CVE-2024-31584. Fixed CVE-2023-45288 in multiple packages. Fixed CVE-2023-48795 in moby-compose by patching vendor packages. Fixed CVE-2024-3154 in package cri-o. Fixed CVE-2024-34459 for libxml2. Fixed epoch matching in 'InstallPackageRegex'. Fixed Kubernetes missing auto patch. Fixed Perl automatic requires and provides. Fixed Ptest zchunk. Mitigated libdwarf CVE-2024-2002. Moved nmi from SPEC to SPEC-EXTENDED. Moved src tarballs to AME - mariner 2.0. Patched apparmor for CVE-2024-31755. Patched bluez for CVE-2023-50229. Patched ceph for multiple CVEs. Patched coredns cache plugin to address CVE-2024-0874. Patched cups CVE-2022-26691. Patched dhcp for CVE-2023-2828. Patched frr CVE-2024-27913 and CVE-2024-34088. Patched libvirt for CVE-2024-4418. Patched python-requests CVE-2024-35195. Patched python-tqdm CVE-2024-34062. Patched python-werkzeug CVE-2024-34069. Patched ruby CVE-2024-27282. Patched CVE-2024-26147 for cert-manager. Re-fixed telegraf CVE-2024-28110. Refactored Golden Container main. Removed newly added explicit version dependencies in gdal and netcdf. Resolved hvloader CVEs in edk2's bundled openssl. Resolved telegraf CVE-2024-27289. Resolved overflow warnings from installutils.go:ProvisionUserSSHCerts. Resolved regressed ansible CVE-2023-5764. Tuned some kernel configs for aarch64. Updated facter version to support Mariner. Updated kernel-mos to 5.15.158.2. Updated python h5py to fix build break caused by recent HDF5 update. Updated and corrected ruby CVE-2024035176.patch. Updated OpenSSL version in python-cryptography to fix CVE-2023-50782. Upgraded azcopy to 10.24.0 to fix multiple security issues. Upgraded azl-compliance to version 1.0.2. Upgraded clamav to 1.0.6. Upgraded cri-o to v1.22.3 to resolve regressed CVE-2022-0811. Upgraded cri-tools to 1.29.0 CVE-2023-45142. Upgraded fluent-bit to 2.2.3 to fix CVE-2024-4323. Upgraded git to 2.39.4 Fix CVE-2024-32002, CVE-2024-32004, CVE-2024-32020, CVE-2024-32021, CVE-2024-32465. Upgraded hdf5 to 1.14.4. to fix several CVEs. Upgraded httpd to fix CVE-2024-27316, CVE-2023-38709, and CVE-2024-24795. Upgraded iperf3 3.14 -> 3.17 to address CVE-2024-26306. Upgraded kata(-cc) to LSG release v2405.9.2. Upgraded kernel to 5.15.158.2. Upgraded msft-golang 1.22.2 -> 1.22.3 to address CVE-2024-24787 & CVE-2024-24788. Upgraded net-snmp to 5.9.4 Fixes for CVE-2022-44792 and CVE-2022-44793. Upgraded nodejs18 to 18.20.2 address CVEs. Upgraded openvswitch to 2.17.9 to fix CVE-2023-5366 and CVE-2023-3966. Upgraded php to 8.1.28 to fix CVE-2024-2756, CVE-2024-3096. Upgraded postgresql to 14.12 CVE-2024-4317. Upgraded rubygem-rexml to 3.2.7 to resolve CVE-2024-35176. Upgraded zeromq to 4.3.5. Upgraded Kata to 3.2.0.azl1. Used legacy builder for distroless golden containers.