Lançada a distro CBL-Mariner 2.0.20220617


A distro Linux CBL-Mariner 2.0.20220617 recebe suporte ao kernel Linux Live Patching, PXE Boot, além de correções e melhorias, confira.

Lançada a distro CBL-Mariner 2.0.20220617

O CBL-Mariner é uma distribuição Linux interna para a infraestrutura de nuvem da Microsoft e produtos e serviços de ponta. O CBL-Mariner foi projetado para fornecer uma plataforma consistente para esses dispositivos e serviços e aumentará a capacidade da Microsoft de manter-se atualizado sobre as atualizações do Linux. Essa iniciativa faz parte do crescente investimento da Microsoft em uma ampla gama de tecnologias Linux, como SONiC, Azure Sphere OS e Windows Subsystem for Linux (WSL). O CBL-Mariner está sendo compartilhado publicamente como parte do compromisso da Microsoft com o código aberto e para contribuir com a comunidade Linux. A CBL-Mariner não altera nossa abordagem ou compromisso com nenhuma oferta de distribuição Linux de terceiros existente.

 Novidades e correções

As novidades e correções você confere no quadro abaixo.

Add custom package repo definitions in image configuration Add distroless manifest format to toolkit documentation Add emacs SPEC to Mariner Add explicit check/run-time dependencies on mariner-release in node-problem-detector to fix test Add iana-etc as runtime dep for fping Add missing e2fsprogs dep to cloud-init Add missing signature for perl-Module-Install-Repository. Add nopatch for 2022-1734 Add packer tool SPEC and remove packer symlink in cracklib-dicts conflicts with packer tool Add Provides to prebuilt-ca-certificates for *-microsoft and *-mozilla. Add pxe-boot support in Mariner installer Add run-time dependencies for perl-Crypt-SSLeay. Add usrsctp package Add kpatch package. Change selinux-policy to allow unconfined domains to manipulate their own fds. Commonize toolchain rpm extract flows Enabled LIVEPATCH option in the kernel config. Fix (silence) kernel ptp_kvm failure error Fix ARM64 buildah and edk2 blocked packages fix. Fix clamav so freshclam works on first use and freshclam can store db download in /var/lib/clamav. Also create clamav user/group Fix filesystem upgrade issue when upgrading filesystem in container Fix hyperv-daemons/hypervkvpd.service service ordering Fix ocaml-ctypes test by changing test dependencies to ounit2. Fix openssl package test failure Fix python-mutagen package test (dropped BR on pytest & pip install latests deps) Fix signature of hypervkvpd.service Fix util-linux source unpacking in raw toolchain Fix zsh package install failure by fixing shebang lines in included scripts Patch lua to fix CVE-2021-44647. Patch openldap to fix CVE-2022-29155 Patch php to build with updated gd. Patch qemu to fix CVE-2021-4206 Rely on makefile to place toolchain rpms Remove bundled gems from ruby and added provides for default gems Remove exlusivearch from cert-manager Remove nspr package from toolchain. Remove smack LSM support from kernel Remove tarballs from the repository. Require glibc-iconv for unixODBC Update SymCrypt and SCOSSL SPEC files to latest Upgrade bind to 9.16.29 to fix CVE-2021-25219. Upgrade exiv2 to 0.27.5 to fix CVE-2019-13504 CVE-2019-17402 CVE-2019… Upgrade gd to 2.3.3 to fix CVE-2021-38115 and CVE-2021-40812 Upgrade golang to 1.18.3 to address CVE-2022-24675 & CVE-2022-28327 Upgrade gonum to 0.11.0 to fix segfault in graph/iterator.(*mapIter).next Upgrade hivex to 1.3.21 to fix CVE-2021-3504 and CVE-2021-3622 Upgrade kernel to 5.15.45.1; kernel-rt to 5.15.44.1 Upgrade krb5 to version 1.19.3 to address CVE-2021-37750 Upgrade libarchive to 3.6.1 to address CVE-2022-26280 Upgrade libtiff to 4.4.0 to address CVE-2022-1622 & CVE-2022-1623 Upgrade logrotate to 3.20.1 to address CVE-2022-1348 Upgrade moby-runc to 1.1.2 to fix CVE-2022-29162 Upgrade ncurses to 6.3 to fix CVE-2022-29458 Upgrade ntfs-3g to 2022.5.17 to fix CVE-2021-46790 Upgrade Opensc to 0.22.0 to fix CVE-2020-26570, CVE-2020-26571, CVE-2020-26572, CVE-2021-42778, CVE-2021-42779, CVE-2021-42780, CVE-2021-42781, CVE-2021-42782 Upgrade prometheus to 2.36.0 to fix CVE-2021-29622. Upgrade python-jwt to version 2.4.0 to fix CVE-2022-29217. Upgrade Python-twisted to version 22.4.0 to fix CVE-2022-24801 Upgrade redis to 6.2.7 to address CVE-2022-24736 Upgrade rsync to 3.2.4 Upgrade subversion to 1.14.2 to fix CVE-2021-28544. Upgrade telegraf to 1.23.0 Upgrade terraform version to 1.2.2 Upgrade usbredir to version 0.12.0 to fix CVE-2021-3700. Upgrade util-linux to 2.37.4 to fix CVE-2022-0563. Upgrade vim to 8.2.5064 for CVE-2022-1619, CVE-2022-1621, CVE-2022-1629, CVE-2022-1616, CVE-2022-1733, CVE-2022-1735, CVE-2022-1769, CVE-2022-1620, CVE-2022-1674, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796 CVE-2022-1851, CVE-2022-1886, CVE-2022-1898 Upgrade wireshark 3.4.14 to fix CVE-2021-4181 CVE-2021-4182 CVE-2021-4184 CVE-2021-4185 CVE-2021-4186 CVE-2021-4190 CVE-2021-22207 CVE-2021-22222 CVE-2021-22235 CVE-2021-39920 CVE-2021-39921 CVE-2021-39922 CVE-2021-39923 CVE-2021-39924 CVE-2021-39925 CVE-2021-39926 CVE-2021-39928 CVE-2021-39929 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586

Fonte

Download

A Microsoft disponibiliza o sistema em .iso, faça o download abaixo.

Download Microsoft CBL-Marine Linux

 Você pode testar em VM.


Comentários

Você precisa ver isso

Todos os arquivos do blog

Mostrar mais