mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-21 14:31:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
2,318 Commits 619 Branches 394 Tags
Commit Graph

2318 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Marineau
ec72d7fc7c coreos-init: enable DHCP broadcast flag on VMware 
Fixes https://github.com/coreos/bugs/issues/12 for good this time.
 2014-10-03 12:20:41 -07:00
Michael Marineau
5ab02e5b4c Merge pull request #900 from abuchanan920/network-config-fix 
Fixes issue of vagrant not assigned requested IP address.
 2014-10-02 22:02:24 -07:00
Brian Waldon
af523e5a5a Merge pull request #902 from bcwaldon/bump-fleet 
fleet v0.8.3
 2014-10-02 16:23:45 -07:00
Brian Waldon
1c7a9b246c fleet: bump to v0.8.3 2014-10-02 14:17:59 -07:00
Andrew W. Buchanan
110fcd0eda Fixes issue of vagrant not assigned requested IP address. This was due to the switchover of the network interfaces to ethX format. 2014-10-02 15:35:23 -04:00
Michael Marineau
66e07f935a Merge pull request #895 from marineam/verity 
verity: prune old broken package from ChromeOS
 2014-10-01 13:40:46 -07:00
Michael Marineau
38324a9191 verity: prune old broken package from ChromeOS 
When we add verity support we will be relying on generic packages such
as cryptsetup instead of whatever unknown bits are in this code base. It
has stopped building and I thought I removed it ages ago. Oops.
 2014-10-01 12:28:57 -07:00
Alex Crawford
0b026a8b2a Merge pull request #888 from crawford/cloudinit 
coreos-base/coreos-cloudinit: bump to v0.10.5
 2014-10-01 11:23:32 -07:00
Michael Marineau
ef40f66532 Merge pull request #894 from marineam/fleet 
fleet: prune old version
 2014-10-01 11:12:06 -07:00
Michael Marineau
248be1c964 Merge pull request #893 from marineam/bash50 
bash: fix CVE-2014-7186 and CVE-2014-7187
 2014-10-01 11:11:51 -07:00
Brian Waldon
28ac16e380 Merge pull request #892 from bcwaldon/bump-fleet 
fleet v0.8.2
 2014-10-01 11:10:05 -07:00
Michael Marineau
d6a114ac27 fleet: prune old version 2014-10-01 11:08:43 -07:00
Michael Marineau
a87f75aa8d bash: fix CVE-2014-7186 and CVE-2014-7187 
Sync up with upstream gentoo, pulling in the final version of the patch
for these issues. This is functionally equivalent to 4.2_p51 but
upstream hasn't officially announced that version yet it seems.
 2014-10-01 10:43:45 -07:00
Brian Waldon
7070a34371 fleet: bump to v0.8.2 2014-09-30 14:33:39 -07:00
Michael Marineau
b8132ad96f Merge pull request #889 from marineam/bash50 
bash: function export hardening patch
 2014-09-28 20:37:34 -07:00
Michael Marineau
9eaacc58c6 bash: function export hardening patch 
Another day another bash version bump. This is the final version of the
patch to add a special prefix and suffix to exported functions in the
environment, preventing bugs similar to the previous two from becoming
remotely exploitable.

http://lists.gnu.org/archive/html/bug-bash/2014-09/msg00279.html

There still remain two less significant memory-access issues, dubbed
CVE-2014-7186 and CVE-2014-7187. So expect another bump soon.
http://www.openwall.com/lists/oss-security/2014/09/25/32
 2014-09-28 20:10:36 -07:00
Alex Crawford
2ccea0734c coreos-base/coreos-cloudinit: bump to v0.10.5 2014-09-28 09:37:53 -07:00
Vito Caputo
2a1aa70606 Merge pull request #887 from vcaputo/nohpnssh 
Disable "high performance ssh" openssh patch Gentoo includes
 2014-09-26 14:59:34 -07:00
Vito Caputo
21cd882a03 Disable "high performance ssh" openssh patch Gentoo includes 
Prioritizing security and stability over performance in SSH, omitting
this kind of patch is generally more consistent with our objectives.

Visibly this removes "-hpn14v4" from the OpenSSH protocol banner:
SSH-2.0-OpenSSH_6.6p1-hpn14v4

Discussion: https://github.com/coreos/bugs/issues/149
 2014-09-26 15:18:20 -04:00
Michael Marineau
85a218d3a1 Merge pull request #886 from marineam/gsutil 
gsutil: upgrade to 4.6, switch to using upstream ebuilds
 2014-09-26 12:12:36 -07:00
Michael Marineau
67acc2e0bc Merge pull request #885 from marineam/go 
go: update to go 1.3.2
 2014-09-26 12:12:28 -07:00
Michael Marineau
b72b7dc94d gsutil: upgrade to 4.6, switch to using upstream ebuilds 2014-09-25 22:17:10 -07:00
Michael Marineau
5cf6b403b3 go: update to go 1.3.2 2014-09-25 20:05:57 -07:00
Michael Marineau
6ad724e336 Merge pull request #882 from marineam/bash-fix 
bash: fix CVE-2014-7169
 2014-09-25 19:11:25 -07:00
Michael Marineau
fe831fce74 bash: fix CVE-2014-7169 
http://www.openwall.com/lists/oss-security/2014/09/26/1
 2014-09-25 18:58:28 -07:00
Michael Marineau
d7389284cd Merge pull request #881 from marineam/bump 
coreos-init: re-enable motdgen
 2014-09-25 17:17:10 -07:00
Michael Marineau
cc17c350cd coreos-init: re-enable motdgen 
Pull in https://github.com/coreos/init/pull/133
Fixes https://github.com/coreos/bugs/issues/145
 2014-09-25 17:02:26 -07:00
Michael Marineau
d7f17be6cd Merge pull request #879 from marineam/etc 
profiles: trim more config files from /etc
 2014-09-25 16:55:37 -07:00
Michael Marineau
afe2048e20 profiles: trim more config files from /etc 
Some of these were deleted by build_image, others were still being
shipped but aren't really needed.

The big question mark is LVM, it isn't clear if LVM's default behavior
is actually sane or if the configs are needed to make it sane. Either
way we were already removing this, but something to note in case issues
crop up eventually.
 2014-09-25 16:11:57 -07:00
Michael Marineau
96a4cafe23 Merge pull request #878 from marineam/bash 
bash: disable extra performance patches and networking support
 2014-09-25 15:31:13 -07:00
Michael Marineau
7a2cfade6f bash: disable extra performance patches and networking support 
Killing the performance patch was suggested by @vcaputo and I think we
can go without networking support as well.
 2014-09-25 15:05:40 -07:00
Michael Marineau
7d654662b9 Merge pull request #877 from marineam/bash 
bash: sync up with latest version in Gentoo
 2014-09-25 14:02:19 -07:00
Michael Marineau
028dadfb13 bash: sync up with latest version in Gentoo 
This fixes another piece of the mess but the story isn't over yet.

http://www.openwall.com/lists/oss-security/2014/09/25/10
https://bugs.gentoo.org/show_bug.cgi?id=523592
 2014-09-25 13:35:16 -07:00
Alex Crawford
9fb5e1779d Merge pull request #850 from crawford/flags 
oems: use --oem flag when running cloudinit
 2014-09-24 19:17:18 -07:00
Michael Marineau
d16c274944 Merge pull request #875 from marineam/ipv4 
coreos-init: disable downloading images over ipv6 in coreos-install
 2014-09-24 16:10:05 -07:00
Michael Marineau
179619b008 coreos-init: disable downloading images over ipv6 in coreos-install 
Some users are unable to fetch images over IPv6, use IPv4 only until we
sort out what is wrong with Google storage.
 2014-09-24 15:58:00 -07:00
Vito Caputo
2b72b5113b Merge pull request #873 from vcaputo/ue_workon_bump 
Update update_engine ebuild for oemversion support
 2014-09-24 13:58:08 -07:00
Alex Crawford
0a00950f62 coreos-base/oem-rackspace-onmetal: use --oem flag 2014-09-24 13:39:19 -07:00
Alex Crawford
cc7bd7a792 coreos-base/oem-ec2-compat: use --oem flag 2014-09-24 13:38:53 -07:00
Alex Crawford
6448bf8198 coreos-base/oem-digitalocean: use --oem flag 2014-09-24 13:37:58 -07:00
Vito Caputo
ab5cd0b1bc Update update_engine ebuild for oemversion support 2014-09-24 15:29:21 -04:00
Alex Crawford
2d27d88d32 Merge pull request #872 from crawford/bash 
app-shells/bash: sync ebuild and patches
 2014-09-24 12:21:36 -07:00
Michael Marineau
58b0fe08e2 Merge pull request #871 from marineam/cgpt 
vboot_reference: fix cgpt with cciss block devices
 2014-09-24 12:17:07 -07:00
Vito Caputo
e67ee7e0e0 Merge pull request #867 from vcaputo/oem_version 
Propagate $PVR to the oem-*/files/cloud-config.yml files as version-id
 2014-09-24 12:00:37 -07:00
Alex Crawford
46a3c6c009 app-shells/bash: sync ebuild and patches 2014-09-24 11:43:23 -07:00
Michael Marineau
cf329bbc18 vboot_reference: fix cgpt with cciss block devices 2014-09-24 11:41:07 -07:00
Michael Marineau
00e659c1ff Merge pull request #870 from marineam/scsi 
coreos-kernel: enable AACRAID and AIC94XX SCSI drivers
 2014-09-24 11:16:23 -07:00
Michael Marineau
f23cfcf1a8 coreos-kernel: enable AACRAID and AIC94XX SCSI drivers 2014-09-24 11:05:50 -07:00
Vito Caputo
fd08f00578 Propagate $PVR to the oem-*/files/cloud-config.yml files as version-id 2014-09-24 13:55:39 -04:00
Michael Marineau
81f49d1d5c Merge pull request #869 from marineam/ipset 
coreos-kernel: enable support for using ipset with iptables
 2014-09-24 10:53:46 -07:00