mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-19 12:41:43 +02:00
Code Issues Packages Projects Releases Wiki Activity
23,004 Commits 625 Branches 412 Tags
Commit Graph

23004 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Margarita Manterola
38935a5e75 coreos-base/oem-gce: add Python aliases 
GCE recommends images to ship Python in them.  Instead of shipping the
binaries inside our vendor partition, install an alias that will
download the latest official container, for both python2 and python3.
 2020-09-18 18:29:17 +02:00
Dongsu Park
2f87fbff5d dev-db/sqlite: sync with Gentoo upstream 
Simply sync dev-db/sqlite with Gentoo upstream.

Mainly to update to 3.32.3-r1, to address CVE-2020-11656.
 2020-09-18 17:49:43 +02:00
Dongsu Park
9e6d56ed1b dev-db/sqlite: move sqlite to coreos-overlay 
Move dev-db/sqlite to coreos-overlay to resolve security issues, as well
as to keep non-full archive ebuilds.
 2020-09-18 17:47:40 +02:00
Marga Manterola
7f4483b69e Merge pull request #599 from flatcar-linux/marga-kinvolk/fix-kernel-build 
sys-kernel/coreos-modules: remove deprecated config
 2020-09-18 16:04:09 +02:00
Margarita Manterola
11d56330bd sys-kernel/coreos-modules: remove deprecated config 
We were setting `CONFIG_VGACON_SOFT_SCROLLBACK=y`, but this config
option was deleted with 20782abbbdfe922496a28f9cc0c3c0030f7dfb8f, due to
security issues.

Remove the config to let the kernel image build again.
 2020-09-18 14:07:19 +02:00
Margarita Manterola
db3bd0f9f8 coreos-base/google-oslogin: Update to 20200910 
This change updates to the latest oslogin version provided by Google.
Since our last update, this was split into a different repo and the
directory structure changed significantly.

It also added group support, which needed to be added to the
nsswitch.conf file that we ship.

Flatcar users require docker group permissions, so ensure oslogin gives
that permission by shipping a separate group.conf file that gets
installed when oslogin is enabled.
 2020-09-18 13:41:12 +02:00
Thilo Fromm
ecc026209b Merge pull request #596 from flatcar-linux/linux-5.8.10-main 
Upgrade Linux Kernel in main from 5.8.9 to 5.8.10
 2020-09-18 11:35:25 +02:00
Dongsu Park
c58f7dbfbc Merge pull request #590 from flatcar-linux/dongsu/update-pkgs-20200917 
profile: adjust profiles for jq, rsync
 2020-09-18 10:29:24 +02:00
Dongsu Park
2afd3259e5 Merge pull request #104 from flatcar-linux/dongsu/update-pkgs-20200917 
Update jq, libbsd, rsync, tcpdump, libpcap
 2020-09-18 10:29:15 +02:00
Flatcar Buildbot
4498afdfd1 app-emulation: Upgrade Containerd 1.3.7 to 1.4.1 2020-09-18 08:20:50 +00:00
Flatcar Buildbot
2b3e80a5dd sys-kernel: Upgrade coreos-kernel 5.8.9 to 5.8.10 2020-09-18 08:13:46 +00:00
Marga Manterola
4cac98c7ea Merge pull request #591 from flatcar-linux/marga-kinvolk/fix-qemu-python 
app-emulation/qemu: Fix build errors
 2020-09-17 17:38:12 +02:00
Margarita Manterola
39c2c411c1 app-emulation/qemu: Fix building errors 
The qemu update caused several errors:

* We currently don't have Python 3.8 available in the SDK, so adding it in
  the PYTHON_COMPAT field causes a build failure.
* The manifest needed to be updated
* A patch file was missing

This commit fixes these errors and makes the package build.
 2020-09-17 16:42:19 +02:00
Dongsu Park
8956a52b6a profiles: disable sse2 from CPU_FLAGS_X86 for rsync 
Since rsync 3.2.0, the ebuild sets `--enable-simd` option in case of
amd64. However, the cross toolchain in Flatcar SDK is not able to deal
with the SIMD feature, so configure in rsync fails like:

```
gcc version 8.3.0 (Gentoo Hardened 8.3.0-r1 p1.1)
configure.sh:3774: $? = 0
configure.sh:3763: x86_64-cros-linux-gnu-g++ -V >&5
x86_64-cros-linux-gnu-g++: error: unrecognized command line option '-V'
x86_64-cros-linux-gnu-g++: fatal error: no input files
compilation terminated.
```

Until we could resolve the toolchain issue, we should disable
`cpu_flags_x86_sse2`, to disable simd for rsync.
 2020-09-17 15:54:38 +02:00
Dongsu Park
700f7a9024 profiles: update keywords for app-misc/jq 
Update version of app-misc/jq to 1.6-r3 as well in accept_keywords,
since app-misc/jq in portage-stable was updated to 1.6-r3.
 2020-09-17 15:54:35 +02:00
Dongsu Park
6916f04de8 net-libs/libpcap: update to 1.9.1 
Update net-libs/libpcap to 1.9.1, to address security issue
CVE-2019-15163, an issue of allowing attackers to cause a denial of
service (NULL pointer dereference and daemon crash) if a crypt() call
fails.
 2020-09-17 13:41:47 +02:00
Dongsu Park
a9a8ee6efc net-analyzer/tcpdump: update to 4.9.3 
Update tcpdump to 4.9.3, to address security issue CVE-2018-10103,
mishandling the printing of SMB data.
 2020-09-17 13:41:45 +02:00
Dongsu Park
5490b0439c net-misc/rsync: update to 3.2.3 
Update rsync to 3.2.3, actually to update zlib bundled in rsync.
It is to address security issue CVE-2016-9841, an issue of allowing
context-dependent attackers to have unspecified impact by leveraging
improper pointer arithmetic.
 2020-09-17 13:41:42 +02:00
Dongsu Park
9384fe3321 dev-libs/libbsd: update to 0.10.0 
Update libbsd to 0.10.0, to address security issue CVE-2019-20367,
an out-of-bounds read during a comparison for a symbol name from the
string table.
 2020-09-17 13:41:23 +02:00
Dongsu Park
4c9ee1d6e8 app-misc/jq: update to 1.6-r3 
Update app-misc/jq to 1.6-r3, to address security issue CVE-2015-8863.
It is mainly to fix off-by-one error in the tokenadd function. It allows
remote attackers to cause a denial of service (crash) via a long
JSON-encoded number, which triggers a heap-based buffer overflow.
 2020-09-17 13:41:21 +02:00
Sayan Chowdhury
f68d280ab7 Merge pull request #495 from flatcar-linux/sayam/upgrade-qemu-to-5.0.0 
app-emulation/qemu: Upgrade qemu to 5.0.0
 2020-09-17 12:41:21 +05:30
Sayan Chowdhury
d953761aea app-emulation/qemu: Drop old; qemu-4.2.0-r2 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2020-09-17 12:07:35 +05:30
Sayan Chowdhury
fc9417e810 app-emulation/qemu: Upgrade qemu to 5.0.0 
Upgrade QEMU to 5.0.0 to fix the following security issues:

- [CVE-2020-11102](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11102)
- [CVE-2020-1711](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1711)
- [CVE-2020-7039](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039)

Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2020-09-17 12:07:32 +05:30
Vincent Batts
eb5affd424
Merge pull request #92 from flatcar-linux/vbatts/qemu-lint 
qemu_template: shell lint and update
 2020-09-16 10:47:08 -04:00
Vincent Batts
ed7de96c1f
qemu_template: shell lint and update 
Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
 2020-09-16 10:30:07 -04:00
Dongsu Park
2cd4943889 Merge pull request #525 from flatcar-linux/runc-1.0.0_rc92-main 
Upgrade Runc in main from 1.0.0_rc90 to 1.0.0_rc92
 2020-09-16 15:06:44 +02:00
Vincent Batts
a97df50696
qemu_template: use more cpus for ARM if available 
But don't hog all `VM_NCPUS`, as we are still emulating them

Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
 2020-09-15 17:39:35 -04:00
Kai Lüke
8e18193dca Merge pull request #589 from flatcar-linux/kai/update-engine-bump 
coreos-base/update_engine: Point to latest flatcar-master
 2020-09-14 16:12:45 +02:00
Kai Lüke
7aa31a28b8 coreos-base/update_engine: Point to latest flatcar-master 
This pulls in
https://github.com/flatcar-linux/update_engine/pull/7
 2020-09-14 16:06:08 +02:00
Dongsu Park
e6b8d5175a app-emulation/docker-runc: adapt patches for runc 1.0.0-rc91 
To fix builds, adapt patches for runc 1.0.0-rc91.
 2020-09-14 15:57:17 +02:00
Flatcar Buildbot
63adddc590 app-emulation: Upgrade Runc 1.0.0_rc90 to 1.0.0_rc92 2020-09-14 15:57:17 +02:00
Krzesimir Nowak
9b8589a03f Merge pull request #584 from flatcar-linux/krnowak/refresh-kernel-patches 
sys-kernel/coreos-sources: Regenerate the patches against 5.8.9
 2020-09-14 15:00:21 +02:00
Krzesimir Nowak
441b3d2d7b sys-kernel/coreos-sources: Regenerate the patches against 5.8.9 
These used to apply just fine with the patch utility, but git am was
complaining.
 2020-09-14 14:58:39 +02:00
Thilo Fromm
c3af3aa214 Merge pull request #587 from flatcar-linux/linux-5.8.9-main 
Upgrade Linux Kernel in main from 5.8.8 to 5.8.9
 2020-09-14 14:47:45 +02:00
Flatcar Buildbot
cb9f047507 sys-kernel: Upgrade coreos-kernel 5.8.8 to 5.8.9 2020-09-13 07:22:25 +00:00
Kai Lüke
b62702c3f4 Merge pull request #583 from flatcar-linux/kai/calico-tunnel-no-tx-offload 
coreos-base/coreos-init: Update to include Calico tunl0 networkd units
 2020-09-11 15:35:06 +02:00
Kai Lüke
6212d698d2 coreos-base/coreos-init: Update to include Calico tunl0 networkd units 
This pulls in
https://github.com/flatcar-linux/init/pull/26
 2020-09-11 15:20:56 +02:00
Vincent Batts
cc40759565 Merge pull request #553 from flatcar-linux/vbatts/lockdown 
sys-kernel: make lockdown available
 2020-09-11 07:01:46 -04:00
Dongsu Park
c30c27d91d Merge pull request #574 from flatcar-linux/dongsu/go-1.15.1 
dev-lang: Upgrade Go 1.15 to 1.15.2
 2020-09-11 09:48:45 +02:00
Thilo Fromm
e4e06454fb Merge pull request #581 from flatcar-linux/t-lo/use-latest-systemd-v245-flatcar 
sys-apps/systemd: use latest v245-flatcar
 2020-09-10 17:55:44 +02:00
Thilo Fromm
df132df652 sys-apps/systemd: use latest v245-flatcar 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-09-10 17:32:01 +02:00
Thilo Fromm
76be146d00 Merge pull request #580 from flatcar-linux/linux-5.8.8-main 
Upgrade Linux Kernel in main from 5.8.6 to 5.8.8
 2020-09-10 13:21:02 +02:00
Thilo Fromm
6ac9fd4bd5 sys-kernel/coreos-sources-5.8.8: remove tpacket patch since it's in .8 upstream 
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2020-09-10 13:18:52 +02:00
Dongsu Park
697d475b2d dev-lang: Upgrade Go 1.15 to 1.15.2 
Upgrade Go to 1.15.2, to address issues like potential cross-site scripting
vulnerability, as described in
https://groups.google.com/g/golang-announce/c/8wqlSbkLdPs .
 2020-09-10 10:34:52 +02:00
Dongsu Park
0bdb485bea Merge pull request #575 from flatcar-linux/dongsu/github-action-rust-body 
.github: improve body text of PR for dev-lang/rust
 2020-09-10 10:31:03 +02:00
Dongsu Park
60fda1c345 Merge pull request #103 from flatcar-linux/dongsu/github-action-rust-body 
.github: Improve body text of PR for virtual/rust
 2020-09-10 10:30:54 +02:00
Flatcar Buildbot
1036d87f6d sys-kernel: Upgrade coreos-kernel 5.8.6 to 5.8.8 2020-09-10 07:22:52 +00:00
Marga Manterola
857fce1565 Merge pull request #577 from flatcar-linux/marga-kinvolk/update-mantle 
coreos-devel/mantle: update to v0.15.0
 2020-09-09 23:06:34 +02:00
Margarita Manterola
21e3dd302b coreos-devel/mantle: update to v0.15.0 2020-09-09 21:57:57 +02:00
Kai Lüke
0e7039eceb Merge pull request #572 from flatcar-linux/kai/update-update_engine 
coreos-base/update_engine: Point to latest flatcar-master
 2020-09-09 21:32:28 +02:00