A distro Linux CBL-Mariner 2.0.20220617 recebe suporte ao kernel Linux Live Patching, PXE Boot, além de correções e melhorias, confira.
Lançada a distro CBL-Mariner 2.0.20220617
O CBL-Mariner é uma distribuição Linux interna para a infraestrutura de nuvem da Microsoft e produtos e serviços de ponta. O CBL-Mariner foi projetado para fornecer uma plataforma consistente para esses dispositivos e serviços e aumentará a capacidade da Microsoft de manter-se atualizado sobre as atualizações do Linux. Essa iniciativa faz parte do crescente investimento da Microsoft em uma ampla gama de tecnologias Linux, como SONiC, Azure Sphere OS e Windows Subsystem for Linux (WSL). O CBL-Mariner está sendo compartilhado publicamente como parte do compromisso da Microsoft com o código aberto e para contribuir com a comunidade Linux. A CBL-Mariner não altera nossa abordagem ou compromisso com nenhuma oferta de distribuição Linux de terceiros existente.
Novidades e correções
As novidades e correções você confere no quadro abaixo.
Add custom package repo definitions in image configuration
Add distroless manifest format to toolkit documentation
Add emacs SPEC to Mariner
Add explicit check/run-time dependencies on mariner-release in node-problem-detector to fix test
Add iana-etc as runtime dep for fping
Add missing e2fsprogs dep to cloud-init
Add missing signature for perl-Module-Install-Repository.
Add nopatch for 2022-1734
Add packer tool SPEC and remove packer symlink in cracklib-dicts conflicts with packer tool
Add Provides to prebuilt-ca-certificates for *-microsoft and *-mozilla.
Add pxe-boot support in Mariner installer
Add run-time dependencies for perl-Crypt-SSLeay.
Add usrsctp package
Add kpatch package.
Change selinux-policy to allow unconfined domains to manipulate their own fds.
Commonize toolchain rpm extract flows
Enabled LIVEPATCH option in the kernel config.
Fix (silence) kernel ptp_kvm failure error
Fix ARM64 buildah and edk2 blocked packages fix.
Fix clamav so freshclam works on first use and freshclam can store db download in /var/lib/clamav. Also create clamav user/group
Fix filesystem upgrade issue when upgrading filesystem in container
Fix hyperv-daemons/hypervkvpd.service service ordering
Fix ocaml-ctypes test by changing test dependencies to ounit2.
Fix openssl package test failure
Fix python-mutagen package test (dropped BR on pytest & pip install latests deps)
Fix signature of hypervkvpd.service
Fix util-linux source unpacking in raw toolchain
Fix zsh package install failure by fixing shebang lines in included scripts
Patch lua to fix CVE-2021-44647.
Patch openldap to fix CVE-2022-29155
Patch php to build with updated gd.
Patch qemu to fix CVE-2021-4206
Rely on makefile to place toolchain rpms
Remove bundled gems from ruby and added provides for default gems
Remove exlusivearch from cert-manager
Remove nspr package from toolchain.
Remove smack LSM support from kernel
Remove tarballs from the repository.
Require glibc-iconv for unixODBC
Update SymCrypt and SCOSSL SPEC files to latest
Upgrade bind to 9.16.29 to fix CVE-2021-25219.
Upgrade exiv2 to 0.27.5 to fix CVE-2019-13504 CVE-2019-17402 CVE-2019…
Upgrade gd to 2.3.3 to fix CVE-2021-38115 and CVE-2021-40812
Upgrade golang to 1.18.3 to address CVE-2022-24675 & CVE-2022-28327
Upgrade gonum to 0.11.0 to fix segfault in graph/iterator.(*mapIter).next
Upgrade hivex to 1.3.21 to fix CVE-2021-3504 and CVE-2021-3622
Upgrade kernel to 5.15.45.1; kernel-rt to 5.15.44.1
Upgrade krb5 to version 1.19.3 to address CVE-2021-37750
Upgrade libarchive to 3.6.1 to address CVE-2022-26280
Upgrade libtiff to 4.4.0 to address CVE-2022-1622 & CVE-2022-1623
Upgrade logrotate to 3.20.1 to address CVE-2022-1348
Upgrade moby-runc to 1.1.2 to fix CVE-2022-29162
Upgrade ncurses to 6.3 to fix CVE-2022-29458
Upgrade ntfs-3g to 2022.5.17 to fix CVE-2021-46790
Upgrade Opensc to 0.22.0 to fix CVE-2020-26570, CVE-2020-26571, CVE-2020-26572, CVE-2021-42778, CVE-2021-42779, CVE-2021-42780, CVE-2021-42781, CVE-2021-42782
Upgrade prometheus to 2.36.0 to fix CVE-2021-29622.
Upgrade python-jwt to version 2.4.0 to fix CVE-2022-29217.
Upgrade Python-twisted to version 22.4.0 to fix CVE-2022-24801
Upgrade redis to 6.2.7 to address CVE-2022-24736
Upgrade rsync to 3.2.4
Upgrade subversion to 1.14.2 to fix CVE-2021-28544.
Upgrade telegraf to 1.23.0
Upgrade terraform version to 1.2.2
Upgrade usbredir to version 0.12.0 to fix CVE-2021-3700.
Upgrade util-linux to 2.37.4 to fix CVE-2022-0563.
Upgrade vim to 8.2.5064 for CVE-2022-1619, CVE-2022-1621, CVE-2022-1629, CVE-2022-1616, CVE-2022-1733, CVE-2022-1735, CVE-2022-1769, CVE-2022-1620, CVE-2022-1674, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796 CVE-2022-1851, CVE-2022-1886, CVE-2022-1898
Upgrade wireshark 3.4.14 to fix CVE-2021-4181 CVE-2021-4182 CVE-2021-4184 CVE-2021-4185 CVE-2021-4186 CVE-2021-4190 CVE-2021-22207 CVE-2021-22222 CVE-2021-22235 CVE-2021-39920 CVE-2021-39921 CVE-2021-39922 CVE-2021-39923 CVE-2021-39924 CVE-2021-39925 CVE-2021-39926 CVE-2021-39928 CVE-2021-39929 CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586Fonte
Download
A Microsoft disponibiliza o sistema em .iso, faça o download abaixo.
Download Microsoft CBL-Marine Linux
Você pode testar em VM.
Comentários
Postar um comentário
olá, seja bem vindo ao Linux Dicas e suporte !!