A distro Linux CBL-Mariner 2.0.20221029 recebe 60 correções, confira.

Microsoft CBL-Mariner 2.0.20221029

O CBL-Mariner é uma distribuição Linux interna para a infraestrutura de nuvem da Microsoft e produtos e serviços de ponta. O CBL-Mariner foi projetado para fornecer uma plataforma consistente para esses dispositivos e serviços e aumentará a capacidade da Microsoft de manter-se atualizado sobre as atualizações do Linux. Essa iniciativa faz parte do crescente investimento da Microsoft em uma ampla gama de tecnologias Linux, como SONiC, Azure Sphere OS e Windows Subsystem for Linux (WSL). O CBL-Mariner está sendo compartilhado publicamente como parte do compromisso da Microsoft com o código aberto e para contribuir com a comunidade Linux. A CBL-Mariner não altera nossa abordagem ou compromisso com nenhuma oferta de distribuição Linux de terceiros existente.

Esse lançamento é um dos maiores e numero de correções, no total de 60.

Add Instruction to filter gpg-pubkey from rpm cmd's output. Add Microsoft GPG keys to installer env Add cairomm package version 1.12.0 Add cpptest package version 1.1.2 Add dbus package provides for dbus-x11 & drop metapackage Add github check-in action to warn about bumping package versions dependent on glibc-static Add k-exec-tools to marketplace image Add kernel-drivers-gpu package Add krb5.conf to resolve pam_krb5 ptest failure Add libcroco package version 0.6.13 Add libyang2 to mariner SPECs Add logrotate conf entry for rsyslog to prevent logs growing too large Add obsoletes between qemu-common, qemu-virtiofsd Add python package python-google-auth-oauthlib and move its extended dependencies to the core Add sgx-backwards-compatability package to marketplace images Adding sriov-network-device-plugin spec file Automatic upgrade of tzdata to 2022e Bump toolkit/tools' cgmanifest.json's listing for ulikunitz/xz to v0.5.10 to match the go.mod version. Clear libtar CVE-2021-33644 and CVE-2021-33646 (both fixed by earlier patch file) Create missing systemd accounts Enable modules for TCP Congestion Algorithms Fix 4 Python ptests to use a set version of pytest. Fix 4 rubygem-* packages to obsolete older versions of ruby. Fix SPEC file import information from CentOS as MIT Fix perl-CGI, python-pytest-benchmark, and python-requests tests. Fix chroot cleanup scripts Fix cloud-init mariner variant not set properly Fix gpg key import in worker chroot Fix manifest checks with RPM 4.18 Fix python crypt to work with FIPS Fix rsyslog.logrotate signature Fix subsequent Make iso calls from failing (handle space parsing) Fix tooling to rebuild worker chroot rpm db only when necessary Fix unbound CVE Mitigated attended installation regression Move wireless-regdb and iw to Mariner core repo to resolve failure to load regulatory.db Patch aspell to fix CVE-2019-25051 Patch libtiff to fix CVE-2022-3570 Patch redis to fix CVE-2022-3647 Patched CVE-2022-34918 with livepatch-5.15.48.1-4.cm2. Remove 'ming' from SPECS-EXTENDED Remove autodetected Go modules in toolkit/tools/cgmanifest.json Update documentation with 2.0 related information and misc. fixes Update kernel-rt config to build with new glibc Update maven.spec to use macro instead of hard-coded source URL. Updated rpmops.sh: added a '/bin/sh' check. Updated livepatch macros and template to preserve signatures. Upgrade 'libtasn1' to 4.19.0 to fix CVE-2021-46848. Upgrade PHP to verion 8.1.11 and promote from SPECS-EXTENDED to SPECS Upgrade nodejs to version 16.17.1 to fix CVE-2022-32213. Upgrade cassandra version to 4.0.7 Upgrade dbus to version 1.15.2 to fix CVE-2022-42010,CVE-2022-42011,CVE-2022-42012 Upgrade expat to version 2.5.0 to fix CVE-2022-43680 Upgrade kernel to version 5.15.74.1 to fix CVE-2022-3541, CVE-2022-3544, CVE-2022-41674, CVE-2022-42719, CVE-2022-42703, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722 Upgrade mod_wsgi to version 4.9.3 to fix CVE-2022-2255 Upgrade mysql to version 8.0.31 to fix CVE-2022-21592,CVE-2022-21594,CVE-2022-21599,CVE-2022-21604,CVE-2022-21608,CVE-2022-21611,CVE-2022-21617,CVE-2022-21625,CVE-2022-21632,CVE-2022-21633,CVE-2022-21635,CVE-2022-21637,CVE-2022-21638,CVE-2022-21640,CVE-2022-21641,CVE-2022-39400,CVE-2022-39402,CVE-2022-39403,CVE-2022-39408,CVE-2022-39410 Upgrade terraform to version 1.32.2 to CVE-2021-36230 Upgrade tidy to 5.8.0 Upgrade wireshark to version 3.4.16 to fix CVE-2022-3190 Upgraded nginx to version 1.22.1 to fix CVE-2022-3638

fonte

 

Download

A Microsoft disponibiliza o sistema em .iso, faça o download abaixo.

Download Microsoft CBL-Marine Linux

 Você pode testar em VM.