cos-101-17162-528-64

Security

Fixed CVE-2024-43892 in the Linux kernel.

Security

Fixed CVE-2024-44958 in the Linux kernel.

Security

Updated app-arch/libarchive to version 3.7.6. This fixed CVE-2024-48957, CVE-2024-48958.

cos-101-17162-528-61

Security

Fixed CVE-2024-44965 in the Linux kernel.

Security

Fixed CVE-2024-46829 in the Linux kernel.

Security

Fixed CVE-2024-45003 in the Linux kernel.

cos-101-17162-528-57

Fixed

Updated the GPU installer to v2.4.1.

Security

Fixed CVE-2024-46750 in the Linux kernel.

cos-101-17162-528-54

Security

Fixed CVE-2024-46679 in the Linux kernel.

Security

Fixed CVE-2024-46743 in the Linux kernel

Fixed

Updated cos-gpu-installer to v2.4.0. It identifies GPU drivers before installation.

Security

Fixed CVE-2024-42246 in the Linux kernel

Security

Fixed CVE-2024-46800 in the Linux kernel

Security

Fixed CVE-2024-40905 in the Linux kernel

Security

Fixed CVE-2024-46763 in the Linux kernel.

Security

Fixed CVE-2024-46738 in the Linux kernel

Security

Fixed CVE-2024-46721 in the Linux kernel

cos-101-17162-528-49

Security

Fixed CVE-2024-42131 in the Linux kernel

Security

Fixed CVE-2024-43817 in the Linux kernel

Security

Fixed CVE-2024-45025 in the Linux kernel

Security

Fixed CVE-2024-44940 in the Linux kernel

Security

Fixed CVE-2024-44947 in the Linux kernel

Security

Fixed CVE-2024-38588 in the Linux kernel

Security

Fixed CVE-2024-45021 in the Linux kernel

Security

Fixed CVE-2024-41012 in the Linux kernel

Security

Fixed CVE-2024-43853 in the Linux kernel

cos-101-17162-528-40

Security

Fixed CVE-2024-44986 in the Linux kernel

Security

Fixed CVE-2024-44944 in the Linux kernel

Security

Fixed CVE-2024-44987 in the Linux kernel

Security

Fixed CVE-2024-43893 in the Linux kernel

Security

Fixed CVE-2024-43871 in the Linux kernel

Security

Fixed CVE-2024-43882 in the Linux kernel

Security

Fixed CVE-2024-6232 in dev-lang/python.

Security

Updated dev-libs/expat to v2.6.3. This fixed CVE-2024-45492, CVE-2024-45490, CVE-2024-45491.

Security

Fixed CVE-2024-39468 in the Linux kernel

Security

Fixed CVE-2024-44985 in the Linux kernel

cos-101-17162-528-34

Security

Fixes CVE-2024-40958 in the Linux kernel.

Security

Fixes CVE-2024-40995 in the Linux kernel.

Security

Fixes CVE-2024-41049 in the Linux kernel.

Security

Fixes CVE-2024-43856 in the Linux kernel.

Security

Fixes CVE-2024-44934 in the Linux kernel.

Security

Fixes CVE-2023-7256 in net-libs/libpcap.

Security

Fixes CVE-2024-40959 in the Linux kernel.

Security

Fixes CVE-2024-41055 in the Linux kernel.

Security

Fixes CVE-2024-43828 in the Linux kernel.

Security

Fixes CVE-2024-41073 in the Linux kernel.

cos-101-17162-528-27

Security

Fixed KCTF-c07ff85 in the Linux kernel.

Security

Fixed CVE-2024-40961 in the Linux kernel.

Security

Fixed CVE-2024-42102 in the Linux kernel.

Security

Fixed CVE-2024-42270 in the Linux kernel.

Security

Fixed CVE-2024-41098 in the Linux kernel.

Security

Fixed CVE-2024-40994 in the Linux kernel.

Security

Fixed CVE-2024-40960 in the Linux kernel.

Security

Fixed CVE-2024-41000 in the Linux kernel.

Security

Fixed CVE-2024-43854 in the Linux kernel.

Security

Fixed CVE-2024-42269 in the Linux kernel.

Security

Updated app-editors/vim, app-editors/vim-core to version 9.1.0686. This fixed CVE-2024-41957, CVE-2024-41965.

Security

Fixed CVE-2024-42283 in the Linux kernel.

Security

Fixed CVE-2024-37370, CVE-2024-37371 in app-crypt/mit-krb5.

Security

Fixed CVE-2023-52889 in the Linux kernel.

Security

Fixed CVE-2024-40954 in the Linux kernel.

cos-101-17162-528-16

Security

Fixed CVE-2024-42154 in the Linux kernel

Change

Runtime sysctl changes:

• Changed: fs.file-max: 813025 -> 813018
• Changed: kernel.threads-max: 63552 -> 63551
• Changed: net.ipv4.tcp_mem: 94140 125520 188280 -> 94137 125519 188274
• Changed: net.ipv4.udp_mem: 188280 251041 376560 -> 188277 251039 376554
• Changed: user.max_cgroup_namespaces: 31776 -> 31775
• Changed: user.max_ipc_namespaces: 31776 -> 31775
• Changed: user.max_mnt_namespaces: 31776 -> 31775
• Changed: user.max_net_namespaces: 31776 -> 31775
• Changed: user.max_pid_namespaces: 31776 -> 31775
• Changed: user.max_time_namespaces: 31776 -> 31775
• Changed: user.max_user_namespaces: 31776 -> 31775
• Changed: user.max_uts_namespaces: 31776 -> 31775

Security

Fixed CVE-2024-42247 in the Linux kernel

Security

Fixed CVE-2023-0597 in the Linux kernel.

Security

Fixed CVE-2024-41087 in the Linux kernel

cos-101-17162-528-12

Announcement

This is an LTS Refresh release.

Security

Fixed CVE-2024-42229 in the Linux kernel.

Security

Fixed CVE-2021-36084, CVE-2021-36085, CVE-2021-36086, CVE-2021-36087 in sys-libs/libsepol.

Security

Fixed CVE-2024-39472 in the Linux kernel.

Feature

Updated cos-gpu-installer to v2.3.5 - Improved error messaging for incompatible GPU driver input.

Security

Fixes CVE-2024-36901 in the Linux kernel.

Security

Fixed CVE-2024-42082 in the Linux kernel.

Security

Fixes CVE-2024-39482 in the Linux kernel.

Security

Fixed CVE-2024-6345 in dev-python/setuptools.

Security

Fixed CVE-2024-6602 in dev-libs/nss.

Security

Updated ncurses to 6.4_p20240414. This resolves CVE-2023-45918.

Fixed

Disable NVIDIA persistence mode with -no-verify flag.

Security

Fixed CVE-2024-2511, CVE-2024-4741, CVE-2024-5535 in dev-libs/openssl.

Security

Fixed CVE-2024-38577 in the Linux kernel.

Security

Upgraded curl to v8.9.0. This fixes CVE-2024-6197.

Feature

Removed crash-reporter KVM support.

Security

Fixed CVE-2024-42068 in the Linux kernel.

Feature

Enabled the feature to utilize the gpu_driver_versions proto file for controlling the specific GPU driver version to be installed for each GPU type.

Feature

Removed dev-go/grpc.

cos-101-17162-463-62

Security

Fixed CVE-2024-24790 and CVE-2024-24789 in dev-lang/go.

Feature

Added the package revision number to the SSH banner in net-misc/openssh.

cos-101-17162-463-58

Security

Fixed CVE-2024-36978 in the Linux kernel.

Security

Updated net-misc/wget to v1.24.5. This fixed CVE-2024-38428.

Feature

Updated cos-gpu-installer to v2.3.5.

cos-101-17162-463-55

Security

Fixed CVE-2024-38662 in the Linux kernel.

Change

Runtime sysctl changes:

• Added: net.ipv4.tcp_rto_min_us: 200000

Security

Fixed CVE-2024-6387 in net-misc/openssh.

cos-101-17162-463-51

Fixed

Fixed upload throughput in gVisor container in gVNIC.

Fixed

Fixed a crash in the Linux kernel.

cos-101-17162-463-48

Security

Fixed CVE-2024-26583 in the Linux kernel.

Security

Upgraded app-arch/libarchive to version 3.7.4. Fixes CVE-2024-26256.

Security

Fixes CVE-2024-36938 in the Linux kernel.

Security

Update R550, latest driver to v550.90.07.This fixes CVE-2024-0090, CVE-2024-0091, CVE-2024-0092 Update R535 to v535.183.01.This fixes CVE-2024-0090, CVE-2024-0092 Update R470, default driver to v470.256.02.This fixes CVE-2024-0090, CVE-2024-0092

Security

Upgraded app-arch/lz4 to 1.9.4. Fixes CVE-2021-3520.

Security

Fixed CVE-2024-26584 in the Linux kernel.

Security

Fixes CVE-2024-36902 in the Linux kernel.

cos-101-17162-463-42

Fixed

Updated cos-gpu-installer to v2.3.3. This resolves potential synchronization issues and ensures proper cleanup of mounts in GPU driver installation directory configuration.

Security

Updated dev-vcs/git to v2.45.1. This fixes CVE-2024-32002,CVE-2024-32020,CVE-2024-32465,CVE-2024-32004,CVE-2024-32021.

Security

Updated cos-gpu-installer to v2.3.4. This fixes CVEs: CVE-2023-29402, CVE-2023-29405, CVE-2023-29404, CVE-2023-24540, CVE-2023-24538, CVE-2022-41721, GHSA-m425-mq94-257g, CVE-2022-41715, CVE-2022-30633, CVE-2022-41724, CVE-2022-2880, CVE-2022-30631, CVE-2021-29923, CVE-2022-24675, CVE-2022-30580, CVE-2022-41723, CVE-2023-24534, CVE-2022-41725, CVE-2022-2879, CVE-2023-24539, CVE-2022-30635, CVE-2023-45285, CVE-2022-32149, CVE-2023-24537, CVE-2022-32189, CVE-2022-28131, CVE-2023-39323, CVE-2022-28327, CVE-2022-30630, CVE-2023-44487, CVE-2023-39325, CVE-2022-27664, CVE-2023-45287, CVE-2023-29400, CVE-2023-24536, CVE-2023-29403, CVE-2022-30632, CVE-2023-39318, CVE-2020-29511, CVE-2024-24786, CVE-2023-3978, CVE-2022-41717, CVE-2022-32148, CVE-2023-39326, CVE-2023-45288, CVE-2022-1962, CVE-2023-24532, CVE-2023-39319, CVE-2022-1705, CVE-2020-29509, CVE-2023-29406, CVE-2023-29409, CVE-2022-30629

Fixed

Fixed frequent restarts in the fluent-bit stackdriver plugin.

Security

Fixed CVE-2024-27018 and CVE-2024-36008 in the linux kernel.

cos-101-17162-463-37

Security

Fixed CVE-2024-34459 in the libxml2 package.

Fixed

Fixed a bug in auto update engine when confidential VMs are enabled.

Security

Fixed CVE-2024-27013 in the linux kernel.

Fixed

Updated cos-gpu-installer to v2.3.2.

cos-101-17162-463-29

Security

Updated sys-apps/apparmor to v2.13.11. This resolves CVE-2016-1585.

Security

Updated net-libs/gnutls to v3.8.5. This fixes CVE-2024-28834.

Fixed

Fixed system-accounts-secured benchmark by changing the system account range used in the benchmark.

cos-101-17162-463-26

Change

Updated cos-gpu-installer to v2.3.1.

Security

Fixed CVE-2024-26900 in the Linux kernel.

Feature

Add IPv6 support for endor boards.

cos-101-17162-463-16

Security

Fixed CVE-2023-32681 in dev-python/requests.

Security

Updated net-dns/c-ares to v1.27. This fixed CVE-2024-25629.

Security

Fixed CVE-2024-26921 in the Linux kernel.

Security

Fixed CVE-2023-0687, CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602 in sys-libs/glibc.

Change

Updated cos-gpu-installer to v2.3.0.

Security

Fixed CVE-2017-18207 in dev-lang/python.

Security

Fixed CVE-2021-37600, CVE-2021-3995, CVE-2021-3996 in sys-apps/util-linux.

Security

Fixed CVE-2022-2806 in app-admin/sosreport.

cos-101-17162-463-8

Announcement

This is an LTS Refresh release.

Security

Updated app-arch/tar to v1.35. This fixed CVE-2023-39804.

Security

Updated dev-libs/expat to v2.6.2. This fixed CVE-2022-40674, CVE-2022-43680, CVE-2023-52425, CVE-2023-52426, CVE-2024-28757.

Security

Fixed CVE-2024-26602 in the Linux kernel.

Fixed

Updated docker and docker-cli to v20.10.27.

Security

Updated dev-python/pyyaml to v5.4.1. This fixed CVE-2017-18342, CVE-2019-20477, CVE-2020-14343, CVE-2020-1747.

Security

Updated net-misc/curl to v8.7.1. This fixed CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466.

Security

Fixed CVE-2023-4641 in sys-apps/shadow.

Security

Fixed issues with the SRSO vulnerability mitigation (CVE-2023-20569). This fix might negatively impact the performance of your workloads on AMD machine types.

Security

Updated app-admin/sudo to v1.9.15_p5. This fixed CVE-2022-33070, CVE-2022-43995, CVE-2023-22809, CVE-2023-27320, CVE-2023-28486, CVE-2023-28487, CVE-2023-42465.

Security

Fixed CVE-2024-26603 in the Linux kernel.

Security

Updated dev-vcs/git to v2.44.0. This fixed CVE-2022-23521, CVE-2022-24765, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2022-41903, CVE-2023-22490, CVE-2023-23946, CVE-2023-25652, CVE-2023-25815, CVE-2023-29007.

Security

Fixed CVE-2023-50387, CVE-2023-50868, CVE-2023-7008 in sys-apps/systemd.

Security

Updated net-dns/c-ares to v1.19.1. This fixed CVE-2022-4904, CVE-2023-31124, CVE-2023-31130, CVE-2023-31147, CVE-2023-32067

Feature

Included nvidia plugin in sosreport.

Security

Updated sys-apps/shadow to v4.12.3. This resolves CVE-2013-4235.

Security

Fixed CVE-2023-0767, CVE-2023-5388, CVE-2023-6135, CVE-2024-0743 in dev-libs/nss.

Feature

Updated cos-gpu-installer to v2.1.11. Added major version specification for GPU driver installation.

Security

Fixed CVE-2024-26601 in the Linux kernel.

Security

Fixed CVE-2023-5678 in dev-libs/openssl.

Security

Updated sys-libs/zlib to v1.2.13. This fixed CVE-2018-25032, CVE-2022-37434.

Security

Fixed CVE-2024-28182 in net-libs/nghttp2.

Change

Runtime sysctl changes:

• Changed: fs.file-max: 813030 -> 813025
• Changed: net.ipv6.route.max_size: 4096 -> 2147483647

cos-101-17162-386-65

Fixed

Fixed a crash during CIFS volumes mount.

cos-101-17162-386-64

Fixed

Updated NVIDIA GPU drivers to v550.54.15. Fixed a potential corruption when launching kernels on H100 GPUs, which is more likely to occur when the GPU is shared between multiple processes.

Fixed

Updated NVIDIA GPU drivers to v535.161.08. Fixed a potential corruption when launching kernels on H100 GPUs.

cos-101-17162-386-59

Feature

Added NVIDIA GPU drivers R550 branch and update latest to 550.54.14.

cos-101-17162-386-57

Security

Fixed CVE-2023-52443 in the Linux kernel.

Security

Fixed CVE-2024-26585 in the Linux kernel.

Security

Fixed CVE-2024-26589 in the Linux kernel

Security

Fixed CVE-2023-52435 in the Linux kernel.

Security

Fixed CVE-2023-52434 in the Linux kernel.

Security

Fixed CVE-2023-52439 in the Linux kernel.

Fixed

Fixed bug in google-guest-agent service enablement.

Security

Fixed CVE-2024-26591 in the Linux kernel.

cos-101-17162-386-47

Security

Updated app-editors/vim to 9.0.2167. This fixed CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667.

Security

Fixed CVE-2024-0727 in dev-libs/openssl.

Security

Fixed CVE-2023-52447 in the Linux kernel.

cos-101-17162-386-43

Feature

Updated cos-gpu-installer to v2.2.1. Fixed cached driver installation error with network disabled. Added force-fallback flag, major version specification for GPU driver installation and fixed ordering of kernel module loading for nvidia-modeset and nvidia-drm

Security

Updated NVIDIA GPU drivers to v470.239.06 and v535.161.07. This fixes CVE-2024-0074, CVE-2024-0075 and CVE-2022-42265.

cos-101-17162-386-37

Security

Fixed CVE-2024-23851 in the Linux kernel.

Security

Fixed CVE-2024-24557 in app-emulation/docker.

cos-101-17162-386-33

Security

Updated dev-libs/libxml2 to 2.11.7. This fixes CVE-2024-25062.

Security

Fixed CVE-2024-26581 in the Linux kernel.

Security

Fixed CVE-2022-3567 in the Linux kernel.

Security

Fixed CVE-2024-1086 in the Linux kernel.

Security

Fixed CVE-2022-3566 in the Linux kernel.

Change

Updated app-emulation/containerd to 1.6.28.

Security

Upgraded net-misc/curl to version 8.6.0. This fixes CVE-2024-0853.

cos-101-17162-386-22

Security

Fixed CVE-2023-40546, CVE-2023-40547 CVE-2023-40548, CVE-2023-40549, CVE-2023-40550 and CVE-2023-40551 in sys-boot/shim.

Security

Fixed CVE-2024-1085 and CVE-2023-46838 in the Linux kernel.

Security

Fixed CVE-2023-5678 in dev-libs/openssl.

Security

Fixed CVE-2024-0567 and CVE-2024-0553 in net-libs/gnutls.

Feature

Fragmented nvidia-drivers and nvidia-drivers-open pkg into separate packages per major version.