Microsoft Releases Azure Linux Update

Microsoft has released an update to its Azure Linux distro, bosting a slew of fixes and bringing the version to 2.0.20240403....
Microsoft Releases Azure Linux Update
Written by Matt Milano
  • Microsoft has released an update to its Azure Linux distro, bosting a slew of fixes and bringing the version to 2.0.20240403.

    Azure Linux is based on Microsoft’s CBL-Mariner distro, and is used as for Azure Linux Container Host workloads. The company has released an updated version of Azure Linux, incorporating a plethora of bug and security fixes.

    The release notes were announced on GitHub:

    • Add patch for cloud-init pkg install error
    • Add patch to limit pytest-mypy-plugins version for python-attrs test
    • Disabled experimental c-ares module from python-gevent (also fixes CVE-2021-22931)
    • Enabled ccache and artifact suffixes for fast-track PR check
    • Exclude overlayfs module from main dracut package.
    • Explicitly add libgcc as a requires to distroless base
    • Fix imagegen tools (toolkit) to Write fstab file in correct order.
    • Fix kata-containers to use system OpenSSL
    • Fix kata-containers-cc to fix macro expansion (use grub2-rpm-macros)
    • Fix kata-containers-cc virtiofsd dependency
    • Fix mariner_2_initrd_use_suffix kdump.conf option
    • Fix moby-compose license for ASL 2.0
    • Fix msft-golang to include go.env in GOROOT
    • Fix python-prettytables ptest.
    • Fix python-remoto ptest
    • Fix toolchain rebuilds for delta builds.
    • Force systemd coredump to use LZ4 compression
    • Limited cascading rebuilds for the fast-track PR check to 1.
    • Modify cython to skip long tests.
    • Patch CVE-2023-52160 for wpa_supplicant
    • Patch libtiff to fix CVE-2023-52356
    • Patch PAM to fix CVE-2024-22365
    • Patch azure-iot-sdk-c to address CVE-2024-25110 and CVE-2024-27099 – bran
    • Patch clamav to fix CVE-2024-20328
    • Patch expat to fix CVE-2023-52426
    • Patch kubervirt for CVE-2022-41723
    • Patch less to fix CVE-2022-48624
    • Patch libvirt to fix CVE-2024-1441 and CVE-2024-2496
    • Patch nodejs18 to fix CVE-2024-22025 (NOTE: nodejs[16] is end of life and will be removed from build at next monthly update)
    • Patch open-vm-tools to address CVE-2023-34058 & CVE-2023-34059
    • Patch to package qt5-qtbase to address CVE-2022-25643
    • Patch unixODBC to fix CVE-2024-1013
    • Patch xorg-x11-server to fix CVE-2023-5574, CVE-2023-5367 & CVE-2023-5380, CVE-2023-6816, CVE-2024-21885
    • Removed the runOnHost flag to fix the fast-track PR check pipelines.
    • Switch qemu-guest base image to kernel instead of kernel-hci
    • Update expat changelog
    • Update guava to 32.1.3 in Javapackages-bootstrap
    • Update toolchain container bootstrap to 2.0.20240123
    • Upgrade Kernel to to address kernel CVE-2014-3185, CVE-2015-5157, CVE-2022-2585, CVE-2022-2586, CVE-2022-2588,CVE-2022-2602, CVE-2023-5090, CVE-2023-5633, CVE-2023-6040, CVE-2023-6200, CVE-2023-6560, > CVE-2023-35827, CVE-2023-46838, CVE-2023-52429, CVE-2023-50431, CVE-2023-52434, CVE-2023-52435, CVE-2024-0340, CVE-2024-0562, CVE-2024-0646, CVE-2024-0775, CVE-2024-1086, CVE-2024-23849, CVE-2024-23850, CVE-2024-23851
    • Upgrade ansible to 2.14.4 fix CVE-2024-0690
    • Upgrade ca-certificates Msft cert change
    • Upgrade emacs to 29.3 to fix CVE-2024-30202, CVE-2024-30204, CVE-2024-30205
    • Upgrade expat to 2.6.2 CVE-2023-52425 and CVE-2024-28757
    • Upgrade helm to 3.14.2 CVE-2024-26147
    • Upgrade libreswan to 4.14
    • Upgrade msft-golang to 1.21.8 to fix CVEs
    • Upgrade nmi to 1.8.17 CVE-2022-41717, CVE-2022-23551
    • Upgrade node-problem-detector to version v0.8.17 and patch CVE-2024-24786
    • Upgrade python to 3.9.19: address CVE-2023-6597 and other security concerns
    • Upgrade zstd to 1.5.4 CVE-2022-4899
    • Upgrade etcd to version 3.5.12.
    • Patch gnutls to fix CVE-2024-0567
    • Patch telegraf for CVE-2024-27304 and CVE-2024-28110
    • Kata: Release v3.2.0.azl0 for both vanilla and CC based on aligned sources
    • Kata: upgrade kernel-uvm and kata-conatainers-cc for LSG release v2402.26.1

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Advertise with Us

    Ready to get started?

    Get our media kit