diff --git a/Makefile b/Makefile
index 894bd058f..c59167db0 100644
--- a/Makefile
+++ b/Makefile
@@ -14,7 +14,7 @@ NAME = Talos
 
 ARTIFACTS := _out
 TOOLS ?= ghcr.io/siderolabs/tools:v1.2.0-alpha.0
-PKGS ?= v1.2.0-alpha.0-11-g6e1269e
+PKGS ?= v1.2.0-alpha.0-13-ged75c50
 EXTRAS ?= v1.2.0-alpha.0
 GO_VERSION ?= 1.18
 GOIMPORTS_VERSION ?= v0.1.10
diff --git a/hack/release.toml b/hack/release.toml
index 607d08f98..608d70b90 100644
--- a/hack/release.toml
+++ b/hack/release.toml
@@ -15,124 +15,10 @@ preface = """\
 
 [notes]
 
-    [notes.sbc-rpi4]
-        title = "Raspberry Pi PoE hat fan"
-        description = """\
-Talos now enables the Raspberry Pi PoE fan control by pulling in the poe overlay that works with upstream kernel
-"""
-
     [notes.updates]
         title = "Component Updates"
         description="""\
-* Linux: 5.15.48
-* Containerd: v1.6.6
-* Kubernetes: 1.24.2
-* Flannel: 0.18.1
-* runc: 1.1.3
-* CoreDNS: v1.9.3
-
-Talos is built with Go 1.18.3
-"""
-
-    [notes.eudev]
-        title = "drop some default rules shipped by eudev"
-        description = """\
-Drops some default eudev rules that doesn't make sense in the context of Talos OS.
-Especially the ones around sound devices, cd-roms and renaming the network interfaces to be predictable
-"""
-
-    [notes.sbc-rockpi4]
-        title = "Support RockPi 4 variants A and B"
-        description = """\
-Talos now supports RockPi variants A and B in addition to RockPi 4C
-"""
-
-    [notes.dockeripv6]
-        title = "IPv6 in Docker-based Talos Clusters"
-        description="""\
-The command `talosctl cluster create` now enables IPv6 by default for the Docker containers
-created for Talos nodes. This allows to use IPv6 addresses in Kubernetes networking.
-
-If `talosctl cluster create` fails to work on Linux due to the lack of IPv6 support,
-please use the flag `--disable-docker-ipv6` to revert the change.
-"""
-
-    [notes.pod-security]
-        title = "Pod Security Admission"
-        description="""\
-[Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) controller is enabled by default with the following policy:
-
-```yaml
-apiVersion: apiserver.config.k8s.io/v1
-kind: AdmissionConfiguration
-plugins:
-- configuration:
-    apiVersion: pod-security.admission.config.k8s.io/v1alpha1
-    defaults:
-      audit: restricted
-      audit-version: latest
-      enforce: baseline
-      enforce-version: latest
-      warn: restricted
-      warn-version: latest
-    exemptions:
-      namespaces:
-      - kube-system
-      runtimeClasses: []
-      usernames: []
-    kind: PodSecurityConfiguration
-  name: PodSecurity
-  path: ""
-```
-
-The policy is part of the Talos machine configuration, and it can be modified to suite your needs.
-"""
-
-    [notes.x86_64]
-        title = "x86-64 Architecture"
-        description="""\
-Talos is built for x86-64 architecture with support for [x86-64-v2 microarchitecture level](https://en.wikipedia.org/wiki/X86-64#Microarchitecture_levels),
-so Talos no longer runs on processors supporting only baseline `x86-64` microarchitecture (before 2009).
-"""
-
-    [notes.apply-config]
-        title = "Apply Config `--dry-run`"
-        description="""\
-The commands `talosctl apply-config`, `talosctl patch mc` and `talosctl edit mc` now support `--dry-run` flag.
-If enabled it just prints out the selected config application mode and the configuration diff.
-"""
-
-    [notes.apply-config-try]
-        title = "Apply Config `--mode=try`"
-        description="""\
-The commands `talosctl apply-config`, `talosctl patch mc` and `talosctl edit mc` now support the new mode called `try`.
-In this mode the config change is applied for a period of time and then reverted back to the state it was before the change.
-`--timeout` parameter can be used to customize the config rollback timeout.
-This new mode can be used only with the parts of the config that can be changed without a reboot and can help to check that
-the new configuration doesn't break the node.
-Can be especially useful to check network interfaces changes that may lead to the loss of connectivity to the node.
-"""
-
-    [notes.network-device-selector]
-        title = "Network Device Selector"
-        description="""\
-Talos machine configuration supports specifying network interfaces by selectors instead of interface name.
-See [documentation](https://www.talos.dev/v1.1/talos-guides/network/device-selector/) for more details.
-"""
-
-    [notes.anonymous]
-        title = "Kubernetes API Server Anonymous Auth"
-        description="""\
-Anonymous authentication is now disabled by default for the `kube-apiserver` (CIS compliance).
-
-To enable anonymous authentication, update the machine config with:
-
-```yaml
-cluster:
-    apiServer:
-        extraArgs:
-            anonymous-auth: true
-```
+* Linux: 5.15.49
 """
 
 [make_deps]
diff --git a/pkg/machinery/constants/constants.go b/pkg/machinery/constants/constants.go
index 37641ce5b..5d8907b6f 100644
--- a/pkg/machinery/constants/constants.go
+++ b/pkg/machinery/constants/constants.go
@@ -13,7 +13,7 @@ import (
 
 const (
 	// DefaultKernelVersion is the default Linux kernel version.
-	DefaultKernelVersion = "5.15.48-talos"
+	DefaultKernelVersion = "5.15.49-talos"
 
 	// KernelParamConfig is the kernel parameter name for specifying the URL.
 	// to the config.
diff --git a/pkg/machinery/gendata/data/pkgs b/pkg/machinery/gendata/data/pkgs
index 037d2a2b0..9ba4ec40a 100644
--- a/pkg/machinery/gendata/data/pkgs
+++ b/pkg/machinery/gendata/data/pkgs
@@ -1 +1 @@
-v1.2.0-alpha.0-11-g6e1269e
\ No newline at end of file
+v1.2.0-alpha.0-13-ged75c50
\ No newline at end of file
diff --git a/pkg/machinery/kernel/kernel.go b/pkg/machinery/kernel/kernel.go
index e2fed0862..e38110a3c 100644
--- a/pkg/machinery/kernel/kernel.go
+++ b/pkg/machinery/kernel/kernel.go
@@ -24,7 +24,6 @@ var DefaultArgs = []string{
 	// AWS recommends setting the nvme_core.io_timeout to the highest value possible.
 	// See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nvme-ebs-volumes.html.
 	"nvme_core.io_timeout=4294967295",
-	"random.trust_cpu=on",
 	// Disable rate limited printk
 	"printk.devkmsg=on",
 	"ima_template=ima-ng",
diff --git a/website/content/v1.2/talos-guides/configuration/logging.md b/website/content/v1.2/talos-guides/configuration/logging.md
index 791e959f6..ee73bbf50 100644
--- a/website/content/v1.2/talos-guides/configuration/logging.md
+++ b/website/content/v1.2/talos-guides/configuration/logging.md
@@ -12,7 +12,7 @@ Kernel messages can be retrieved with `talosctl dmesg` command:
 ```sh
 $ talosctl -n 172.20.1.2 dmesg
 
-172.20.1.2: kern:    info: [2021-11-10T10:09:37.662764956Z]: Command line: init_on_alloc=1 slab_nomerge pti=on consoleblank=0 nvme_core.io_timeout=4294967295 random.trust_cpu=on printk.devkmsg=on ima_template=ima-ng ima_appraise=fix ima_hash=sha512 console=ttyS0 reboot=k panic=1 talos.shutdown=halt talos.platform=metal talos.config=http://172.20.1.1:40101/config.yaml
+172.20.1.2: kern:    info: [2021-11-10T10:09:37.662764956Z]: Command line: init_on_alloc=1 slab_nomerge pti=on consoleblank=0 nvme_core.io_timeout=4294967295 printk.devkmsg=on ima_template=ima-ng ima_appraise=fix ima_hash=sha512 console=ttyS0 reboot=k panic=1 talos.shutdown=halt talos.platform=metal talos.config=http://172.20.1.1:40101/config.yaml
 [...]
 ```