Releases

A Flatcar instance receives automatic updates from a specific release channel. The Stable channel is the default, and new major releases only appear there after passing through the Alpha and Beta channels. Each release channel always points to the latest release in that particular channel, linked as the current release. Each release has a version number and separate release notes. Learn more about updating and release channels in the channel docs. Click amd64 or arm64 to download images for the channel's current release from the channel overview below, or for a particular version from the release notes below that. Then, you will be able to choose from many images for various platforms. The installation docs have a quick start guide and information about public images directly available at each cloud provider.

Release Channels

Stable

4459.2.4

amd64 arm64

Release Date: Mar 9, 2026

The Stable channel is intended for use in production clusters. Versions of Flatcar Container Linux have been tested as they move through Alpha and Beta channels before being promoted to stable.

containerd - 2.0.7
docker - 28.0.4
ignition - 2.22.0
kernel - 6.12.74
systemd - 256

Beta

4593.1.0

amd64 arm64

Release Date: Mar 9, 2026

The Beta channel is where Flatcar Container Linux stability is solidified. We encourage including some beta machines in production clusters in order to catch any issues that may arise with your setup.

containerd - 2.1.5
docker - 28.0.4
ignition - 2.24.0
kernel - 6.12.74
systemd - 257

Alpha

4628.0.0

amd64 arm64

Release Date: Mar 9, 2026

The Alpha channel follows a more frequent release cadence and is where new updates are introduced. Users can try the new versions of the Linux kernel, systemd and other core packages.

containerd - 2.2.0
docker - 28.2.2
ignition - 2.24.0
kernel - 6.12.74
systemd - 258

LTS

4081.3.6

amd64 arm64

Release Date: Sep 15, 2025

LTS release streams will be maintained for an extended lifetime of 18 months. The yearly LTS streams have an overlap of 6 months.

containerd - 1.7.21
docker - 26.1.0
ignition - 2.19.0
kernel - 6.6.106
systemd - 255

ATOM feed (all releases) JSON feed (all releases)

Release Notes

⚠️ End of support for CGroupsV1 in Stable 4230.2.0 release ⚠️

With the Flatcar Container Linux 4230.2.0 Stable release, CGroups V1 backward compatibility has been removed. Enabling legacy CGroupsV1 during deployment is no longer supported, and nodes still using CGroupsV1 will fail to update. This change ensures your workloads are not unexpectedly disrupted. We encourage you to enable CGroupsV2 on legacy CGroupsV1 nodes to ensure successful updates. The LTS-2024 channel (major release series 4081) will continue supporting CGroupsV1. This channel will receive regular updates until early 2026, and hit EOL in mid-2026. If you have any questions, feel free to join our Matrix channel , or participate in our Office Hours / Developer Sync calls.

ATOM feed (Stable) JSON feed (Stable)

4459.2.4

Release Date: Mar 9, 2026 amd64 arm64

containerd - 2.0.7
docker - 28.0.4
ignition - 2.22.0
kernel - 6.12.74
systemd - 256

Changes since Stable 4459.2.3

Security fixes:

Linux ( CVE-2026-23145 , CVE-2026-23144 , CVE-2026-23142 , CVE-2026-23141 , CVE-2026-23054 , CVE-2026-23053 , CVE-2026-23050 , CVE-2026-23049 , CVE-2025-71196 , CVE-2025-71195 , CVE-2026-23055 , CVE-2025-71193 , CVE-2025-71194 , CVE-2026-23038 , CVE-2026-23037 , CVE-2026-23026 , CVE-2026-23025 , CVE-2025-71191 , CVE-2025-71190 , CVE-2025-71189 , CVE-2025-71188 , CVE-2026-23035 , CVE-2026-23033 , CVE-2026-23032 , CVE-2026-23031 , CVE-2026-23030 , CVE-2025-71185 , CVE-2025-71186 , CVE-2026-23003 , CVE-2026-23002 , CVE-2026-23001 , CVE-2026-23000 , CVE-2026-22999 , CVE-2026-22998 , CVE-2026-22997 , CVE-2026-22996 , CVE-2026-23013 , CVE-2026-23011 , CVE-2026-23010 , CVE-2026-23006 , CVE-2026-23005 , CVE-2025-71162 , CVE-2025-71163 , CVE-2026-23135 , CVE-2026-23133 , CVE-2026-23131 , CVE-2026-23121 , CVE-2026-23120 , CVE-2026-23119 , CVE-2026-23116 , CVE-2026-23129 , CVE-2026-23128 , CVE-2026-23126 , CVE-2026-23125 , CVE-2026-23124 , CVE-2026-23123 , CVE-2025-71200 , CVE-2026-23113 , CVE-2026-23089 , CVE-2026-23098 , CVE-2026-23097 , CVE-2026-23096 , CVE-2026-23095 , CVE-2026-23094 , CVE-2026-23110 , CVE-2026-23091 , CVE-2026-23108 , CVE-2026-23107 , CVE-2026-23105 , CVE-2026-23103 , CVE-2026-23101 , CVE-2026-23099 , CVE-2026-23090 , CVE-2026-23062 , CVE-2026-23061 , CVE-2026-23060 , CVE-2026-23059 , CVE-2026-23058 , CVE-2026-23057 , CVE-2026-23088 , CVE-2026-23087 , CVE-2026-23086 , CVE-2026-23085 , CVE-2026-23084 , CVE-2026-23083 , CVE-2026-23056 , CVE-2026-23082 , CVE-2026-23080 , CVE-2026-23078 , CVE-2026-23076 , CVE-2026-23075 , CVE-2026-23074 , CVE-2026-23073 , CVE-2025-71199 , CVE-2026-23072 , CVE-2026-23071 , CVE-2026-23069 , CVE-2026-23068 , CVE-2026-23065 , CVE-2026-23064 , CVE-2026-23063 , CVE-2025-71197 , CVE-2025-71198 , CVE-2026-23212 , CVE-2026-23173 , CVE-2026-23172 , CVE-2026-23155 , CVE-2026-23154 , CVE-2026-23151 , CVE-2026-23150 , CVE-2026-23170 , CVE-2026-23168 , CVE-2026-23167 , CVE-2026-23166 , CVE-2026-23148 , CVE-2026-23164 , CVE-2026-23163 , CVE-2026-23161 , CVE-2026-23160 , CVE-2026-23159 , CVE-2026-23158 , CVE-2026-23156 , CVE-2026-23146 , CVE-2026-23118 , CVE-2024-57881 , CVE-2024-53690 , CVE-2024-53685 , CVE-2024-52319 , CVE-2024-51729 , CVE-2024-49573 , CVE-2024-49571 , CVE-2024-49568 , CVE-2024-47408 , CVE-2024-57791 , CVE-2024-56788 , CVE-2024-56372 , CVE-2024-56369 , CVE-2024-56368 , CVE-2024-55916 , CVE-2024-55881 , CVE-2024-54680 , CVE-2024-54455 , CVE-2024-54193 , CVE-2024-41149 , CVE-2024-46896 , CVE-2024-56719 , CVE-2024-56718 , CVE-2024-56717 , CVE-2024-56716 , CVE-2024-56715 , CVE-2024-56714 , CVE-2024-56713 , CVE-2024-56712 , CVE-2024-56710 , CVE-2024-56711 , CVE-2024-56709 , CVE-2024-53164 , CVE-2026-23216 , CVE-2026-23215 , CVE-2026-23214 , CVE-2026-23213 , CVE-2025-71228 , CVE-2026-23219 , CVE-2025-71225 , CVE-2026-23206 , CVE-2026-23209 , CVE-2025-71222 , CVE-2026-23180 , CVE-2026-23179 , CVE-2026-23178 , CVE-2026-23177 , CVE-2026-23176 , CVE-2026-23205 , CVE-2026-23204 , CVE-2026-23202 , CVE-2026-23201 , CVE-2026-23200 , CVE-2026-23199 , CVE-2026-23198 , CVE-2026-23193 , CVE-2026-23191 , CVE-2025-71224 , CVE-2026-23190 , CVE-2026-23189 , CVE-2026-23188 , CVE-2026-23187 , CVE-2026-23182 , CVE-2025-71223 , CVE-2025-71220 , CVE-2025-71203 , CVE-2025-71204 , CVE-2026-23112 , CVE-2026-23111 , CVE-2026-23220 , CVE-2025-71237 , CVE-2025-71236 , CVE-2025-71235 , CVE-2025-71234 , CVE-2025-71233 , CVE-2025-71232 , CVE-2025-71231 , CVE-2026-23230 , CVE-2026-23229 , CVE-2026-23228 , CVE-2026-23224 , CVE-2026-23223 , CVE-2026-23222 , CVE-2025-71229 , CVE-2026-23237 , CVE-2026-23238 , CVE-2026-23236 , CVE-2026-23235 , CVE-2026-23234 , CVE-2026-23233 , CVE-2025-71238 )
openssh ( CVE-2025-61984 , CVE-2025-61985 )

Updates:

base, dev: openssh ( 10.2_p1 (includes 10.1 ))
ca-certificates ( 3.120.1 )
Linux ( 6.12.74 (includes 6.12.73 , 6.12.72 , 6.12.71 , 6.12.70 , 6.12.69 , 6.12.68 , 6.12.67 ))

4459.2.3

Release Date: Jan 27, 2026 amd64 arm64

containerd - 2.0.7
docker - 28.0.4
ignition - 2.22.0
kernel - 6.12.66
systemd - 256

Changes since Stable 4459.2.2

Security fixes:

Linux ( CVE-2025-68335 , CVE-2025-68332 , CVE-2025-68337 , CVE-2025-68336 , CVE-2025-68265 , CVE-2025-68266 , CVE-2025-68263 , CVE-2025-68261 , CVE-2025-68259 , CVE-2025-68258 , CVE-2025-68257 , CVE-2025-68256 , CVE-2025-68264 , CVE-2025-68254 , CVE-2025-68255 , CVE-2025-68764 , CVE-2025-68766 , CVE-2025-68765 , CVE-2025-68759 , CVE-2025-68758 , CVE-2025-68757 , CVE-2025-68756 , CVE-2025-68753 , CVE-2025-68763 , CVE-2025-68744 , CVE-2025-68742 , CVE-2025-68741 , CVE-2025-68740 , CVE-2025-68748 , CVE-2025-68747 , CVE-2025-68746 , CVE-2025-68724 , CVE-2025-68380 , CVE-2025-68379 , CVE-2025-68378 , CVE-2025-68733 , CVE-2025-68732 , CVE-2025-68728 , CVE-2025-68727 , CVE-2025-68374 , CVE-2025-68352 , CVE-2025-68349 , CVE-2025-68348 , CVE-2025-68347 , CVE-2025-68372 , CVE-2025-68371 , CVE-2025-68369 , CVE-2025-68367 , CVE-2025-68366 , CVE-2025-68364 , CVE-2025-68346 , CVE-2025-68363 , CVE-2025-68362 , CVE-2025-68361 , CVE-2025-68356 , CVE-2025-68354 , CVE-2025-68344 , CVE-2025-68325 , CVE-2025-68324 , CVE-2025-71157 , CVE-2025-71156 , CVE-2025-71154 , CVE-2025-71153 , CVE-2025-71151 , CVE-2025-71150 , CVE-2025-71149 , CVE-2025-71148 , CVE-2025-71146 , CVE-2025-71147 , CVE-2025-71143 , CVE-2025-71140 , CVE-2025-71138 , CVE-2025-71137 , CVE-2025-71136 , CVE-2025-71135 , CVE-2025-71133 , CVE-2025-71132 , CVE-2025-71131 , CVE-2025-71130 , CVE-2025-71129 , CVE-2025-71111 , CVE-2025-71109 , CVE-2025-71108 , CVE-2025-71107 , CVE-2025-71105 , CVE-2025-71126 , CVE-2025-71125 , CVE-2025-71123 , CVE-2025-71122 , CVE-2025-71104 , CVE-2025-71121 , CVE-2025-71120 , CVE-2025-71119 , CVE-2025-71118 , CVE-2025-71116 , CVE-2025-71114 , CVE-2025-71113 , CVE-2025-71112 , CVE-2025-71102 , CVE-2025-71079 , CVE-2025-71087 , CVE-2025-71086 , CVE-2025-71085 , CVE-2025-71084 , CVE-2025-71083 , CVE-2025-71082 , CVE-2025-71101 , CVE-2025-71100 , CVE-2025-71099 , CVE-2025-71081 , CVE-2025-71098 , CVE-2025-71097 , CVE-2025-71096 , CVE-2025-71095 , CVE-2025-71094 , CVE-2025-71093 , CVE-2025-71091 , CVE-2025-71089 , CVE-2025-71080 , CVE-2025-71078 , CVE-2025-71064 , CVE-2025-71073 , CVE-2025-71072 , CVE-2025-71071 , CVE-2025-71069 , CVE-2025-71068 , CVE-2025-71067 , CVE-2025-71066 , CVE-2025-71077 , CVE-2025-71076 , CVE-2025-71075 , CVE-2025-71065 , CVE-2025-68820 , CVE-2025-68822 , CVE-2025-68821 , CVE-2025-68785 , CVE-2025-68794 , CVE-2025-68789 , CVE-2025-68819 , CVE-2025-68818 , CVE-2025-68817 , CVE-2025-68816 , CVE-2025-68815 , CVE-2025-68788 , CVE-2025-68814 , CVE-2025-68813 , CVE-2025-68811 , CVE-2025-68810 , CVE-2025-68809 , CVE-2025-68808 , CVE-2025-68806 , CVE-2025-68787 , CVE-2025-68804 , CVE-2025-68803 , CVE-2025-68802 , CVE-2025-68801 , CVE-2025-68800 , CVE-2025-68799 , CVE-2025-68798 , CVE-2025-68797 , CVE-2025-68796 , CVE-2025-68795 , CVE-2025-68786 , CVE-2025-68776 , CVE-2025-68775 , CVE-2025-68774 , CVE-2025-68773 , CVE-2025-68772 , CVE-2025-68771 , CVE-2025-68770 , CVE-2025-68769 , CVE-2025-68784 , CVE-2025-68783 , CVE-2025-68782 , CVE-2025-68781 , CVE-2025-68780 , CVE-2025-68778 , CVE-2025-68777 , CVE-2025-68767 , CVE-2025-71144 , CVE-2025-71134 , CVE-2025-71127 , CVE-2025-71088 , CVE-2026-22982 , CVE-2026-22980 , CVE-2026-22979 , CVE-2026-22978 , CVE-2026-22994 , CVE-2025-71160 , CVE-2026-22992 , CVE-2026-22991 , CVE-2026-22990 , CVE-2026-22989 , CVE-2026-22988 , CVE-2026-22984 , CVE-2026-22977 , CVE-2026-22976 )
openssl ( CVE-2025-11187 , CVE-2025-15467 , CVE-2025-15468 , CVE-2025-66199 , CVE-2025-68160 , CVE-2025-69418 , CVE-2025-69419 , CVE-2025-69420 , CVE-2025-69421 , CVE-2026-22795 , CVE-2026-22796 )

Updates:

Linux ( 6.12.66 (includes 6.12.65 , 6.12.64 , 6.12.63 , 6.12.62 ))
ca-certificates ( 3.120 )
openssl ( 3.4.4 )

4459.2.2

Release Date: Dec 18, 2025 amd64 arm64

containerd - 2.0.7
docker - 28.0.4
ignition - 2.22.0
kernel - 6.12.61
systemd - 256

Changes since Stable 4459.2.1

Security fixes:

Linux ( CVE-2025-40275 , CVE-2025-40274 , CVE-2025-40273 , CVE-2025-40272 , CVE-2025-40271 , CVE-2025-40289 , CVE-2025-40288 , CVE-2025-40287 , CVE-2025-40269 , CVE-2025-40286 , CVE-2025-40285 , CVE-2025-40284 , CVE-2025-40283 , CVE-2025-40282 , CVE-2025-40281 , CVE-2025-40280 , CVE-2025-40279 , CVE-2025-40278 , CVE-2025-40277 , CVE-2025-40268 , CVE-2025-40214 , CVE-2025-40212 , CVE-2024-58087 , CVE-2024-57879 , CVE-2024-57880 , CVE-2024-55642 , CVE-2024-55641 , CVE-2024-55639 , CVE-2024-54683 , CVE-2024-54460 , CVE-2024-54191 , CVE-2024-53689 , CVE-2024-53682 , CVE-2024-53687 , CVE-2024-56770 , CVE-2024-56661 , CVE-2024-56660 , CVE-2024-56659 , CVE-2024-56658 , CVE-2024-56657 , CVE-2024-56656 , CVE-2024-56655 , CVE-2024-56675 , CVE-2024-56674 , CVE-2024-56673 , CVE-2024-56672 , CVE-2024-56654 , CVE-2024-56671 , CVE-2024-56670 , CVE-2024-56669 , CVE-2024-56668 , CVE-2024-56667 , CVE-2024-56666 , CVE-2024-56665 , CVE-2024-56664 , CVE-2024-56663 , CVE-2024-56662 , CVE-2024-56652 , CVE-2024-56653 , CVE-2024-53241 , CVE-2024-53240 , CVE-2025-40261 , CVE-2025-40266 , CVE-2025-40264 , CVE-2025-40263 , CVE-2025-40262 , CVE-2025-40254 , CVE-2025-40253 , CVE-2025-40252 , CVE-2025-40251 , CVE-2025-40250 , CVE-2025-40259 , CVE-2025-40258 , CVE-2025-40257 , CVE-2025-40246 , CVE-2025-40248 , CVE-2025-40345 )

Updates:

Linux ( 6.12.61 (includes ( 6.12.59 , 6.12.60 )))
ca-certificates ( 3.119 (includes 3.118.1 ))

4459.2.1

Release Date: Nov 27, 2025 amd64 arm64

containerd - 2.0.7
docker - 28.0.4
ignition - 2.22.0
kernel - 6.12.58
systemd - 256

Changes since Stable 4459.2.0

Security fixes:

Linux ( CVE-2025-40177 , CVE-2025-40176 , CVE-2025-40172 , CVE-2025-40173 , CVE-2025-40166 , CVE-2025-40167 , CVE-2025-40165 , CVE-2025-40162 , CVE-2025-40133 , CVE-2025-40095 , CVE-2025-40094 , CVE-2025-40093 , CVE-2025-40092 , CVE-2025-40090 , CVE-2025-40088 , CVE-2025-40105 , CVE-2025-40104 , CVE-2025-40103 , CVE-2025-40101 , CVE-2025-40100 , CVE-2025-40099 , CVE-2025-40096 , CVE-2025-40087 , CVE-2025-40085 , CVE-2025-40040 , CVE-2025-40106 , CVE-2025-40084 , CVE-2025-40211 , CVE-2025-40209 )

Bug fixes:

Fixed the loading of kernel modules from system extensions via udev (e.g. at boot time). ( flatcar/scripts#3367 )

Changes:

Added Nutanix images ( flatcar/scripts#3311 )

Updates:

Linux ( 6.12.58 (includes 6.12.57 , 6.12.56 , 6.12.55 ))

4459.2.0

Release Date: Nov 12, 2025 amd64 arm64

containerd - 2.0.7
docker - 28.0.4
ignition - 2.22.0
kernel - 6.12.54
systemd - 256

Changes since Stable 4230.2.4

Security fixes:

VMWare: open-vm-tools ( CVE-2025-22247 )
afterburn ( CVE-2025-0977 , CVE-2025-3416 )
bind ( CVE-2024-11187 , CVE-2024-12705 )
binutils ( CVE-2024-53589 , CVE-2025-1176 , CVE-2025-1178 , CVE-2025-1179 , CVE-2025-1180 , CVE-2025-1181 , CVE-2025-1182 )
c-ares ( CVE-2025-31498 )
cifs-utils ( CVE-2025-2312 )
containerd ( CVE-2024-25621 , CVE-2025-64329 , CVE-2024-40635 , CVE-2025-47291 )
crun ( CVE-2025-24965 )
curl ( CVE-2025-0167 , CVE-2025-0665 , CVE-2025-0725 , curl-20250205 )
expat ( CVE-2024-8176 )
git ( CVE-2024-50349 , CVE-2024-52005 , CVE-2024-52006 , CVE-2025-48384 , CVE-2025-48385 , CVE-2025-48386 )
glib ( CVE-2024-52533 , CVE-2025-4373 , ( CVE-2025-7039 )
glibc ( CVE-2025-0395 , CVE-2025-8058 )
gnutls ( CVE-2024-12243 , CVE-2025-32988 , CVE-2025-32989 , CVE-2025-32990 , CVE-2025-6395 )
go ( CVE-2025-22871 , CVE-2025-22873 , CVE-2025-4673 , CVE-2025-0913 , CVE-2025-22874 , CVE-2025-4674 , CVE-2025-47906 , CVE-2025-47907 )
intel-microcode ( CVE-2023-34440 , CVE-2023-43758 , CVE-2024-24582 , CVE-2024-28047 , CVE-2024-28127 , CVE-2024-29214 , CVE-2024-31157 , CVE-2024-39279 , CVE-2024-31068 , CVE-2024-36293 , CVE-2024-37020 , CVE-2024-39355 )
iperf ( CVE-2024-53580 , CVE-2025-54349 , CVE-2025-54350 , CVE-2025-54351 )
jq ( CVE-2024-23337 , CVE-2024-53427 , CVE-2025-48060 )
libarchive ( CVE-2024-57970 , CVE-2025-25724 )
libcap ( CVE-2025-1390 )
libtasn1 ( CVE-2024-12133 )
libxml2 ( CVE-2024-56171 , CVE-2025-24928 , CVE-2025-27113 , CVE-2025-32414 , CVE-2025-32415 , CVE-2025-49794 , CVE-2025-49795 , CVE-2025-49796 )
libxslt ( CVE-2025-24855 , CVE-2024-55549 )
mit-krb5 ( CVE-2025-24528 )
nvidia-drivers ( CVE-2025-23277 , CVE-2025-23278 , CVE-2025-23279 , CVE-2025-23286 )
nvidia-drivers-service ( CVE-2025-23244 )
openssh ( CVE-2025-26465 , CVE-2025-26466 )
openssl ( CVE-2024-12797 , CVE-2024-13176 )
perl ( CVE-2024-56406 )
podman ( CVE-2024-11218 , CVE-2025-6032 )
python ( CVE-2025-0938 , CVE-2025-4516 , CVE-2024-12718 , CVE-2025-4138 , CVE-2025-4330 , CVE-2025-4517 , CVE-2025-6069 , CVE-2025-8194 )
requests ( CVE-2024-47081 )
rsync ( CVE-2024-12084 , CVE-2024-12085 , CVE-2024-12086 , CVE-2024-12087 , CVE-2024-12088 , CVE-2024-12747 )
runc ( CVE-2025-31133 , CVE-2025-52565 , CVE-2025-52881 )
socat ( CVE-2024-54661 , socat-20250221 )
vim ( CVE-2024-41957 , CVE-2024-41965 , CVE-2024-43374 , CVE-2024-43790 , CVE-2024-43802 , CVE-2024-45306 , CVE-2024-47814 , CVE-2025-1215 , CVE-2025-22134 , CVE-2025-24014 , GHSA-63p5-mwg2-787v , CVE-2025-27423 , CVE-2025-29768 , CVE-2025-53905 , CVE-2025-53906 , CVE-2025-9390 )
xz-utils ( CVE-2025-31115 )

Bug fixes:

Enabled CONFIG_CPUSETS_V1 to mitigate cgroupsv1 removal (e.g JVM) ( Flatcar#1884 )
Enabled CONFIG_MEMCG_V1 to mitigate cgroupsv1 removal (e.g JVM) ( Flatcar#1884 )
Excluded TUN/TAP interfaces from the default DHCP network configuration to solve conflicts with the programs that created them ( Flatcar#1933 )
Fix non-conforming GPT partition table ( Flatcar#1651 )
Fixed Intel microcode updates which were broken in recent Alpha and Beta releases by switching back to built-in extra firmware instead of early cpio inclusion ( Flatcar#1909 )
Fixed a UID/GID mis-alignment for user/group messagebus between acct-user/acct-group and baselayout. ( baselayout#36 )
Fixed path handling in the QEMU .sh launcher scripts. Given paths now are relative to the current directory and absolute paths work as you would expect.
Fixed race condition in the script that grows the root partition to fill the disk. This bug sometimes caused the operation to not occur. ( init#132 )
Fixed that the needed Flatcar extensions don’t get removed on update which caused a re-download ( update_engine#51 )
Reenabled console support for DRM drivers, so that with the virtio graphics driver the interactive console is shown again after boot ( Flatcar#1834 )
azure: Fixed issue of wa-linux-agent overriding ssh public key from ignition configuration during provisioning ( flatcar/Flatcar#1661 )
sysext-podman: removed /etc/subuid and /etc/subgid generation for core user, before this change it partially overwrites the file and causes issues. ( Flatcar#1733 ) This could be created through initial provisioning. ( scripts#3043 )
update-ssh-keys: More intuitive –help text and the -n (no-replace) option has been fixed. ( flatcar/Flatcar#1554 )

Changes:

Added overlaybd system extension to support accelerated container images. Add overlaybd to /etc/flatcar/enabled-sysext.conf to check it out. The extension includes both overlaybd as well as accelerated-container-image tools.
Added changes for our secureboot signed images with our signed release process until the official shim signing ( scripts#2754 )
Added nftables-load.service and nftables-store.service services to load/store rules from/in /var/lib/nftables/rules-save ( Flatcar#900 )
Added support for podman in toolbox ( toolbox#11 )
Allow per-sysext USE flags and architecture-specific sysexts. ( scripts#2798 )
Always truncate hostnames on the first occurrence of . ( cloud-init#32 )
Azure OEM: add inotify-tools, python urllib3 ( flatcar/scripts#3116 )
Build Intel iGPU i915 driver as module ( scripts#2349 )
Compiled OS-dependent NVIDIA kernel module sysexts signed for secure boot. ( scripts#2798 )
Enabled CONFIG_INET_DIAG_DESTROY in kernel options ( flatcar/scripts#3176 )
Enabled EROFS module with XATTR support ( Flatcar#1659 )
Enabled virtiofs and fuse-dax modules in the kernel for advaned Qemu usecases. Thank you @aaronk6! ( Flatcar#2825 )
Ensured hostnames never exceeds 63 characters, regardless of the metadata provider ( cloud-init#31 )
Hyper-V images now use a systemd-sysext image for layering additional platform-specific software on top of /usr
Provided an Incus Flatcar extension as optional systemd-sysext image with the release. Write ‘incus’ to /etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning. ( scripts#1655 )
Scaleway: The Linux console is now attached to the correct console port. ( scripts#3383 )
Signed out-of-tree kernel modules using the ephemeral signing key so that ZFS and NVIDIA sysexts can work with secure boot. ( scripts#2636 )
The kernel image and its embedded initrd are now compressed with xz rather than zstd. This gives greater compression at the cost of decompression performance. Systems may therefore now be ever so slightly slower to boot, but this was necessary to avoid running out of space in the /boot partition. Further measures to address the space issue are planned, and perhaps we can switch back to zstd in a later release.
The qemu script (flatcar_production_qemu*.sh) received two new options. -D (or -image-disk-opts) can be used to add extra options to the virtio-blk-pci device for primary disk. -d (or -disk) can be used to add extra disks to the machine - this one takes a path to a raw or qcow2 image file and, after a comma, virtio-blk-pci options. To learn what disk options can be passed to -D or -d, call qemu-system-x86_64 -device virtio-blk-pci,help (qemu-system-aarch64 can be used too).
/boot is now only accessible by the root user for better security. ( Flatcar#296 )
ftrace syscalls also available in ARM64 builds. (Enables syscall tracepoints) ( flatcar/scripts#2600 )
sysext-incus: removed /etc/subuid and /etc/subgid generation for root user, it has to be created through initial provisioning. ( scripts#3028 )
systemd now uses OpenSSL instead of gcrypt for cryptography to reduce the size of the initrd. This change disables systemd-journal’s Forward Secure Sealing feature, but it is generally not useful for Flatcar.

Updates:

Changes since Beta 4459.1.0

Security fixes:

Linux ( CVE-2025-40109 , CVE-2025-40107 , CVE-2025-40028 , CVE-2025-40027 , CVE-2025-40026 , CVE-2025-40000 , CVE-2025-39995 , CVE-2025-40052 , CVE-2025-40061 , CVE-2025-40060 , CVE-2025-40059 , CVE-2025-40058 , CVE-2025-40057 , CVE-2025-40056 , CVE-2025-40055 , CVE-2025-40081 , CVE-2025-40080 , CVE-2025-40079 , CVE-2025-40078 , CVE-2025-40071 , CVE-2025-40070 , CVE-2025-40068 , CVE-2025-40067 , CVE-2025-40062 , CVE-2025-40053 , CVE-2025-40029 , CVE-2025-40038 , CVE-2025-40037 , CVE-2025-40036 , CVE-2025-40035 , CVE-2025-40033 , CVE-2025-40051 , CVE-2025-40049 , CVE-2025-40031 , CVE-2025-40048 , CVE-2025-40047 , CVE-2025-40045 , CVE-2025-40044 , CVE-2025-40043 , CVE-2025-40039 , CVE-2025-40030 , CVE-2025-40018 , CVE-2025-40004 , CVE-2025-40032 , CVE-2025-40042 , CVE-2025-40019 )
sysext-containerd: containerd ( CVE-2024-25621 , CVE-2025-64329 )
sysext-containerd: runc ( CVE-2025-31133 , CVE-2025-52565 , CVE-2025-52881 )

Bug fixes:

Enabled CONFIG_MEMCG_V1 to mitigate cgroupsv1 removal (e.g JVM) ( Flatcar#1884 )
Excluded TUN/TAP interfaces from the default DHCP network configuration to solve conflicts with the programs that created them ( Flatcar#1933 )
Fixed Intel microcode updates which were broken in recent Alpha and Beta releases by switching back to built-in extra firmware instead of early cpio inclusion ( Flatcar#1909 )
Fixed that the needed Flatcar extensions don’t get removed on update which caused a re-download ( update_engine#51 )

Changes:

Scaleway: The Linux console is now attached to the correct console port. ( scripts#3383 )

Updates:

Linux ( 6.12.54 (includes 6.12.53 , 6.12.52 ))
sysext-containerd: containerd ( 2.0.7 (includes 2.0.6 ))
sysext-containerd: runc ( 1.3.3 (includes 1.3.2 , 1.3.1 , 1.3.0 ))

4230.2.4

Release Date: Oct 14, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.3.1
ignition - 2.20.0
kernel - 6.6.110
systemd - 256

Changes since Stable 4230.2.3

Security fixes:

Linux ( CVE-2025-39923 , CVE-2025-39913 , CVE-2025-39911 , CVE-2025-39909 , CVE-2025-39907 , CVE-2025-39916 , CVE-2025-39914 , CVE-2025-39885 , CVE-2025-39886 , CVE-2025-39876 , CVE-2025-39873 , CVE-2025-39871 , CVE-2025-39870 , CVE-2025-39869 , CVE-2025-39883 , CVE-2025-39882 , CVE-2025-39881 , CVE-2025-39880 , CVE-2025-39877 , CVE-2025-39961 , CVE-2025-39957 , CVE-2025-39955 , CVE-2025-39938 , CVE-2025-39937 , CVE-2025-39934 , CVE-2025-39953 , CVE-2025-39952 , CVE-2025-39951 , CVE-2025-39949 , CVE-2025-39947 , CVE-2025-39946 , CVE-2025-39945 , CVE-2025-39944 , CVE-2025-39943 , CVE-2025-39942 , CVE-2025-39929 , CVE-2025-39931 , CVE-2023-52435 )

Bug fixes:

Fixed the QEMU launcher script to include HVF acceleration on arm64-based Macs for faster performance ( Flatcar#1901 )

Changes:

Scaleway: SSH keys are now fetched via Afterburn ( scripts#3277 )
Scaleway: The hostname is now set via Afterburn ( scripts#3277 )

Updates:

Linux ( 6.6.110 (includes 6.6.107 , 6.6.108 , 6.6.109 ))
ca-certificates ( 3.117 (includes 3.116 ))
open-iscsi ( 2.1.11 )

4230.2.3

Release Date: Sep 15, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.3.1
ignition - 2.20.0
kernel - 6.6.106
systemd - 256

Changes since Stable 4230.2.2

Security fixes:

Linux ( CVE-2025-39726 , CVE-2025-38670 , CVE-2025-38668 , CVE-2025-38666 , CVE-2025-38665 , CVE-2025-38664 , CVE-2025-38663 , CVE-2025-38671 , CVE-2025-38552 , CVE-2025-38520 , CVE-2025-38500 , CVE-2025-39734 , CVE-2025-39731 , CVE-2025-39730 , CVE-2025-38650 , CVE-2025-38648 , CVE-2025-38646 , CVE-2025-38645 , CVE-2025-38644 , CVE-2025-38659 , CVE-2025-38653 , CVE-2025-38652 , CVE-2025-38626 , CVE-2025-38625 , CVE-2025-38624 , CVE-2025-38623 , CVE-2025-38622 , CVE-2025-38640 , CVE-2025-38639 , CVE-2025-38635 , CVE-2025-38634 , CVE-2025-38632 , CVE-2025-38630 , CVE-2025-38618 , CVE-2025-38617 , CVE-2025-38611 , CVE-2025-38615 , CVE-2025-38612 , CVE-2025-38577 , CVE-2025-38583 , CVE-2025-38581 , CVE-2025-38610 , CVE-2025-38609 , CVE-2025-38608 , CVE-2025-38604 , CVE-2025-38602 , CVE-2025-38601 , CVE-2025-38579 , CVE-2025-38590 , CVE-2025-38588 , CVE-2025-38587 , CVE-2025-38578 , CVE-2025-38563 , CVE-2025-38562 , CVE-2025-38561 , CVE-2025-38560 , CVE-2025-38576 , CVE-2025-38574 , CVE-2025-38572 , CVE-2025-38571 , CVE-2025-38569 , CVE-2025-38568 , CVE-2025-38566 , CVE-2025-38565 , CVE-2025-38555 , CVE-2025-38553 , CVE-2025-38501 , CVE-2025-39798 , CVE-2025-39797 , CVE-2025-39795 , CVE-2025-39794 , CVE-2025-39773 , CVE-2025-39772 , CVE-2025-39770 , CVE-2025-39790 , CVE-2025-39788 , CVE-2025-39787 , CVE-2025-39767 , CVE-2025-39783 , CVE-2025-39782 , CVE-2025-39781 , CVE-2025-39776 , CVE-2025-39766 , CVE-2025-39750 , CVE-2025-39760 , CVE-2025-39759 , CVE-2025-39758 , CVE-2025-39757 , CVE-2025-39756 , CVE-2025-39753 , CVE-2025-39752 , CVE-2025-39763 , CVE-2025-39761 , CVE-2025-39751 , CVE-2025-39744 , CVE-2025-39743 , CVE-2025-39742 , CVE-2025-39739 , CVE-2025-39738 , CVE-2025-39749 , CVE-2025-39736 , CVE-2025-39737 , CVE-2025-39711 , CVE-2025-39720 , CVE-2025-39719 , CVE-2025-39718 , CVE-2025-39716 , CVE-2025-39715 , CVE-2025-39714 , CVE-2025-39713 , CVE-2025-39724 , CVE-2025-39721 , CVE-2025-39675 , CVE-2025-39673 , CVE-2025-39710 , CVE-2025-39709 , CVE-2025-38735 , CVE-2025-39706 , CVE-2025-39703 , CVE-2025-39702 , CVE-2025-39701 , CVE-2025-38734 , CVE-2025-39694 , CVE-2025-39693 , CVE-2025-39692 , CVE-2025-39691 , CVE-2025-39689 , CVE-2025-39687 , CVE-2025-39686 , CVE-2025-39685 , CVE-2025-39684 , CVE-2025-39683 , CVE-2025-39682 , CVE-2025-39681 , CVE-2025-39679 , CVE-2025-39676 , CVE-2025-38732 , CVE-2025-38727 , CVE-2025-38730 , CVE-2025-38729 , CVE-2025-38728 , CVE-2025-38694 , CVE-2025-38702 , CVE-2025-38701 , CVE-2025-38700 , CVE-2025-38699 , CVE-2025-38698 , CVE-2025-38725 , CVE-2025-38724 , CVE-2025-38697 , CVE-2025-38723 , CVE-2025-38721 , CVE-2025-38718 , CVE-2025-38716 , CVE-2025-38715 , CVE-2025-38714 , CVE-2025-38696 , CVE-2025-38713 , CVE-2025-38712 , CVE-2025-38711 , CVE-2025-38709 , CVE-2025-38708 , CVE-2025-38707 , CVE-2025-38706 , CVE-2025-38695 , CVE-2025-38688 , CVE-2025-38687 , CVE-2025-38685 , CVE-2025-38684 , CVE-2025-38683 , CVE-2025-38681 , CVE-2025-38693 , CVE-2025-38692 , CVE-2025-38691 , CVE-2025-38679 , CVE-2025-38680 , CVE-2025-38677 , CVE-2025-40300 )

Updates:

Linux ( 6.6.106 (includes 6.6.105 , 6.6.104 , 6.6.103 , 6.6.102 , 6.6.101 ))
ca-certificates ( 3.115.1 (includes 3.115 ))

4230.2.2

Release Date: Aug 19, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.3.1
ignition - 2.20.0
kernel - 6.6.100
systemd - 256

Changes since Stable 4230.2.1

Updates:

Linux ( 6.6.100 (includes 6.6.99 , 6.6.98 , 6.6.97 , 6.6.96 )
ca-certificates ( 3.114 (includes 3.113.1 ))

4230.2.1

Release Date: Jul 8, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.3.1
ignition - 2.20.0
kernel - 6.6.95
systemd - 256

Changes since Stable 4230.2.0

Security fixes:

Linux ( CVE-2025-38219 , CVE-2025-38218 , CVE-2025-38217 , CVE-2025-38215 , CVE-2025-38214 , CVE-2025-38213 , CVE-2025-38231 , CVE-2025-38212 , CVE-2025-38229 , CVE-2025-38227 , CVE-2025-38226 , CVE-2025-38225 , CVE-2025-38222 , CVE-2025-38220 , CVE-2025-38211 , CVE-2025-38185 , CVE-2025-38184 , CVE-2025-38183 , CVE-2025-38182 , CVE-2025-38208 , CVE-2025-38181 , CVE-2025-38202 , CVE-2025-38200 , CVE-2025-38198 , CVE-2025-38180 , CVE-2025-38197 , CVE-2025-38195 , CVE-2025-38194 , CVE-2025-38193 , CVE-2025-38192 , CVE-2025-38191 , CVE-2025-38190 , CVE-2025-38090 , CVE-2025-38089 , CVE-2025-38087 , CVE-2025-38086 , CVE-2025-38084 , CVE-2025-38085 )
sudo ( CVE-2025-32462 , CVE-2025-32463 )

Changes:

Added STACKIT images ( flatcar/scripts#3018 )

Updates:

Linux ( 6.6.95 )
ca-certificates ( 3.113 )
sudo ( 1.9.17p1 )

4230.2.0

Release Date: Jun 24, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.3.1
ignition - 2.20.0
kernel - 6.6.94
systemd - 256

Changes since Stable 4152.2.3

Security fixes:

Linux ( CVE-2025-37989 , CVE-2025-37988 , CVE-2025-37985 , CVE-2025-37983 , CVE-2025-37938 , CVE-2025-37885 , CVE-2025-37884 , CVE-2025-37883 , CVE-2025-37881 , CVE-2025-37879 , CVE-2025-37878 , CVE-2025-37887 , CVE-2025-37886 , CVE-2025-37836 , CVE-2025-37823 , CVE-2025-37831 , CVE-2025-37830 , CVE-2025-37829 , CVE-2025-37828 , CVE-2025-37824 , CVE-2025-37808 , CVE-2025-37805 , CVE-2025-37804 , CVE-2025-37803 , CVE-2025-37820 , CVE-2025-37819 , CVE-2025-37818 , CVE-2025-37817 , CVE-2025-37815 , CVE-2025-37813 , CVE-2025-37812 , CVE-2025-37811 , CVE-2025-37810 , CVE-2025-37800 , CVE-2025-37801 , CVE-2025-37799 , CVE-2025-37797 , CVE-2025-37990 , CVE-2025-37991 , CVE-2025-37917 , CVE-2025-37927 , CVE-2025-37924 , CVE-2025-37923 , CVE-2025-37922 , CVE-2025-37921 , CVE-2025-37936 , CVE-2025-37935 , CVE-2025-37933 , CVE-2025-37932 , CVE-2025-37930 , CVE-2025-37929 , CVE-2025-37928 , CVE-2025-37918 , CVE-2025-37903 , CVE-2025-37901 , CVE-2025-37897 , CVE-2025-37916 , CVE-2025-37915 , CVE-2025-37914 , CVE-2025-37913 , CVE-2025-37912 , CVE-2025-37911 , CVE-2025-37909 , CVE-2025-37905 , CVE-2025-37891 , CVE-2025-37890 , CVE-2025-37998 , CVE-2025-37997 , CVE-2025-37995 , CVE-2025-37994 , CVE-2025-37973 , CVE-2025-37972 , CVE-2025-37970 , CVE-2025-37969 , CVE-2025-37964 , CVE-2025-37963 , CVE-2025-37962 , CVE-2025-37961 , CVE-2025-37959 , CVE-2025-37954 , CVE-2025-37953 , CVE-2025-37952 , CVE-2025-37951 , CVE-2025-37949 , CVE-2025-37948 , CVE-2025-37956 , CVE-2025-37947 , CVE-2025-38015 , CVE-2025-38014 , CVE-2025-38013 , CVE-2025-38010 , CVE-2025-38009 , CVE-2025-38027 , CVE-2025-38008 , CVE-2025-38024 , CVE-2025-38023 , CVE-2025-38020 , CVE-2025-38019 , CVE-2025-38018 , CVE-2025-38007 , CVE-2025-38006 , CVE-2025-38005 , CVE-2025-37992 , CVE-2025-38052 , CVE-2025-38061 , CVE-2025-38059 , CVE-2025-38058 , CVE-2025-38081 , CVE-2025-38080 , CVE-2025-38079 , CVE-2025-38078 , CVE-2025-38077 , CVE-2025-38075 , CVE-2025-38074 , CVE-2025-38072 , CVE-2025-38071 , CVE-2025-38068 , CVE-2025-38066 , CVE-2025-38065 , CVE-2025-38063 , CVE-2025-38062 , CVE-2025-38037 , CVE-2025-38035 , CVE-2025-38034 , CVE-2025-38051 , CVE-2025-38031 , CVE-2025-38048 , CVE-2025-38046 , CVE-2025-38045 , CVE-2025-38044 , CVE-2025-38043 , CVE-2025-38040 , CVE-2025-38039 , CVE-2025-38030 , CVE-2025-38003 , CVE-2025-38004 , CVE-2025-38001 , CVE-2025-38000 , CVE-2025-38083 )
containers-storage, podman ( CVE-2024-9676 )
curl ( CVE-2024-11053 , CVE-2024-9681 )
expat ( CVE-2024-50602 )
sssd ( CVE-2023-3758 )
wget ( CVE-2024-10524 )

Bug fixes:

Fixed PXE boot failures that arose since upgrading to systemd v256. Users were dumped to an emergency shell. ( flatcar/bootengine#103 )
Fixed creating netdev arguments to correctly include commas when no port forwards are passed ( flatcar/scripts#2581 )
The kernel module build directory now contains native binaries in arm64 images instead of the previous amd64 binaries ( scripts#2694 )
Nvidia driver installer service now supports the 570 driver branch by forcing the use of the proprietary kernel module. The 570 branch defaults to the kernel-open driver which requires loading firmware, which is not yet supported on Flatcar. ( scripts#2694 )
Added back some BCC tools ( scripts#2900 )

Changes:

Added support for ARM64 architecture in the NVIDIA driver installer service ( scripts#2694 )
Added support for multiple port forwarding parameters in the QEMU startup script. Users can now specify multiple port forwards using the -f option. ( flatcar/scripts#2575 )
Additional GRUB modules are no longer installed for UEFI platforms to save space and also because they cannot be loaded with Secure Boot enabled. This does not affect existing installations.
The GRUB modules on non-UEFI platforms are now compressed with xz rather than gzip to save even more space. This does not affect existing installations.
The VFIO kernel modules are now also available in ARM64 builds. ( flatcar/scripts#2484 )
Enabled the gtp kernel module. This is the GPRS Tunneling Protocol datapath for usage in telecoms scenarios. ( flatcar/scripts#2504 )

Updates:

AMD64: nvidia-drivers ( 535.230.02 )
ARM64: nvidia-drivers ( 570.86.15 )
Go ( 1.22.11 (includes 1.22.10 ))
Linux ( 6.6.94 (includes 6.6.93 , 6.6.92 , 6.6.91 , 6.6.90 , 6.6.89 , 6.6.65 ))
Linux Firmware ( 20250109 (includes 20241210 , 20241110 ))
SDK: autoconf ( 2.72 )
SDK: cmake ( 3.30.5 )
SDK: libpng ( 1.6.44 )
SDK: perf ( 6.11.7 )
SDK: pkgcheck ( 0.10.32 )
SDK: portage ( 3.0.66.1 )
SDK: qemu ( 8.2.7 )
azure, dev, gce, sysext-python: python ( 3.11.11_p1 )
azure: chrony ( 4.6.1 )
base, dev: audit ( 4.0.2 )
base, dev: azure-vm-utils ( 0.4.0 )
base, dev: bind ( 9.18.29 )
base, dev: bpftool ( 7.5.0 (includes 7.4.0 ))
base, dev: btrfs-progs ( 6.12 (includes 6.11 ))
base, dev: c-ares ( 1.34.3 (includes 1.34.2 , 1.34.1 , 1.34.0 ))
base, dev: checkpolicy ( 3.7 )
base, dev: ethtool ( 6.10 )
base, dev: expat ( 2.6.4 )
base, dev: gawk ( 5.3.1 )
base, dev: gcc ( 14.2.1_p20241116 )
base, dev: glib ( 2.80.5 (includes 2.80.4 , 2.80.3 , 2.80.2 , 2.80.1 , 2.80.0 ))
base, dev: gnupg ( 2.4.6 )
base, dev: hwdata ( 0.390 )
base, dev: intel-microcode ( 20241112 (includes 20241029 ))
base, dev: iproute2 ( 6.12.0 (includes 6.11.0 , 6.10.0 ))
base, dev: iputils ( 20240905 )
base, dev: json-c ( 0.18 )
base, dev: kexec-tools ( 2.0.30 (includes 2.0.29 ))
base, dev: less ( 668 )
base, dev: libarchive ( 3.7.7 )
base, dev: libcap ( 2.71 )
base, dev: libgpg-error ( 1.51 )
base, dev: libnetfilter_conntrack ( 1.1.0 )
base, dev: libnftnl ( 1.2.8 )
base, dev: libnvme ( 1.11.1 (includes 1.11 ))
base, dev: libselinux ( 3.7 )
base, dev: libsepol ( 3.7 )
base, dev: libuv ( 1.49.2 (includes 1.49.1 , 1.49.0 ))
base, dev: libxml2 ( 2.12.9 (includes 2.12.8 ))
base, dev: lsof ( 4.99.4 )
base, dev: mokutil ( 0.7.2 )
base, dev: npth ( 1.8 )
base, dev: nvme-cli ( 2.11 )
base, dev: openldap ( 2.6.8 (includes 2.6.7 , 2.6.6 , 2.6.5 ))
base, dev: pax-utils ( 1.3.8 )
base, dev: sssd ( 2.9.5 (includes 2.9.4 , 2.9.3 , 2.9.2 , 2.9.1 , 2.9.0 , 2.8.0 , 2.7.0 , 2.6.0 , 2.5.0 , 2.4.0 ))
base, dev: strace ( 6.12 (includes 6.11 , 6.10 ))
base, dev: usbutils ( 018 )
base, dev: util-linux ( 2.40.2 (includes 2.40.1 , 2.40.0 ))
base, dev: wget ( 1.25.0 )
base, dev: xfsprogs ( 6.11.0 includes ( 6.10.1 , 6.10.0 , 6.9.0 ))
base, dev: xz-utils ( 5.6.3 )
ca-certificates ( 3.112 (includes 3.111 ))
dev: bash-completion ( 2.15.0 )
dev: binutils ( 2.43 )
dev: gentoolkit ( 0.6.8 )
docker: docker ( 27.3.1 )
docker: docker-buildx ( 0.14.0 (includes 0.13.0 , 0.12.0 , 0.11.0 ))
docker: docker-cli ( 27.3.1 )
gce: six ( 1.17.0 )
sysext-podman: containers-storage ( 1.55.1 )
sysext-podman: gpgme ( 1.24.1 (includes 1.24.0 ))
sysext-podman: podman ( 5.3.0 )
sysext-python: cachecontrol ( 0.14.1 )
sysext-python: charset-normalizer ( 3.4.1 (includes 3.4.0 ))
sysext-python: distlib ( 0.3.9 )
sysext-python: jaraco-functools ( 4.1.0 )
sysext-python: packaging ( 24.2 )
sysext-python: pip ( 24.3.1 (includes 24.3 )
sysext-python: pyproject-hooks ( 1.2.0 )
sysext-python: resolvelib ( 1.1.0 )
sysext-python: rich ( 13.9.3 )
sysext-python: setuptools ( 75.6.0 (includes 75.5.0 , 75.4.0 , 75.3.0 , 75.2.0 , 75.1.1 , 75.1.0 , 75.0.0 ))
sysext-python: trove-classifiers ( 2024.10.21.16 )
sysext-python: truststore ( 0.10.0 )
sysext-python: urllib3 ( 2.3.0 )
sysext-python: wheel ( 0.45.1 (includes 0.45.0 ))
sysext-zfs: zfs ( 2.2.7 (includes 2.2.6 ))
systemd ( 256.9 (from 255.8))
vmware: libltdl ( 2.5.4 (includes 2.5.3 , 2.5.2 , 2.5.1 , 2.5.0 ))
vmware: libmspack ( 1.11 )
vmware: xmlsec ( 1.3.5 )

Changes since Beta 4230.1.1

Security fixes:

Linux ( CVE-2025-37989 , CVE-2025-37988 , CVE-2025-37985 , CVE-2025-37983 , CVE-2025-37938 , CVE-2025-37885 , CVE-2025-37884 , CVE-2025-37883 , CVE-2025-37881 , CVE-2025-37879 , CVE-2025-37878 , CVE-2025-37887 , CVE-2025-37886 , CVE-2025-37836 , CVE-2025-37823 , CVE-2025-37831 , CVE-2025-37830 , CVE-2025-37829 , CVE-2025-37828 , CVE-2025-37824 , CVE-2025-37808 , CVE-2025-37805 , CVE-2025-37804 , CVE-2025-37803 , CVE-2025-37820 , CVE-2025-37819 , CVE-2025-37818 , CVE-2025-37817 , CVE-2025-37815 , CVE-2025-37813 , CVE-2025-37812 , CVE-2025-37811 , CVE-2025-37810 , CVE-2025-37800 , CVE-2025-37801 , CVE-2025-37799 , CVE-2025-37797 , CVE-2025-37990 , CVE-2025-37991 , CVE-2025-37917 , CVE-2025-37927 , CVE-2025-37924 , CVE-2025-37923 , CVE-2025-37922 , CVE-2025-37921 , CVE-2025-37936 , CVE-2025-37935 , CVE-2025-37933 , CVE-2025-37932 , CVE-2025-37930 , CVE-2025-37929 , CVE-2025-37928 , CVE-2025-37918 , CVE-2025-37903 , CVE-2025-37901 , CVE-2025-37897 , CVE-2025-37916 , CVE-2025-37915 , CVE-2025-37914 , CVE-2025-37913 , CVE-2025-37912 , CVE-2025-37911 , CVE-2025-37909 , CVE-2025-37905 , CVE-2025-37891 , CVE-2025-37890 , CVE-2025-37998 , CVE-2025-37997 , CVE-2025-37995 , CVE-2025-37994 , CVE-2025-37973 , CVE-2025-37972 , CVE-2025-37970 , CVE-2025-37969 , CVE-2025-37964 , CVE-2025-37963 , CVE-2025-37962 , CVE-2025-37961 , CVE-2025-37959 , CVE-2025-37954 , CVE-2025-37953 , CVE-2025-37952 , CVE-2025-37951 , CVE-2025-37949 , CVE-2025-37948 , CVE-2025-37956 , CVE-2025-37947 , CVE-2025-38015 , CVE-2025-38014 , CVE-2025-38013 , CVE-2025-38010 , CVE-2025-38009 , CVE-2025-38027 , CVE-2025-38008 , CVE-2025-38024 , CVE-2025-38023 , CVE-2025-38020 , CVE-2025-38019 , CVE-2025-38018 , CVE-2025-38007 , CVE-2025-38006 , CVE-2025-38005 , CVE-2025-37992 , CVE-2025-38052 , CVE-2025-38061 , CVE-2025-38059 , CVE-2025-38058 , CVE-2025-38081 , CVE-2025-38080 , CVE-2025-38079 , CVE-2025-38078 , CVE-2025-38077 , CVE-2025-38075 , CVE-2025-38074 , CVE-2025-38072 , CVE-2025-38071 , CVE-2025-38068 , CVE-2025-38066 , CVE-2025-38065 , CVE-2025-38063 , CVE-2025-38062 , CVE-2025-38037 , CVE-2025-38035 , CVE-2025-38034 , CVE-2025-38051 , CVE-2025-38031 , CVE-2025-38048 , CVE-2025-38046 , CVE-2025-38045 , CVE-2025-38044 , CVE-2025-38043 , CVE-2025-38040 , CVE-2025-38039 , CVE-2025-38030 , CVE-2025-38003 , CVE-2025-38004 , CVE-2025-38001 , CVE-2025-38000 , CVE-2025-38083 )

Bug fixes:

Added back some BCC tools ( scripts#2900 )

Updates:

Linux ( 6.6.94 (includes 6.6.93 , 6.6.92 , 6.6.91 , 6.6.90 , 6.6.89 ))
ca-certificates ( 3.112 (includes 3.111 ))

4152.2.3

Release Date: May 6, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.2.1
ignition - 2.20.0
kernel - 6.6.88
systemd - 255

Changes since Stable 4152.2.2

Security fixes:

Linux ( CVE-2025-21993 , CVE-2025-21992 , CVE-2025-21991 , CVE-2025-21967 , CVE-2025-21975 , CVE-2025-21971 , CVE-2025-21970 , CVE-2025-21969 , CVE-2025-21986 , CVE-2025-21981 , CVE-2025-21980 , CVE-2025-21979 , CVE-2025-21978 , CVE-2025-21968 , CVE-2025-21962 , CVE-2025-21960 , CVE-2025-21959 , CVE-2025-21957 , CVE-2025-21956 , CVE-2025-21955 , CVE-2025-21966 , CVE-2025-21964 , CVE-2025-21963 , CVE-2025-22015 , CVE-2025-22014 , CVE-2025-22013 , CVE-2025-22010 , CVE-2025-22008 , CVE-2025-22009 , CVE-2025-22004 , CVE-2025-22003 , CVE-2025-22001 , CVE-2025-21999 , CVE-2025-21997 , CVE-2025-22007 , CVE-2025-22005 , CVE-2025-21995 , CVE-2025-21996 , CVE-2025-21994 , CVE-2025-22021 , CVE-2025-22020 , CVE-2025-22018 , CVE-2025-38575 , CVE-2025-38240 , CVE-2025-38152 , CVE-2025-37893 , CVE-2025-39735 , CVE-2025-39728 , CVE-2025-38637 , CVE-2025-37785 , CVE-2025-23138 , CVE-2025-23136 , CVE-2025-22066 , CVE-2025-22075 , CVE-2025-22074 , CVE-2025-22073 , CVE-2025-22072 , CVE-2025-22071 , CVE-2025-22097 , CVE-2025-22095 , CVE-2025-22093 , CVE-2025-22090 , CVE-2025-22089 , CVE-2025-22088 , CVE-2025-22086 , CVE-2025-22083 , CVE-2025-22081 , CVE-2025-22080 , CVE-2025-22079 , CVE-2025-22077 , CVE-2025-22033 , CVE-2025-22042 , CVE-2025-22041 , CVE-2025-22040 , CVE-2025-22038 , CVE-2025-22064 , CVE-2025-22063 , CVE-2025-22060 , CVE-2025-22058 , CVE-2025-22057 , CVE-2025-22056 , CVE-2025-22055 , CVE-2025-22054 , CVE-2025-22053 , CVE-2025-22035 , CVE-2025-22050 , CVE-2025-22049 , CVE-2025-22048 , CVE-2025-22047 , CVE-2025-22045 , CVE-2025-22044 , CVE-2025-22043 , CVE-2025-22027 , CVE-2025-22025 , CVE-2025-22029 , CVE-2023-53034 )

Updates:

Linux ( 6.6.88 (includes 6.6.87 , 6.6.86 , 6.6.85 , 6.6.84 ))
ca-certificates ( 3.110 )

4152.2.2

Release Date: Mar 20, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.2.1
ignition - 2.20.0
kernel - 6.6.83
systemd - 255

Changes since Stable 4152.2.1

Security fixes:

Linux ( CVE-2025-21835 , CVE-2025-21836 , CVE-2024-58086 , CVE-2025-21823 , CVE-2025-21821 , CVE-2025-21787 , CVE-2025-21785 , CVE-2025-21784 , CVE-2025-21782 , CVE-2025-21783 , CVE-2025-21781 , CVE-2025-21780 , CVE-2025-21796 , CVE-2025-21795 , CVE-2025-21794 , CVE-2025-21793 , CVE-2025-21792 , CVE-2025-21791 , CVE-2025-21790 , CVE-2025-21789 , CVE-2025-21779 , CVE-2024-58020 , CVE-2024-57834 , CVE-2024-54458 , CVE-2024-54456 , CVE-2025-21776 , CVE-2025-21775 , CVE-2025-21772 , CVE-2025-21773 , CVE-2025-21767 , CVE-2025-21766 , CVE-2025-21765 , CVE-2025-21764 , CVE-2025-21763 , CVE-2025-21761 , CVE-2025-21762 , CVE-2025-21760 , CVE-2025-21759 , CVE-2025-21758 , CVE-2025-21756 , CVE-2025-21704 , CVE-2023-52655 , CVE-2023-52434 , CVE-2025-21848 , CVE-2025-21847 , CVE-2025-21846 , CVE-2025-21866 , CVE-2025-21865 , CVE-2025-21864 , CVE-2025-21863 , CVE-2025-21862 , CVE-2025-21844 , CVE-2025-21859 , CVE-2025-21858 , CVE-2025-21857 , CVE-2025-21856 , CVE-2025-21855 , CVE-2025-21854 , CVE-2025-21853 , CVE-2024-58088 , CVE-2025-21838 )

Bug fixes:

azure: Fix issue of wa-linux-agent overriding ssh public key from ignition configuration during provisioning ( flatcar/Flatcar#1661 )
Fix update-ca-certificates behavior when concatenating certificates with missing trailing newlines. ( flatcar/scripts#2667 )

Changes:

Added new image signing pub key to flatcar-install, needed for download verification of releases built from March 2025 onwards, if you have copies of flatcar-install or the image signing pub key, you need to update them as well ( init#129 )

Updates:

Linux ( 6.6.83 (includes 6.6.79 , 6.6.80 , 6.6.81 , 6.6.82 ))
ca-certificates ( 3.109 )

4152.2.1

Release Date: Feb 18, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.2.1
ignition - 2.20.0
kernel - 6.6.74
systemd - 255

Changes since Stable 4152.2.0

Security fixes:

openssh ( CVE-2025-26465 , CVE-2025-26466 )

Updates:

openssh(9.8_p1-r4)

4152.2.0

Release Date: Jan 30, 2025 amd64 arm64

containerd - 1.7.23
docker - 27.2.1
ignition - 2.20.0
kernel - 6.6.74
systemd - 255

Changes since Stable 4081.2.1

Security fixes:

Linux ( CVE-2024-57876 , CVE-2024-57874 , CVE-2025-23128 , CVE-2025-23125 , CVE-2024-57850 , CVE-2024-57849 , CVE-2024-57843 , CVE-2024-48875 , CVE-2024-48873 , CVE-2024-47809 , CVE-2024-47143 , CVE-2024-47141 , CVE-2024-45828 , CVE-2024-43098 , CVE-2024-53680 , CVE-2024-52332 , CVE-2024-50051 , CVE-2024-48881 , CVE-2024-41935 , CVE-2024-56787 , CVE-2024-56786 , CVE-2024-56785 , CVE-2024-56783 , CVE-2024-56781 , CVE-2024-56640 , CVE-2024-56638 , CVE-2024-56637 , CVE-2024-56636 , CVE-2024-56635 , CVE-2024-56634 , CVE-2024-56651 , CVE-2024-56633 , CVE-2024-56650 , CVE-2024-56649 , CVE-2024-56648 , CVE-2024-56645 , CVE-2024-56644 , CVE-2024-56643 , CVE-2024-56642 , CVE-2024-56641 , CVE-2024-56631 , CVE-2024-56615 , CVE-2024-56623 , CVE-2024-56622 , CVE-2024-56619 , CVE-2024-56617 , CVE-2024-56630 , CVE-2024-56629 , CVE-2024-56628 , CVE-2024-56627 , CVE-2024-56626 , CVE-2024-56625 , CVE-2024-56616 , CVE-2024-56592 , CVE-2024-56590 , CVE-2024-56589 , CVE-2024-56587 , CVE-2024-56614 , CVE-2024-56613 , CVE-2024-56586 , CVE-2024-56611 , CVE-2024-56610 , CVE-2024-56606 , CVE-2024-56605 , CVE-2024-56604 , CVE-2024-56603 , CVE-2024-56585 , CVE-2024-56602 , CVE-2024-56601 , CVE-2024-56600 , CVE-2024-56598 , CVE-2024-56597 , CVE-2024-56596 , CVE-2024-56595 , CVE-2024-56594 , CVE-2024-56593 , CVE-2024-56583 , CVE-2024-56584 , CVE-2024-56565 , CVE-2024-56568 , CVE-2024-53196 , CVE-2024-55639 , CVE-2024-54683 , CVE-2024-53687 , CVE-2024-56770 , CVE-2024-56661 , CVE-2024-56660 , CVE-2024-56659 , CVE-2024-56658 , CVE-2024-56657 , CVE-2024-56655 , CVE-2024-56675 , CVE-2024-56672 , CVE-2024-56654 , CVE-2024-56670 , CVE-2024-56667 , CVE-2024-56665 , CVE-2024-56664 , CVE-2024-56663 , CVE-2024-56662 , CVE-2024-56653 , CVE-2024-53241 , CVE-2024-53240 , CVE-2024-53690 , CVE-2024-49571 , CVE-2024-49568 , CVE-2024-47408 , CVE-2024-57791 , CVE-2024-56372 , CVE-2024-56369 , CVE-2024-55916 , CVE-2024-55881 , CVE-2024-54680 , CVE-2024-46896 , CVE-2024-56719 , CVE-2024-56718 , CVE-2024-56717 , CVE-2024-56716 , CVE-2024-56715 , CVE-2024-56709 , CVE-2024-53164 , CVE-2024-57807 , CVE-2024-57798 , CVE-2024-57792 , CVE-2024-56766 , CVE-2024-56765 , CVE-2024-56763 , CVE-2024-56762 , CVE-2024-56760 , CVE-2024-56769 , CVE-2024-56767 , CVE-2023-52881 , CVE-2023-52654 , CVE-2024-53685 )
Go ( CVE-2024-34155 , CVE-2024-34156 , CVE-2024-34158 )
curl ( CVE-2024-8096 )
etcd ( CVE-2023-32082 )
expat ( CVE-2024-45490 )
intel-microcode ( CVE-2023-42667 , CVE-2023-49141 , CVE-2024-24853 , CVE-2024-24980 , CVE-2024-25939 )
libarchive ( CVE-2024-26256 , CVE-2024-48957 , CVE-2024-48958 )
libpcap ( CVE-2023-7256 , CVE-2024-8006 )
nvidia-drivers ( CVE-2023-31022 , CVE-2024-0074 , CVE-2024-0075 , CVE-2024-0078 , CVE-2024-0126 )
openssh ( CVE-2024-39894 )
runc ( CVE-2024-45310 )
sysext-docker: docker ( CVE-2024-41110 )
sysext-podman: containers-common ( CVE-2024-9341 )
sysext-podman: containers-image ( CVE-2024-3727 )
sysext-podman: podman ( CVE-2024-9407 )

Changes:

Added Proxmox Virtual Environment images ( scripts#1783 )
Kernel lockdown in integrity mode is now enabled when secure boot is enabled. This prevents loading unsigned kernel modules and matches the behavior of all major distros. ( scripts#2299 )
The UEFI firmware has changed from raw (.fd) format to QCOW2 format. In addition, the amd64 firmware variables are now held in a 4MB image rather than a 2MB image. Note that this firmware is only intended for testing with QEMU. Do not use it in production. ( scripts#2434 )
The /usr/sbin directory is now merged into /usr/bin, so the former became a symlink to the latter. The SDK now has the same base layout as the generic images. ( flatcar/scripts#2068 )
The arm64 UEFI firmware now supports Secure Boot. Be aware that this is not considered secure due to the lack of an SMM implementation, which is needed to protect the variable store. As above, this firmware should not be used in production anyway. ( scripts#2434 )
grub 2.12-flatcar3: GRUB now includes many patches from Red Hat to support Secure Boot, as well as Flatcar’s own patches. The version string includes a numbered “flatcar” suffix to track changes to these additional patches. This string can be seen in the GRUB menu. ( scripts#2431 )

Updates:

Ignition ( 2.20.0 )
Linux ( 6.6.71 (includes 6.6.70 , 6.6.69 , 6.6.68 , 6.6.67 , 6.6.66 ))
Linux Firmware ( 20241210 (includes 20241110 ))
SDK: Go ( 1.22.9 (includes 1.22.8 , 1.22.7 ))
SDK: catalyst ( 4.0.0 )
SDK: cmake ( 3.30.2 )
SDK: crossdev ( 20240921 )
SDK: edk2-bin ( 202408 (includes 202405 , 202402 , 202311 , 202308 , 202305 , 202302 , 202211 , 202208 , 202205 ))
SDK: meson ( 1.5.2 )
SDK: perl ( 5.40.0 )
SDK: rust ( 1.81.0 )
afterburn ( 5.7.0 )
audit ( 4.0.1 (includes 4.0 ))
azure, gce, sysext-python: gdbm ( 1.24 )
azure, gce, sysext-python: python ( 3.11.10 )
azure: chrony ( 4.6 )
base, dev: azure-vm-utils ( 0.3.0 )
base, dev: binutils-config ( 5.5.2 )
base, dev: btrfs-progs ( 6.10.1 (includes 6.10 ))
base, dev: c-ares ( 1.33.1 (includes 1.33.0 , 1.32.3 , 1.32.2 , 1.32.1 , 1.32.0 , 1.31.0 , 1.30.0 ))
base, dev: cracklib ( 2.10.2 (includes 2.10.1 , 2.10.0 ))
base, dev: cryptsetup ( 2.7.5 (includes 2.7.4 , 2.7.3 ))
base, dev: curl ( 8.10.1 (includes 8.10.0 ))
base, dev: efivar ( 39 )
base, dev: gettext ( 0.22.5 )
base, dev: git ( 2.45.2 (includes 2.45.1 , 2.45.0 ))
base, dev: gnutls ( 3.8.7.1 (includes 3.8.6 ))
base, dev: gptfdisk ( 1.0.10 )
base, dev: intel-microcode ( 20240910_p20240915 )
base, dev: kmod ( 33 )
base, dev: ldb ( 2.8.1 (includes 2.8.0 ))
base, dev: libarchive ( 3.7.6 (includes 3.7.5 ))
base, dev: libassuan ( 3.0.0 )
base, dev: libgcrypt ( 1.11.0 )
base, dev: libgpg-error ( 1.50 )
base, dev: libnl ( 3.10.0 )
base, dev: libnvme ( 1.10 )
base, dev: liburing ( 2.7 (includes 2.6 , 2.5 , 2.4 ))
base, dev: nvme-cli ( 2.10.2 (includes 2.10.1 , 2.10 ))
base, dev: oniguruma ( 6.9.9 )
base, dev: openssh ( 9.8_p1 )
base, dev: pinentry ( 1.3.1 )
base, dev: pkgconf ( 2.3.0 )
base, dev: samba ( 4.19.7 )
base, dev: selinux-base ( 2.20240916 )
base, dev: selinux-base-policy ( 2.20240916 )
base, dev: selinux-container ( 2.20240916 )
base, dev: selinux-dbus ( 2.20240916 )
base, dev: selinux-policykit ( 2.20240916 )
base, dev: selinux-sssd ( 2.20240916 )
base, dev: selinux-unconfined ( 2.20240916 )
base, dev: socat ( 1.8.0.0 )
base, dev: sqlite ( 3.46.1 )
base, dev: talloc ( 2.4.2 )
base, dev: tcpdump ( 4.99.5 )
base, dev: tdb ( 1.4.10 )
base, dev: tevent ( 0.16.1 (includes 0.16.0 ))
base, dev: userspace-rcu ( 0.14.1 )
bind-tools ( 9.16.50 (includes 9.16.49 ))
bpftool ( 7.4.0 (includes 7.3.0 , 7.2.0 , 7.1.0 , 7.0.0 ))
containerd ( 1.7.23 (includes 1.7.22 ))
dev: gdb ( 15.2 )
dev: gentoolkit ( 0.6.7 )
dev: gnuconfig ( 20240728 )
dev: iperf ( 3.17.1 (includes 3.17 ))
dev: libpipeline ( 1.5.8 )
dev: man-db ( 2.13.0 )
etcd ( 3.5.16 )
expat ( 2.6.3 )
grub ( 2.12 )
intel-microcode ( 20240531_p20240526 )
iproute2 ( 6.9.0 )
libffi ( 3.4.6 (includes 3.4.5 ))
libnftnl ( 1.2.7 )
libpcap ( 1.10.5 )
libpcre2 ( 10.44 )
libsodium ( 1.0.20 )
nettle ( 3.10 )
nvidia-drivers ( 535.216.01 )
pinentry ( 1.3.0 )
runc ( 1.1.14 )
sysext-docker: docker ( 27.2.1 (includes 26.1.0 ))
sysext-podman: aardvark-dns ( 1.12.2 (includes 1.12.1 , 1.12.0 ))
sysext-podman: containers-common ( 0.60.4 (includes 0.60.3 , 0.60.2 , 0.60.1 , 0.60.0 , 0.59.2 ))
sysext-podman: containers-image ( 5.32.2 (includes 5.32.1 , 5.32.0 , 5.31.0 , 5.30.2 , 5.30.1 ))
sysext-podman: containers-storage ( 1.55.0 (includes 1.54.0 ))
sysext-podman: crun ( 1.17 (includes 1.16.1 , 1.16 , 1.15 , 1.14.4 ))
sysext-podman: fuse-overlayfs ( 1.14 )
sysext-podman: netavark ( 1.12.2 (includes 1.12.1 , 1.12.0 , 1.11.0 ))
sysext-podman: passt ( 2024.09.06 )
sysext-podman: podman ( 5.2.4 (includes 5.2.3 , 5.2.2 , 5.2.1 , 5.2.0 , 5.1.2 , 5.1.1 , 5.1.0 ))
sysext-python: idna ( 3.10 (includes 3.8 ))
sysext-python: jaraco-context ( 6.0.1 )
sysext-python: more-itertools ( 10.5.0 )
sysext-python: msgpack ( 1.1.0 )
sysext-python: platformdirs ( 4.3.6 )
sysext-python: rich ( 13.8.1 )
sysext-python: setuptools ( 74.1.3 (includes 73.0.1 , 72.2.0 ))
sysext-python: trove-classifiers ( 2024.9.12 )
sysext-python: truststore ( 0.9.2 )
sysext-python: urllib3 ( 2.2.3 )
vmware: open-vm-tools ( 12.5.0 )
vmware: xmlsec ( 1.3.4 )
whois ( 5.5.23 (includes 5.5.22 ))

Changes since Beta 4152.1.0

Security fixes:

Linux ( CVE-2024-57876 , CVE-2024-57874 , CVE-2025-23128 , CVE-2025-23125 , CVE-2024-57850 , CVE-2024-57849 , CVE-2024-57843 , CVE-2024-48875 , CVE-2024-48873 , CVE-2024-47809 , CVE-2024-47143 , CVE-2024-47141 , CVE-2024-45828 , CVE-2024-43098 , CVE-2024-53680 , CVE-2024-52332 , CVE-2024-50051 , CVE-2024-48881 , CVE-2024-41935 , CVE-2024-56787 , CVE-2024-56786 , CVE-2024-56785 , CVE-2024-56783 , CVE-2024-56781 , CVE-2024-56640 , CVE-2024-56638 , CVE-2024-56637 , CVE-2024-56636 , CVE-2024-56635 , CVE-2024-56634 , CVE-2024-56651 , CVE-2024-56633 , CVE-2024-56650 , CVE-2024-56649 , CVE-2024-56648 , CVE-2024-56645 , CVE-2024-56644 , CVE-2024-56643 , CVE-2024-56642 , CVE-2024-56641 , CVE-2024-56631 , CVE-2024-56615 , CVE-2024-56623 , CVE-2024-56622 , CVE-2024-56619 , CVE-2024-56617 , CVE-2024-56630 , CVE-2024-56629 , CVE-2024-56628 , CVE-2024-56627 , CVE-2024-56626 , CVE-2024-56625 , CVE-2024-56616 , CVE-2024-56592 , CVE-2024-56590 , CVE-2024-56589 , CVE-2024-56587 , CVE-2024-56614 , CVE-2024-56613 , CVE-2024-56586 , CVE-2024-56611 , CVE-2024-56610 , CVE-2024-56606 , CVE-2024-56605 , CVE-2024-56604 , CVE-2024-56603 , CVE-2024-56585 , CVE-2024-56602 , CVE-2024-56601 , CVE-2024-56600 , CVE-2024-56598 , CVE-2024-56597 , CVE-2024-56596 , CVE-2024-56595 , CVE-2024-56594 , CVE-2024-56593 , CVE-2024-56583 , CVE-2024-56584 , CVE-2024-56565 , CVE-2024-56568 , CVE-2024-53196 , CVE-2024-55639 , CVE-2024-54683 , CVE-2024-53687 , CVE-2024-56770 , CVE-2024-56661 , CVE-2024-56660 , CVE-2024-56659 , CVE-2024-56658 , CVE-2024-56657 , CVE-2024-56655 , CVE-2024-56675 , CVE-2024-56672 , CVE-2024-56654 , CVE-2024-56670 , CVE-2024-56667 , CVE-2024-56665 , CVE-2024-56664 , CVE-2024-56663 , CVE-2024-56662 , CVE-2024-56653 , CVE-2024-53241 , CVE-2024-53240 , CVE-2024-53690 , CVE-2024-49571 , CVE-2024-49568 , CVE-2024-47408 , CVE-2024-57791 , CVE-2024-56372 , CVE-2024-56369 , CVE-2024-55916 , CVE-2024-55881 , CVE-2024-54680 , CVE-2024-46896 , CVE-2024-56719 , CVE-2024-56718 , CVE-2024-56717 , CVE-2024-56716 , CVE-2024-56715 , CVE-2024-56709 , CVE-2024-53164 , CVE-2024-57807 , CVE-2024-57798 , CVE-2024-57792 , CVE-2024-56766 , CVE-2024-56765 , CVE-2024-56763 , CVE-2024-56762 , CVE-2024-56760 , CVE-2024-56769 , CVE-2024-56767 , CVE-2023-52881 , CVE-2023-52654 , CVE-2024-53685 )

Updates:

Linux ( 6.6.74 (includes 6.6.73 , 6.6.72 , 6.6.71 , 6.6.70 , 6.6.69 , 6.6.68 , 6.6.67 , 6.6.66 ))

4081.2.1

Release Date: Dec 16, 2024 amd64 arm64

containerd - 1.7.21
docker - 26.1.0
ignition - 2.19.0
kernel - 6.6.65
systemd - 255

Changes since Stable 4081.2.0

Security fixes:

Linux ( CVE-2024-53103 , CVE-2024-53104 , CVE-2024-53088 , CVE-2024-53082 , CVE-2024-53083 , CVE-2024-53081 , CVE-2024-53060 , CVE-2024-53068 , CVE-2024-53066 , CVE-2024-53063 , CVE-2024-53072 , CVE-2024-53070 , CVE-2024-53061 , CVE-2024-50302 , CVE-2024-50301 , CVE-2024-50296 , CVE-2024-50295 , CVE-2024-50294 , CVE-2024-50292 , CVE-2024-50290 , CVE-2024-50300 , CVE-2024-50299 , CVE-2024-50298 , CVE-2024-50275 , CVE-2024-50284 , CVE-2024-50283 , CVE-2024-50282 , CVE-2024-50280 , CVE-2024-50279 , CVE-2024-50278 , CVE-2024-50287 , CVE-2024-50286 , CVE-2024-50285 , CVE-2024-50276 , CVE-2024-50273 , CVE-2024-50272 , CVE-2024-50271 , CVE-2024-50269 , CVE-2024-50268 , CVE-2024-50267 , CVE-2024-50264 , CVE-2024-50265 , CVE-2024-53102 , CVE-2024-53101 , CVE-2024-53100 , CVE-2024-53099 , CVE-2024-53097 , CVE-2024-53095 , CVE-2024-53094 , CVE-2024-53093 , CVE-2024-53091 , CVE-2024-53079 , CVE-2024-53135 , CVE-2024-53134 , CVE-2024-53131 , CVE-2024-53130 , CVE-2024-53129 , CVE-2024-53140 , CVE-2024-53139 , CVE-2024-53138 , CVE-2024-53136 , CVE-2024-53126 , CVE-2024-53127 , CVE-2024-53113 , CVE-2024-53112 , CVE-2024-53110 , CVE-2024-53109 , CVE-2024-53108 , CVE-2024-53123 , CVE-2024-53122 , CVE-2024-53121 , CVE-2024-53120 , CVE-2024-53119 , CVE-2024-53106 )
OpenSSL ( CVE-2024-2511 , CVE-2024-4603 , CVE-2024-4741 , CVE-2024-5535 , CVE-2024-6119 , CVE-2024-9143 )

Bug fixes:

Added qemu-guest-agent to ARM64 images ( flatcar/flatcar#1593 )

Updates:

Linux ( 6.6.65 (includes 6.6.64 , 6.6.63 , 6.6.62 , 6.6.61 ))
OpenSSL ( 3.2.3 )
ca-certificates ( 3.107 )

4081.2.0

Release Date: Nov 13, 2024 amd64 arm64

containerd - 1.7.21
docker - 26.1.0
ignition - 2.19.0
kernel - 6.6.60
systemd - 255

Changes since Stable 3975.2.2

Security fixes:

Linux ( CVE-2024-50179 , CVE-2024-50176 , CVE-2024-50175 , CVE-2024-50012 , CVE-2024-50008 , CVE-2024-50007 , CVE-2024-50006 , CVE-2024-50005 , CVE-2024-50016 , CVE-2024-50015 , CVE-2024-50013 , CVE-2024-50003 , CVE-2024-50002 , CVE-2024-50001 , CVE-2024-50000 , CVE-2024-49997 , CVE-2024-49996 , CVE-2024-49995 , CVE-2024-49955 , CVE-2024-49963 , CVE-2024-49962 , CVE-2024-49961 , CVE-2024-49960 , CVE-2024-49959 , CVE-2024-49993 , CVE-2024-49992 , CVE-2024-49991 , CVE-2024-49989 , CVE-2024-49988 , CVE-2024-49987 , CVE-2024-49986 , CVE-2024-49985 , CVE-2024-49958 , CVE-2024-49983 , CVE-2024-49982 , CVE-2024-49981 , CVE-2024-49980 , CVE-2024-49978 , CVE-2024-49977 , CVE-2024-49976 , CVE-2024-49975 , CVE-2024-49957 , CVE-2024-49973 , CVE-2024-49969 , CVE-2024-49967 , CVE-2024-49966 , CVE-2024-49965 , CVE-2024-49924 , CVE-2024-49954 , CVE-2024-49953 , CVE-2024-49952 , CVE-2024-49951 , CVE-2024-49950 , CVE-2024-49949 , CVE-2024-49948 , CVE-2024-49947 , CVE-2024-49946 , CVE-2024-49944 , CVE-2024-49939 , CVE-2024-49938 , CVE-2024-49937 , CVE-2024-49936 , CVE-2024-49935 , CVE-2024-49933 , CVE-2024-49931 , CVE-2024-49930 , CVE-2024-49929 , CVE-2024-49927 , CVE-2024-49925 , CVE-2024-49875 , CVE-2024-49884 , CVE-2024-49883 , CVE-2024-49882 , CVE-2024-49881 , CVE-2024-49879 , CVE-2024-49913 , CVE-2024-49912 , CVE-2024-49907 , CVE-2024-49905 , CVE-2024-49878 , CVE-2024-49903 , CVE-2024-49902 , CVE-2024-49901 , CVE-2024-49900 , CVE-2024-49896 , CVE-2024-49895 , CVE-2024-49877 , CVE-2024-49894 , CVE-2024-49892 , CVE-2024-49890 , CVE-2024-49889 , CVE-2024-49886 , CVE-2024-49863 , CVE-2024-49871 , CVE-2024-49870 , CVE-2024-49868 , CVE-2024-49867 , CVE-2024-49866 , CVE-2024-49874 , CVE-2024-49864 , CVE-2024-47704 , CVE-2024-50191 , CVE-2024-50189 , CVE-2024-50188 , CVE-2024-50187 , CVE-2024-50186 , CVE-2024-50185 , CVE-2024-50184 , CVE-2024-50183 , CVE-2024-50182 , CVE-2024-50180 , CVE-2024-50181 , CVE-2024-50097 , CVE-2024-50096 , CVE-2024-50095 , CVE-2024-50093 , CVE-2024-50089 , CVE-2024-50058 , CVE-2024-50065 , CVE-2024-50064 , CVE-2024-50063 , CVE-2024-50062 , CVE-2024-50061 , CVE-2024-50060 , CVE-2024-50059 , CVE-2024-50026 , CVE-2024-50024 , CVE-2024-50023 , CVE-2024-50057 , CVE-2024-50055 , CVE-2024-50049 , CVE-2024-50022 , CVE-2024-50048 , CVE-2024-50047 , CVE-2024-50046 , CVE-2024-50045 , CVE-2024-50044 , CVE-2024-50041 , CVE-2024-50040 , CVE-2024-50039 , CVE-2024-50038 , CVE-2024-50036 , CVE-2024-50035 , CVE-2024-50033 , CVE-2024-50032 , CVE-2024-50031 , CVE-2024-50029 , CVE-2024-50019 , CVE-2024-50201 , CVE-2024-50202 , CVE-2024-50101 , CVE-2024-50098 , CVE-2024-50099 , CVE-2024-50088 , CVE-2024-50087 , CVE-2024-50086 , CVE-2024-50085 , CVE-2024-50084 , CVE-2024-50083 , CVE-2024-50082 , CVE-2024-50080 , CVE-2024-50077 , CVE-2024-50076 , CVE-2024-50075 , CVE-2024-50074 , CVE-2024-50073 , CVE-2024-50072 , CVE-2024-50070 , CVE-2024-50078 , CVE-2024-50069 , CVE-2024-50066 , CVE-2024-50211 , CVE-2024-50210 , CVE-2024-50209 , CVE-2024-50208 , CVE-2024-50205 , CVE-2024-50155 , CVE-2024-50164 , CVE-2024-50163 , CVE-2024-50162 , CVE-2024-50160 , CVE-2024-50159 , CVE-2024-50158 , CVE-2024-50172 , CVE-2024-50171 , CVE-2024-50170 , CVE-2024-50169 , CVE-2024-50168 , CVE-2024-50167 , CVE-2024-50166 , CVE-2024-50156 , CVE-2024-50148 , CVE-2024-50147 , CVE-2024-50145 , CVE-2024-50143 , CVE-2024-50142 , CVE-2024-50141 , CVE-2024-50154 , CVE-2024-50153 , CVE-2024-50152 , CVE-2024-50151 , CVE-2024-50150 , CVE-2024-50139 , CVE-2024-50140 , CVE-2024-50128 , CVE-2024-50136 , CVE-2024-50135 , CVE-2024-50134 , CVE-2024-50133 , CVE-2024-50131 , CVE-2024-50130 , CVE-2024-50111 , CVE-2024-50110 , CVE-2024-50108 , CVE-2024-50127 , CVE-2024-50126 , CVE-2024-50125 , CVE-2024-50124 , CVE-2024-50121 , CVE-2024-50120 , CVE-2024-50117 , CVE-2024-50116 , CVE-2024-50115 , CVE-2024-50112 , CVE-2024-50103 , CVE-2024-50262 , CVE-2024-50259 , CVE-2024-50261 , CVE-2024-50226 , CVE-2024-50235 , CVE-2024-50234 , CVE-2024-50233 , CVE-2024-50232 , CVE-2024-50231 , CVE-2024-50230 , CVE-2024-50258 , CVE-2024-50257 , CVE-2024-50256 , CVE-2024-50229 , CVE-2024-50255 , CVE-2024-50252 , CVE-2024-50251 , CVE-2024-50250 , CVE-2024-50249 , CVE-2024-50248 , CVE-2024-50247 , CVE-2024-50246 , CVE-2024-50228 , CVE-2024-50245 , CVE-2024-50244 , CVE-2024-50243 , CVE-2024-50242 , CVE-2024-50240 , CVE-2024-50239 , CVE-2024-50237 , CVE-2024-50236 , CVE-2024-50219 , CVE-2024-50218 , CVE-2024-50216 , CVE-2024-50215 , CVE-2024-50224 , CVE-2024-50223 , CVE-2024-50222 )
curl ( CVE-2024-6197 , CVE-2024-6874 , CVE-2024-7264 )
docker ( CVE-2024-29018 )
git ( CVE-2024-32002 , CVE-2024-32004 , CVE-2024-32020 , CVE-2024-32021 , CVE-2024-32465 )
glib ( CVE-2024-34397 )
intel-microcode ( CVE-2023-45733 , CVE-2023-45745 , CVE-2023-46103 , CVE-2023-47855 )
libarchive ( CVE-2024-26256 , CVE-2024-37407 )
libxml2 ( CVE-2024-34459 )
linux-firmware ( CVE-2023-31315 )
mit-krb5 ( CVE-2024-26461 , CVE-2024-26462 , CVE-2024-37370 , CVE-2024-37371 )
sysext-podman: podman ( CVE-2024-3727 )
tpm2-tools ( CVE-2024-29038 , CVE-2024-29039 , CVE-2024-29040 )
SDK: go ( CVE-2023-45288 , CVE-2023-45289 , CVE-2023-45290 , CVE-2024-24783 , CVE-2024-24784 , CVE-2024-24785 , CVE-2024-24788 , CVE-2024-24789 , CVE-2024-24790 , CVE-2024-24791 )
SDK: nasm ( CVE-2019-6290 , CVE-2019-6291 , CVE-2019-8343 , CVE-2020-21528 , CVE-2021-33450 , CVE-2021-33452 , CVE-2022-44368 , CVE-2022-44369 , CVE-2022-44370 )
SDK: re2c ( CVE-2022-23901 )

Bug fixes:

CloudSigma: Disabled the new DHCP RapidCommit feature which is enabled by default since systemd 255. CloudSigma provides an incompatible implementation which results in cloud-init not being applied as no IP is issued. See: ( flatcar/scripts#2016 )
Fixed bad usage of gpg that prevented flatcar-install from being used with custom signing keys ( Flatcar#1471 )
Fixed the initrd option in the QEMU launcher script. It was -R, but this was already taken by the read-only pflash option, so use -r instead. ( scripts#2239 )

Changes:

As part of the update to Catalyst 4 (used to build the SDK), the coreos package repository has been renamed to coreos-overlay to match its directory name. This will be reflected in package listings and package manager output. ( flatcar/scripts#2115 )
Provided a Python Flatcar extension as optional systemd-sysext image with the release. Write ‘python’ to /etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning ( scripts#1979 )
Added Akamai / Linode images ( flatcar/scripts#1806 )
Removed unused grub executable duplicate files and removed grub modules that are already assembled in the grub executable ( flatcar/scripts#1955 ).
Replace nmap netcat with openbsd variant. The license didn’t get an exception from CNCF. Something about the definition of “derivative works” being too broad.
The docker build command will now use buildx as its backend as the old one became deprecated and a loud “DEPRECATED” information is printed every time it’s used.
The kernel security module Landlock is now enabled for programs to sandbox themselves ( flatcar/scripts#2158 )
libcrypt is now provided by the libxcrypt library instead of glibc. Glibc libcrypt was deprecated long time ago.
Disable CONFIG_NFS_V4_2_READ_PLUS kernel config to fix nfs-ganesha ( flatcar/scripts#2390 )

Updates:

Changes since Beta 4081.1.0

Security fixes:

Linux ( CVE-2024-50179 , CVE-2024-50176 , CVE-2024-50175 , CVE-2024-50012 , CVE-2024-50008 , CVE-2024-50007 , CVE-2024-50006 , CVE-2024-50005 , CVE-2024-50016 , CVE-2024-50015 , CVE-2024-50013 , CVE-2024-50003 , CVE-2024-50002 , CVE-2024-50001 , CVE-2024-50000 , CVE-2024-49997 , CVE-2024-49996 , CVE-2024-49995 , CVE-2024-49955 , CVE-2024-49963 , CVE-2024-49962 , CVE-2024-49961 , CVE-2024-49960 , CVE-2024-49959 , CVE-2024-49993 , CVE-2024-49992 , CVE-2024-49991 , CVE-2024-49989 , CVE-2024-49988 , CVE-2024-49987 , CVE-2024-49986 , CVE-2024-49985 , CVE-2024-49958 , CVE-2024-49983 , CVE-2024-49982 , CVE-2024-49981 , CVE-2024-49980 , CVE-2024-49978 , CVE-2024-49977 , CVE-2024-49976 , CVE-2024-49975 , CVE-2024-49957 , CVE-2024-49973 , CVE-2024-49969 , CVE-2024-49967 , CVE-2024-49966 , CVE-2024-49965 , CVE-2024-49924 , CVE-2024-49954 , CVE-2024-49953 , CVE-2024-49952 , CVE-2024-49951 , CVE-2024-49950 , CVE-2024-49949 , CVE-2024-49948 , CVE-2024-49947 , CVE-2024-49946 , CVE-2024-49944 , CVE-2024-49939 , CVE-2024-49938 , CVE-2024-49937 , CVE-2024-49936 , CVE-2024-49935 , CVE-2024-49933 , CVE-2024-49931 , CVE-2024-49930 , CVE-2024-49929 , CVE-2024-49927 , CVE-2024-49925 , CVE-2024-49875 , CVE-2024-49884 , CVE-2024-49883 , CVE-2024-49882 , CVE-2024-49881 , CVE-2024-49879 , CVE-2024-49913 , CVE-2024-49912 , CVE-2024-49907 , CVE-2024-49905 , CVE-2024-49878 , CVE-2024-49903 , CVE-2024-49902 , CVE-2024-49901 , CVE-2024-49900 , CVE-2024-49896 , CVE-2024-49895 , CVE-2024-49877 , CVE-2024-49894 , CVE-2024-49892 , CVE-2024-49890 , CVE-2024-49889 , CVE-2024-49886 , CVE-2024-49863 , CVE-2024-49871 , CVE-2024-49870 , CVE-2024-49868 , CVE-2024-49867 , CVE-2024-49866 , CVE-2024-49874 , CVE-2024-49864 , CVE-2024-47704 , CVE-2024-50191 , CVE-2024-50189 , CVE-2024-50188 , CVE-2024-50187 , CVE-2024-50186 , CVE-2024-50185 , CVE-2024-50184 , CVE-2024-50183 , CVE-2024-50182 , CVE-2024-50180 , CVE-2024-50181 , CVE-2024-50097 , CVE-2024-50096 , CVE-2024-50095 , CVE-2024-50093 , CVE-2024-50089 , CVE-2024-50058 , CVE-2024-50065 , CVE-2024-50064 , CVE-2024-50063 , CVE-2024-50062 , CVE-2024-50061 , CVE-2024-50060 , CVE-2024-50059 , CVE-2024-50026 , CVE-2024-50024 , CVE-2024-50023 , CVE-2024-50057 , CVE-2024-50055 , CVE-2024-50049 , CVE-2024-50022 , CVE-2024-50048 , CVE-2024-50047 , CVE-2024-50046 , CVE-2024-50045 , CVE-2024-50044 , CVE-2024-50041 , CVE-2024-50040 , CVE-2024-50039 , CVE-2024-50038 , CVE-2024-50036 , CVE-2024-50035 , CVE-2024-50033 , CVE-2024-50032 , CVE-2024-50031 , CVE-2024-50029 , CVE-2024-50019 , CVE-2024-50201 , CVE-2024-50202 , CVE-2024-50101 , CVE-2024-50098 , CVE-2024-50099 , CVE-2024-50088 , CVE-2024-50087 , CVE-2024-50086 , CVE-2024-50085 , CVE-2024-50084 , CVE-2024-50083 , CVE-2024-50082 , CVE-2024-50080 , CVE-2024-50077 , CVE-2024-50076 , CVE-2024-50075 , CVE-2024-50074 , CVE-2024-50073 , CVE-2024-50072 , CVE-2024-50070 , CVE-2024-50078 , CVE-2024-50069 , CVE-2024-50066 , CVE-2024-50211 , CVE-2024-50210 , CVE-2024-50209 , CVE-2024-50208 , CVE-2024-50205 , CVE-2024-50155 , CVE-2024-50164 , CVE-2024-50163 , CVE-2024-50162 , CVE-2024-50160 , CVE-2024-50159 , CVE-2024-50158 , CVE-2024-50172 , CVE-2024-50171 , CVE-2024-50170 , CVE-2024-50169 , CVE-2024-50168 , CVE-2024-50167 , CVE-2024-50166 , CVE-2024-50156 , CVE-2024-50148 , CVE-2024-50147 , CVE-2024-50145 , CVE-2024-50143 , CVE-2024-50142 , CVE-2024-50141 , CVE-2024-50154 , CVE-2024-50153 , CVE-2024-50152 , CVE-2024-50151 , CVE-2024-50150 , CVE-2024-50139 , CVE-2024-50140 , CVE-2024-50128 , CVE-2024-50136 , CVE-2024-50135 , CVE-2024-50134 , CVE-2024-50133 , CVE-2024-50131 , CVE-2024-50130 , CVE-2024-50111 , CVE-2024-50110 , CVE-2024-50108 , CVE-2024-50127 , CVE-2024-50126 , CVE-2024-50125 , CVE-2024-50124 , CVE-2024-50121 , CVE-2024-50120 , CVE-2024-50117 , CVE-2024-50116 , CVE-2024-50115 , CVE-2024-50112 , CVE-2024-50103 , CVE-2024-50262 , CVE-2024-50259 , CVE-2024-50261 , CVE-2024-50226 , CVE-2024-50235 , CVE-2024-50234 , CVE-2024-50233 , CVE-2024-50232 , CVE-2024-50231 , CVE-2024-50230 , CVE-2024-50258 , CVE-2024-50257 , CVE-2024-50256 , CVE-2024-50229 , CVE-2024-50255 , CVE-2024-50252 , CVE-2024-50251 , CVE-2024-50250 , CVE-2024-50249 , CVE-2024-50248 , CVE-2024-50247 , CVE-2024-50246 , CVE-2024-50228 , CVE-2024-50245 , CVE-2024-50244 , CVE-2024-50243 , CVE-2024-50242 , CVE-2024-50240 , CVE-2024-50239 , CVE-2024-50237 , CVE-2024-50236 , CVE-2024-50219 , CVE-2024-50218 , CVE-2024-50216 , CVE-2024-50215 , CVE-2024-50224 , CVE-2024-50223 , CVE-2024-50222 )

Changes:

Disable CONFIG_NFS_V4_2_READ_PLUS kernel config to fix nfs-ganesha ( flatcar/scripts#2390 )

Updates:

ca-certificates ( 3.106 )
Linux ( 6.6.60 (includes 6.6.59 , 6.6.58 , 6.6.57 , 6.6.56 ))

3975.2.2

Release Date: Oct 10, 2024 amd64 arm64

containerd - 1.7.17
docker - 24.0.9
ignition - 2.18.0
kernel - 6.6.54
systemd - 255

Changes since Stable 3975.2.1

Security fixes:

Linux ( CVE-2024-46711 , CVE-2024-46709 , CVE-2024-46680 , CVE-2024-46679 , CVE-2024-46678 , CVE-2024-46677 , CVE-2024-46676 , CVE-2024-46695 , CVE-2024-46694 , CVE-2024-46693 , CVE-2024-46675 , CVE-2024-46692 , CVE-2024-46689 , CVE-2024-46687 , CVE-2024-46686 , CVE-2024-46685 , CVE-2024-46673 , CVE-2024-46674 , CVE-2024-46811 , CVE-2024-46810 , CVE-2024-46809 , CVE-2024-46807 , CVE-2024-46806 , CVE-2024-46805 , CVE-2024-46804 , CVE-2024-46821 , CVE-2024-46819 , CVE-2024-46818 , CVE-2024-46817 , CVE-2024-46815 , CVE-2024-46814 , CVE-2024-46812 , CVE-2024-46802 , CVE-2024-46803 , CVE-2024-46724 , CVE-2024-46732 , CVE-2024-46731 , CVE-2024-46728 , CVE-2024-46726 , CVE-2024-46725 , CVE-2024-46723 , CVE-2024-46722 , CVE-2024-46721 , CVE-2024-46720 , CVE-2024-46719 , CVE-2024-46717 , CVE-2024-46716 , CVE-2024-46714 , CVE-2024-46715 , CVE-2024-46831 , CVE-2024-46840 , CVE-2024-46839 , CVE-2024-46838 , CVE-2024-46836 , CVE-2024-46835 , CVE-2024-46848 , CVE-2024-46847 , CVE-2024-46846 , CVE-2024-46845 , CVE-2024-46844 , CVE-2024-46843 , CVE-2024-46832 , CVE-2024-46830 , CVE-2024-46829 , CVE-2024-46828 , CVE-2024-46827 , CVE-2024-46826 , CVE-2024-46825 , CVE-2024-46822 , CVE-2024-46788 , CVE-2024-46797 , CVE-2024-46796 , CVE-2024-46795 , CVE-2024-46794 , CVE-2024-46791 , CVE-2024-46800 , CVE-2024-46798 , CVE-2024-46760 , CVE-2024-46768 , CVE-2024-46767 , CVE-2024-46765 , CVE-2024-46763 , CVE-2024-46787 , CVE-2024-46786 , CVE-2024-46785 , CVE-2024-46784 , CVE-2024-46783 , CVE-2024-46782 , CVE-2024-46781 , CVE-2024-46780 , CVE-2024-46762 , CVE-2024-46777 , CVE-2024-46776 , CVE-2024-46773 , CVE-2024-46771 , CVE-2024-46770 , CVE-2024-46761 , CVE-2024-46743 , CVE-2024-46742 , CVE-2024-46741 , CVE-2024-46740 , CVE-2024-46739 , CVE-2024-46738 , CVE-2024-46737 , CVE-2024-46759 , CVE-2024-46758 , CVE-2024-46757 , CVE-2024-46756 , CVE-2024-46755 , CVE-2024-46736 , CVE-2024-46752 , CVE-2024-46750 , CVE-2024-46749 , CVE-2024-46747 , CVE-2024-46746 , CVE-2024-46745 , CVE-2024-46744 , CVE-2024-46734 , CVE-2024-46735 , CVE-2024-46713 , CVE-2024-46858 , CVE-2024-46857 , CVE-2024-46855 , CVE-2024-46854 , CVE-2024-46853 , CVE-2024-46852 , CVE-2024-46865 , CVE-2024-46864 , CVE-2024-46861 , CVE-2024-46860 , CVE-2024-46859 , CVE-2024-46849 )
expat ( CVE-2024-45490 )

Bug fixes:

Equinix Metal: fixed race condition on ‘mount’ Ignition stage ( scripts#2308 )
Fixed slow boots PXE and ISO boots caused by the decrypt-root.service. ( Flatcar#1514 )

Changes:

Azure, HyperV: Added daemons kvp, vss, and fcopy for better HyperV hypervisor integration with Flatcar guests ( scripts#2309 ).
Enable mpi3mr kernel module for Broadcom Storage/RAID-Controllers ( flatcar/scripts#2355 )

Updates:

Linux ( 6.6.54 (includes 6.6.53 , 6.6.52 , 6.6.51 , 6.6.50 , 6.6.49 ))
ca-certificates ( 3.105 )
expat ( 2.6.3 )

3975.2.1

Release Date: Sep 5, 2024 amd64 arm64

containerd - 1.7.17
docker - 24.0.9
ignition - 2.18.0
kernel - 6.6.48
systemd - 255

Changes since Stable 3975.2.0

Security fixes:

Linux ( CVE-2024-44944 , CVE-2024-43877 , CVE-2024-43876 , CVE-2024-43875 , CVE-2024-43873 , CVE-2024-43871 , CVE-2024-43881 , CVE-2024-43880 , CVE-2024-43879 , CVE-2024-43869 , CVE-2024-43870 , CVE-2024-43856 , CVE-2024-43860 , CVE-2024-43859 , CVE-2024-43858 , CVE-2024-43833 , CVE-2024-43832 , CVE-2024-43831 , CVE-2024-43830 , CVE-2024-43829 , CVE-2024-43828 , CVE-2024-43855 , CVE-2024-43854 , CVE-2024-43853 , CVE-2024-43851 , CVE-2024-43850 , CVE-2024-43849 , CVE-2024-43847 , CVE-2024-43846 , CVE-2024-43845 , CVE-2024-43842 , CVE-2024-43841 , CVE-2024-43839 , CVE-2024-43837 , CVE-2024-43834 , CVE-2024-43825 , CVE-2024-43823 , CVE-2024-43821 , CVE-2024-43818 , CVE-2024-43817 , CVE-2024-42321 , CVE-2024-42322 , CVE-2024-42288 , CVE-2024-42297 , CVE-2024-42296 , CVE-2024-42295 , CVE-2024-42294 , CVE-2024-42292 , CVE-2024-42320 , CVE-2024-42318 , CVE-2024-42291 , CVE-2024-42316 , CVE-2024-42315 , CVE-2024-42314 , CVE-2024-42313 , CVE-2024-42311 , CVE-2024-42310 , CVE-2024-42309 , CVE-2024-42308 , CVE-2024-42290 , CVE-2024-42307 , CVE-2024-42306 , CVE-2024-42305 , CVE-2024-42304 , CVE-2024-42303 , CVE-2024-42302 , CVE-2024-42301 , CVE-2024-42299 , CVE-2024-42298 , CVE-2024-42289 , CVE-2024-42284 , CVE-2024-42283 , CVE-2024-42281 , CVE-2024-42280 , CVE-2024-42279 , CVE-2024-42278 , CVE-2024-42277 , CVE-2024-42287 , CVE-2024-42286 , CVE-2024-42285 , CVE-2023-52889 , CVE-2024-42276 , CVE-2024-43867 , CVE-2024-43866 , CVE-2024-43864 , CVE-2024-43863 , CVE-2024-42312 , CVE-2024-42274 , CVE-2024-42273 , CVE-2024-42272 , CVE-2024-42271 , CVE-2024-42270 , CVE-2024-42269 , CVE-2024-42268 , CVE-2024-42267 , CVE-2024-42265 , CVE-2024-43908 , CVE-2024-44931 , CVE-2024-43914 , CVE-2024-43912 , CVE-2024-44935 , CVE-2024-44934 , CVE-2024-43909 , CVE-2024-43905 , CVE-2024-43903 , CVE-2024-43902 , CVE-2024-43900 , CVE-2024-43907 , CVE-2024-43906 , CVE-2024-43897 , CVE-2024-43894 , CVE-2024-43893 , CVE-2024-43892 , CVE-2024-43890 , CVE-2024-43889 , CVE-2024-43895 , CVE-2024-43883 , CVE-2024-43861 , CVE-2024-42259 , CVE-2024-44943 , CVE-2024-44942 , CVE-2024-44941 , CVE-2024-44940 , CVE-2024-44938 , CVE-2024-44939 , CVE-2024-43898 , CVE-2024-43882 , CVE-2024-44947 , CVE-2024-44946 )

Bug fixes:

Fix ownership of systemd units shipped with built-in docker/containerd sysexts. The files shipped on production images were accidentally owned by 1000:1000 instead of 0:0. This uid/gid is not present on Flatcar images but would be assigned to the first created user. Due to contents of sysexts and /usr being readonly on Flatcar, the invalid permissions can’t be used to escalate privileges. ( scripts#2266 )
Equinix Metal: Fixed oem-cloudinit.service. The availability check now uses the https://metadata.platformequinix.com/metadata endpoint. ( scripts#2222 )

Updates:

Linux ( 6.6.48 (includes 6.6.47 , 6.6.46 , 6.6.45 , 6.6.44 ))
ca-certificates ( 3.104 )

3975.2.0

Release Date: Aug 7, 2024 amd64 arm64

containerd - 1.7.17
docker - 24.0.9
ignition - 2.18.0
kernel - 6.6.43
systemd - 255

Changes since Stable 3815.2.5

Security fixes:

Linux ( CVE-2022-27672 , CVE-2022-36402 , CVE-2022-36402 , CVE-2022-40982 , CVE-2022-4269 , CVE-2022-45886 , CVE-2022-45887 , CVE-2022-45919 , CVE-2022-48425 , CVE-2022-48628 , CVE-2023-0160 , CVE-2023-0160 , CVE-2023-0459 , CVE-2023-1032 , CVE-2023-1076 , CVE-2023-1077 , CVE-2023-1079 , CVE-2023-1118 , CVE-2023-1192 , CVE-2023-1194 , CVE-2023-1206 , CVE-2023-1281 , CVE-2023-1380 , CVE-2023-1380 , CVE-2023-1513 , CVE-2023-1583 , CVE-2023-1611 , CVE-2023-1670 , CVE-2023-1829 , CVE-2023-1855 , CVE-2023-1859 , CVE-2023-1989 , CVE-2023-1990 , CVE-2023-1998 , CVE-2023-2002 , CVE-2023-2002 , CVE-2023-20569 , CVE-2023-20588 , CVE-2023-20593 , CVE-2023-2124 , CVE-2023-21255 , CVE-2023-21264 , CVE-2023-2156 , CVE-2023-2156 , CVE-2023-2163 , CVE-2023-2163 , CVE-2023-2194 , CVE-2023-2235 , CVE-2023-2248 , CVE-2023-2248 , CVE-2023-2269 , CVE-2023-2269 , CVE-2023-2483 , CVE-2023-25012 , CVE-2023-25775 , CVE-2023-25775 , CVE-2023-2598 , CVE-2023-26545 , CVE-2023-28466 , CVE-2023-28746 , CVE-2023-28866 , CVE-2023-2898 , CVE-2023-2985 , CVE-2023-30456 , CVE-2023-30772 , CVE-2023-3090 , CVE-2023-31085 , CVE-2023-3117 , CVE-2023-31248 , CVE-2023-3141 , CVE-2023-31436 , CVE-2023-31436 , CVE-2023-3212 , CVE-2023-3220 , CVE-2023-32233 , CVE-2023-32233 , CVE-2023-32247 , CVE-2023-32247 , CVE-2023-32248 , CVE-2023-32248 , CVE-2023-32250 , CVE-2023-32250 , CVE-2023-32252 , CVE-2023-32252 , CVE-2023-32254 , CVE-2023-32254 , CVE-2023-32257 , CVE-2023-32257 , CVE-2023-32258 , CVE-2023-32258 , CVE-2023-3268 , CVE-2023-3268 , CVE-2023-3269 , CVE-2023-3269 , CVE-2023-3312 , CVE-2023-3312 , CVE-2023-3317 , CVE-2023-33203 , CVE-2023-33250 , CVE-2023-33250 , CVE-2023-33288 , CVE-2023-3355 , CVE-2023-3390 , CVE-2023-33951 , CVE-2023-33951 , CVE-2023-33952 , CVE-2023-33952 , CVE-2023-34255 , CVE-2023-34256 , CVE-2023-34256 , CVE-2023-34319 , CVE-2023-34324 , CVE-2023-35001 , CVE-2023-35788 , CVE-2023-35823 , CVE-2023-35823 , CVE-2023-35824 , CVE-2023-35824 , CVE-2023-35826 , CVE-2023-35826 , CVE-2023-35827 , CVE-2023-35828 , CVE-2023-35828 , CVE-2023-35829 , CVE-2023-35829 , CVE-2023-3609 , CVE-2023-3610 , CVE-2023-3610 , CVE-2023-3611 , CVE-2023-37453 , CVE-2023-37453 , CVE-2023-3772 , CVE-2023-3773 , CVE-2023-3776 , CVE-2023-3777 , CVE-2023-38409 , CVE-2023-38426 , CVE-2023-38427 , CVE-2023-38428 , CVE-2023-38429 , CVE-2023-38430 , CVE-2023-38431 , CVE-2023-38432 , CVE-2023-38432 , CVE-2023-3863 , CVE-2023-3863 , CVE-2023-3865 , CVE-2023-3865 , CVE-2023-3866 , CVE-2023-3866 , CVE-2023-3867 , CVE-2023-39189 , CVE-2023-39191 , CVE-2023-39192 , CVE-2023-39192 , CVE-2023-39193 , CVE-2023-39193 , CVE-2023-39194 , CVE-2023-39197 , CVE-2023-39197 , CVE-2023-39198 , CVE-2023-4004 , CVE-2023-4015 , CVE-2023-40283 , CVE-2023-40791 , CVE-2023-4128 , CVE-2023-4132 , CVE-2023-4133 , CVE-2023-4133 , CVE-2023-4134 , CVE-2023-4134 , CVE-2023-4147 , CVE-2023-4155 , CVE-2023-4194 , CVE-2023-4206 , CVE-2023-4207 , CVE-2023-4208 , CVE-2023-4244 , CVE-2023-4273 , CVE-2023-42752 , CVE-2023-42752 , CVE-2023-42753 , CVE-2023-42753 , CVE-2023-42754 , CVE-2023-42756 , CVE-2023-44466 , CVE-2023-4563 , CVE-2023-4569 , CVE-2023-45862 , CVE-2023-45863 , CVE-2023-45871 , CVE-2023-45871 , CVE-2023-45898 , CVE-2023-4610 , CVE-2023-4611 , CVE-2023-4623 , CVE-2023-4623 , CVE-2023-46343 , CVE-2023-46813 , CVE-2023-46838 , CVE-2023-46862 , CVE-2023-46862 , CVE-2023-47233 , CVE-2023-4881 , CVE-2023-4921 , CVE-2023-50431 , CVE-2023-5090 , CVE-2023-51042 , CVE-2023-51043 , CVE-2023-5158 , CVE-2023-51779 , CVE-2023-51780 , CVE-2023-51781 , CVE-2023-51782 , CVE-2023-5197 , CVE-2023-52429 , CVE-2023-52433 , CVE-2023-52434 , CVE-2023-52435 , CVE-2023-52436 , CVE-2023-52438 , CVE-2023-52439 , CVE-2023-52440 , CVE-2023-52440 , CVE-2023-52441 , CVE-2023-52442 , CVE-2023-52443 , CVE-2023-52444 , CVE-2023-52445 , CVE-2023-52446 , CVE-2023-52447 , CVE-2023-52448 , CVE-2023-52449 , CVE-2023-52450 , CVE-2023-52451 , CVE-2023-52452 , CVE-2023-52453 , CVE-2023-52454 , CVE-2023-52455 , CVE-2023-52456 , CVE-2023-52457 , CVE-2023-52458 , CVE-2023-52459 , CVE-2023-52462 , CVE-2023-52463 , CVE-2023-52464 , CVE-2023-52465 , CVE-2023-52467 , CVE-2023-52468 , CVE-2023-52469 , CVE-2023-52470 , CVE-2023-52472 , CVE-2023-52473 , CVE-2023-52474 , CVE-2023-52474 , CVE-2023-52475 , CVE-2023-52476 , CVE-2023-52477 , CVE-2023-52478 , CVE-2023-52479 , CVE-2023-52480 , CVE-2023-52481 , CVE-2023-52482 , CVE-2023-52483 , CVE-2023-52484 , CVE-2023-52486 , CVE-2023-52487 , CVE-2023-52488 , CVE-2023-52489 , CVE-2023-52490 , CVE-2023-52491 , CVE-2023-52492 , CVE-2023-52493 , CVE-2023-52494 , CVE-2023-52495 , CVE-2023-52497 , CVE-2023-52498 , CVE-2023-52499 , CVE-2023-52500 , CVE-2023-52501 , CVE-2023-52502 , CVE-2023-52503 , CVE-2023-52504 , CVE-2023-52505 , CVE-2023-52506 , CVE-2023-52507 , CVE-2023-52508 , CVE-2023-52509 , CVE-2023-52510 , CVE-2023-52511 , CVE-2023-52512 , CVE-2023-52513 , CVE-2023-52515 , CVE-2023-52516 , CVE-2023-52517 , CVE-2023-52518 , CVE-2023-52519 , CVE-2023-52520 , CVE-2023-52522 , CVE-2023-52523 , CVE-2023-52524 , CVE-2023-52526 , CVE-2023-52527 , CVE-2023-52528 , CVE-2023-52529 , CVE-2023-52530 , CVE-2023-52531 , CVE-2023-52532 , CVE-2023-52559 , CVE-2023-52560 , CVE-2023-52561 , CVE-2023-52562 , CVE-2023-52563 , CVE-2023-52564 , CVE-2023-52565 , CVE-2023-52566 , CVE-2023-52567 , CVE-2023-52568 , CVE-2023-52569 , CVE-2023-52570 , CVE-2023-52571 , CVE-2023-52572 , CVE-2023-52573 , CVE-2023-52574 , CVE-2023-52575 , CVE-2023-52576 , CVE-2023-52578 , CVE-2023-52580 , CVE-2023-52581 , CVE-2023-52582 , CVE-2023-52583 , CVE-2023-52584 , CVE-2023-52587 , CVE-2023-52588 , CVE-2023-52589 , CVE-2023-52591 , CVE-2023-52593 , CVE-2023-52594 , CVE-2023-52595 , CVE-2023-52596 , CVE-2023-52597 , CVE-2023-52598 , CVE-2023-52599 , CVE-2023-52600 , CVE-2023-52601 , CVE-2023-52602 , CVE-2023-52603 , CVE-2023-52604 , CVE-2023-52606 , CVE-2023-52607 , CVE-2023-52608 , CVE-2023-52609 , CVE-2023-52610 , CVE-2023-52611 , CVE-2023-52612 , CVE-2023-52613 , CVE-2023-52614 , CVE-2023-52615 , CVE-2023-52616 , CVE-2023-52617 , CVE-2023-52618 , CVE-2023-52619 , CVE-2023-52620 , CVE-2023-52621 , CVE-2023-52622 , CVE-2023-52623 , CVE-2023-52627 , CVE-2023-52628 , CVE-2023-52629 , CVE-2023-52630 , CVE-2023-52631 , CVE-2023-52632 , CVE-2023-52633 , CVE-2023-52635 , CVE-2023-52636 , CVE-2023-52637 , CVE-2023-52638 , CVE-2023-52639 , CVE-2023-52640 , CVE-2023-52641 , CVE-2023-5345 , CVE-2023-5633 , CVE-2023-5717 , CVE-2023-5972 , CVE-2023-6039 , CVE-2023-6111 , CVE-2023-6121 , CVE-2023-6176 , CVE-2023-6200 , CVE-2023-6270 , CVE-2023-6356 , CVE-2023-6531 , CVE-2023-6536 , CVE-2023-6546 , CVE-2023-6560 , CVE-2023-6606 , CVE-2023-6610 , CVE-2023-6622 , CVE-2023-6817 , CVE-2023-6915 , CVE-2023-6931 , CVE-2023-6932 , CVE-2023-7042 , CVE-2023-7192 , CVE-2024-0193 , CVE-2024-0443 , CVE-2024-0565 , CVE-2024-0582 , CVE-2024-0584 , CVE-2024-0607 , CVE-2024-0607 , CVE-2024-0639 , CVE-2024-0641 , CVE-2024-0646 , CVE-2024-0775 , CVE-2024-0775 , CVE-2024-0841 , CVE-2024-1085 , CVE-2024-1086 , CVE-2024-1151 , CVE-2024-1312 , CVE-2024-22099 , CVE-2024-22705 , CVE-2024-23196 , CVE-2024-23307 , CVE-2024-23849 , CVE-2024-23850 , CVE-2024-23851 , CVE-2024-24860 , CVE-2024-24861 , CVE-2024-25744 , CVE-2024-26581 , CVE-2024-26582 , CVE-2024-26583 , CVE-2024-26584 , CVE-2024-26585 , CVE-2024-26586 , CVE-2024-26587 , CVE-2024-26588 , CVE-2024-26589 , CVE-2024-26590 , CVE-2024-26591 , CVE-2024-26592 , CVE-2024-26593 , CVE-2024-26594 , CVE-2024-26595 , CVE-2024-26597 , CVE-2024-26598 , CVE-2024-26599 , CVE-2024-26600 , CVE-2024-26601 , CVE-2024-26602 , CVE-2024-26603 , CVE-2024-26604 , CVE-2024-26606 , CVE-2024-26607 , CVE-2024-26608 , CVE-2024-26610 , CVE-2024-26611 , CVE-2024-26612 , CVE-2024-26614 , CVE-2024-26615 , CVE-2024-26616 , CVE-2024-26618 , CVE-2024-26620 , CVE-2024-26622 , CVE-2024-26623 , CVE-2024-26625 , CVE-2024-26627 , CVE-2024-26629 , CVE-2024-26630 , CVE-2024-26631 , CVE-2024-26632 , CVE-2024-26633 , CVE-2024-26634 , CVE-2024-26635 , CVE-2024-26636 , CVE-2024-26638 , CVE-2024-26640 , CVE-2024-26641 , CVE-2024-26642 , CVE-2024-26643 , CVE-2024-26644 , CVE-2024-26645 , CVE-2024-26646 , CVE-2024-26647 , CVE-2024-26648 , CVE-2024-26649 , CVE-2024-26650 , CVE-2024-26651 , CVE-2024-26652 , CVE-2024-26654 , CVE-2024-26656 , CVE-2024-26659 , CVE-2024-26660 , CVE-2024-26661 , CVE-2024-26662 , CVE-2024-26663 , CVE-2024-26664 , CVE-2024-26665 , CVE-2024-26666 , CVE-2024-26667 , CVE-2024-26668 , CVE-2024-26669 , CVE-2024-26670 , CVE-2024-26671 , CVE-2024-26673 , CVE-2024-26674 , CVE-2024-26675 , CVE-2024-26676 , CVE-2024-26677 , CVE-2024-26679 , CVE-2024-26680 , CVE-2024-26681 , CVE-2024-26684 , CVE-2024-26685 , CVE-2024-26687 , CVE-2024-26688 , CVE-2024-26689 , CVE-2024-26690 , CVE-2024-26691 , CVE-2024-26692 , CVE-2024-26693 , CVE-2024-26694 , CVE-2024-26695 , CVE-2024-26696 , CVE-2024-26697 , CVE-2024-26698 , CVE-2024-26700 , CVE-2024-26702 , CVE-2024-26703 , CVE-2024-26704 , CVE-2024-26705 , CVE-2024-26706 , CVE-2024-26707 , CVE-2024-26708 , CVE-2024-26711 , CVE-2024-26712 , CVE-2024-26713 , CVE-2024-26714 , CVE-2024-26715 , CVE-2024-26716 , CVE-2024-26717 , CVE-2024-26718 , CVE-2024-26719 , CVE-2024-26720 , CVE-2024-26723 , CVE-2024-26726 , CVE-2024-26727 , CVE-2024-26730 , CVE-2024-26731 , CVE-2024-26733 , CVE-2024-26734 , CVE-2024-26735 , CVE-2024-26736 , CVE-2024-26737 , CVE-2024-26738 , CVE-2024-26739 , CVE-2024-26740 , CVE-2024-26741 , CVE-2024-26742 , CVE-2024-26743 , CVE-2024-26744 , CVE-2024-26745 , CVE-2024-26746 , CVE-2024-26747 , CVE-2024-26748 , CVE-2024-26749 , CVE-2024-26751 , CVE-2024-26752 , CVE-2024-26753 , CVE-2024-26754 , CVE-2024-26759 , CVE-2024-26760 , CVE-2024-26761 , CVE-2024-26763 , CVE-2024-26764 , CVE-2024-26765 , CVE-2024-26766 , CVE-2024-26766 , CVE-2024-26767 , CVE-2024-26768 , CVE-2024-26769 , CVE-2024-26770 , CVE-2024-26771 , CVE-2024-26772 , CVE-2024-26773 , CVE-2024-26774 , CVE-2024-26775 , CVE-2024-26776 , CVE-2024-26777 , CVE-2024-26778 , CVE-2024-26779 , CVE-2024-26782 , CVE-2024-26783 , CVE-2024-26786 , CVE-2024-26787 , CVE-2024-26788 , CVE-2024-26789 , CVE-2024-26790 , CVE-2024-26791 , CVE-2024-26793 , CVE-2024-26795 , CVE-2024-26796 , CVE-2024-26798 , CVE-2024-26799 , CVE-2024-26801 , CVE-2024-26802 , CVE-2024-26803 , CVE-2024-26804 , CVE-2024-26805 , CVE-2024-26807 , CVE-2024-26808 , CVE-2024-26809 , CVE-2024-41081 , CVE-2024-41078 , CVE-2024-41079 , CVE-2024-41076 , CVE-2024-41075 , CVE-2024-41074 , CVE-2024-41073 , CVE-2024-41072 , CVE-2024-41070 , CVE-2024-41069 , CVE-2024-41077 , CVE-2024-41068 , CVE-2024-41066 , CVE-2024-41065 , CVE-2024-41064 , CVE-2024-41063 , CVE-2024-41062 , CVE-2024-41060 , CVE-2024-41059 , CVE-2024-41057 , CVE-2024-41058 , CVE-2024-41056 , CVE-2024-41053 , CVE-2024-41055 , CVE-2024-41054 , CVE-2024-41032 , CVE-2024-41031 , CVE-2024-41030 , CVE-2024-41028 , CVE-2024-41027 , CVE-2024-41052 , CVE-2024-41051 , CVE-2024-41050 , CVE-2024-41049 , CVE-2024-41048 , CVE-2024-41047 , CVE-2024-41046 , CVE-2024-41044 , CVE-2024-41025 , CVE-2024-41041 , CVE-2024-41040 , CVE-2024-41039 , CVE-2024-41038 , CVE-2024-41037 , CVE-2024-41036 , CVE-2024-41035 , CVE-2024-41034 , CVE-2024-41024 , CVE-2024-42226 , CVE-2024-42145 , CVE-2024-42154 , CVE-2024-42153 , CVE-2024-42152 , CVE-2024-42148 , CVE-2024-42230 , CVE-2024-42229 , CVE-2024-42228 , CVE-2024-42226 , CVE-2024-42225 , CVE-2024-42147 , CVE-2024-42224 , CVE-2024-42223 , CVE-2024-42161 , CVE-2024-42160 , CVE-2024-42159 , CVE-2024-42157 , CVE-2024-42110 , CVE-2024-42119 , CVE-2024-42116 , CVE-2024-42115 , CVE-2024-42144 , CVE-2024-42143 , CVE-2024-42142 , CVE-2024-42141 , CVE-2024-42140 , CVE-2024-42113 , CVE-2024-42138 , CVE-2024-42137 , CVE-2024-42136 , CVE-2024-42135 , CVE-2024-42133 , CVE-2024-42132 , CVE-2024-42131 , CVE-2024-42130 , CVE-2024-42128 , CVE-2024-42127 , CVE-2024-42126 , CVE-2024-42124 , CVE-2024-42121 , CVE-2024-42120 , CVE-2023-52888 , CVE-2024-42106 , CVE-2024-42105 , CVE-2024-42104 , CVE-2024-42103 , CVE-2024-42102 , CVE-2024-42101 , CVE-2024-42100 , CVE-2024-42109 , CVE-2024-40947 , CVE-2024-42068 , CVE-2024-42067 , CVE-2024-42098 , CVE-2024-42097 , CVE-2024-42096 , CVE-2024-42095 , CVE-2024-42093 , CVE-2024-42094 , CVE-2024-42092 , CVE-2024-42090 , CVE-2024-42089 , CVE-2024-42087 , CVE-2024-42086 , CVE-2024-42084 , CVE-2024-42085 , CVE-2024-42070 , CVE-2024-42069 , CVE-2024-42068 , CVE-2024-42067 , CVE-2024-42082 , CVE-2024-42080 , CVE-2024-42079 , CVE-2024-42077 , CVE-2024-42076 , CVE-2024-42074 , CVE-2024-42073 , CVE-2023-52887 , CVE-2024-42063 , CVE-2024-41094 , CVE-2024-41093 , CVE-2024-41092 , CVE-2024-41089 , CVE-2024-41088 , CVE-2024-41087 , CVE-2024-41098 , CVE-2024-41097 , CVE-2024-41096 , CVE-2024-41095 , CVE-2024-41084 , CVE-2024-41009 , CVE-2024-39486 , CVE-2024-41006 , CVE-2024-41005 , CVE-2024-41004 , CVE-2024-40996 , CVE-2024-41002 , CVE-2024-41001 , CVE-2024-41000 , CVE-2024-40998 , CVE-2024-40997 , CVE-2024-40994 , CVE-2024-40993 , CVE-2024-40992 , CVE-2024-40990 , CVE-2024-40989 , CVE-2024-40988 , CVE-2024-40987 , CVE-2024-40995 , CVE-2024-40983 , CVE-2024-40984 , CVE-2024-40970 , CVE-2024-40978 , CVE-2024-40977 , CVE-2024-40976 , CVE-2024-40974 , CVE-2024-40973 , CVE-2024-40982 , CVE-2024-40981 , CVE-2024-40980 , CVE-2024-40971 , CVE-2024-40955 , CVE-2024-40954 , CVE-2024-40953 , CVE-2024-40952 , CVE-2024-40951 , CVE-2024-40969 , CVE-2024-40968 , CVE-2024-40967 , CVE-2024-40966 , CVE-2024-40948 , CVE-2024-40964 , CVE-2024-40963 , CVE-2024-40962 , CVE-2024-40961 , CVE-2024-40960 , CVE-2024-40959 , CVE-2024-40958 , CVE-2024-40957 , CVE-2024-40956 , CVE-2024-40929 , CVE-2024-40938 , CVE-2024-40937 , CVE-2024-40936 , CVE-2024-40935 , CVE-2024-40934 , CVE-2024-40932 , CVE-2024-40931 , CVE-2024-40945 , CVE-2024-40944 , CVE-2024-40943 , CVE-2024-40942 , CVE-2024-40941 , CVE-2024-40940 , CVE-2024-40939 , CVE-2024-40922 , CVE-2024-40921 , CVE-2024-40920 , CVE-2024-40919 , CVE-2024-40918 , CVE-2024-40916 , CVE-2024-40915 , CVE-2024-40928 , CVE-2024-40927 , CVE-2024-40925 , CVE-2024-40924 , CVE-2024-40923 , CVE-2024-40913 , CVE-2024-40914 , CVE-2024-40912 , CVE-2024-39503 , CVE-2024-39502 , CVE-2024-39501 , CVE-2024-39500 , CVE-2024-39499 , CVE-2024-39497 , CVE-2024-40911 , CVE-2024-40910 , CVE-2024-40909 , CVE-2024-40908 , CVE-2024-40906 , CVE-2024-40905 , CVE-2024-40904 , CVE-2024-40903 , CVE-2024-40902 , CVE-2024-39496 , CVE-2024-40901 , CVE-2024-40900 , CVE-2024-39509 , CVE-2024-39508 , CVE-2024-39507 , CVE-2024-39506 , CVE-2024-39505 , CVE-2024-39504 , CVE-2024-39494 , CVE-2024-39495 , CVE-2024-39469 , CVE-2024-39298 , CVE-2024-39371 , CVE-2024-37078 , CVE-2024-39493 , CVE-2024-39476 , CVE-2024-39485 , CVE-2024-39484 , CVE-2024-39483 , CVE-2024-39482 , CVE-2024-39481 , CVE-2024-39480 , CVE-2024-39479 , CVE-2024-39475 , CVE-2024-39473 , CVE-2024-39474 , CVE-2024-39471 , CVE-2024-39470 , CVE-2024-39468 , CVE-2024-39467 , CVE-2024-39466 , CVE-2024-39464 , CVE-2024-39461 , CVE-2024-39463 , CVE-2024-39462 , CVE-2024-39296 , CVE-2024-39276 , CVE-2024-38661 , CVE-2024-38385 , CVE-2024-37354 , CVE-2024-39362 , CVE-2024-39301 , CVE-2022-48772 , CVE-2024-39491 , CVE-2024-39490 , CVE-2024-39489 , CVE-2024-39488 , CVE-2024-37021 , CVE-2024-36479 , CVE-2024-35247 , CVE-2024-34030 , CVE-2024-34027 , CVE-2024-33847 , CVE-2024-39292 , CVE-2024-38667 , CVE-2024-39291 , CVE-2024-38384 , CVE-2024-38664 , CVE-2024-38663 , CVE-2024-36481 , CVE-2024-36477 , CVE-2024-34777 , CVE-2024-39277 , CVE-2024-38662 , CVE-2024-38780 , CVE-2024-38659 , CVE-2024-38634 , CVE-2024-38637 , CVE-2024-38636 , CVE-2024-38635 , CVE-2024-36484 , CVE-2024-36286 , CVE-2024-36281 , CVE-2024-36270 , CVE-2024-36244 , CVE-2024-33621 , CVE-2024-38633 , CVE-2024-38632 , CVE-2024-38630 , CVE-2024-38629 , CVE-2024-38628 , CVE-2024-38627 , CVE-2024-38625 , CVE-2024-38624 , CVE-2024-33619 , CVE-2024-38623 , CVE-2024-38622 , CVE-2024-38621 , CVE-2024-38391 , CVE-2024-38390 , CVE-2024-38388 , CVE-2024-38381 , CVE-2024-37356 , CVE-2024-37353 , CVE-2024-36489 , CVE-2023-52884 , CVE-2024-31076 , CVE-2024-38620 , CVE-2024-38617 , CVE-2024-38616 , CVE-2024-38615 , CVE-2024-38614 , CVE-2024-38613 , CVE-2024-38612 , CVE-2024-38611 , CVE-2024-38610 , CVE-2024-38618 , CVE-2024-38607 , CVE-2024-38605 , CVE-2024-38604 , CVE-2024-38603 , CVE-2024-38601 , CVE-2024-38602 , CVE-2024-38598 , CVE-2024-38597 , CVE-2024-38596 , CVE-2024-38593 , CVE-2024-38591 , CVE-2024-38600 , CVE-2024-38599 , CVE-2024-38589 , CVE-2024-38590 , CVE-2024-38575 , CVE-2024-38584 , CVE-2024-38583 , CVE-2024-38582 , CVE-2024-38581 , CVE-2024-38580 , CVE-2024-38579 , CVE-2024-38578 , CVE-2024-38577 , CVE-2024-38588 , CVE-2024-38587 , CVE-2024-38586 , CVE-2024-38585 , CVE-2024-38576 , CVE-2024-38568 , CVE-2024-38573 , CVE-2024-38572 , CVE-2024-38571 , CVE-2024-38570 , CVE-2024-38569 , CVE-2024-36979 , CVE-2024-38546 , CVE-2024-38545 , CVE-2024-38544 , CVE-2024-38543 , CVE-2024-38541 , CVE-2024-38567 , CVE-2024-38540 , CVE-2024-38566 , CVE-2024-38565 , CVE-2024-38564 , CVE-2024-38562 , CVE-2024-38561 , CVE-2024-38560 , CVE-2024-38559 , CVE-2024-38558 , CVE-2024-38557 , CVE-2024-38539 , CVE-2024-38556 , CVE-2024-38555 , CVE-2024-38554 , CVE-2024-38553 , CVE-2024-38552 , CVE-2024-38551 , CVE-2024-38550 , CVE-2024-38549 , CVE-2024-38548 , CVE-2024-38547 , CVE-2024-38538 , CVE-2024-36977 , CVE-2024-36975 , CVE-2024-36969 , CVE-2024-36968 , CVE-2024-36967 , CVE-2024-36965 , CVE-2024-36966 , CVE-2024-41011 , CVE-2024-36964 , CVE-2024-36963 , CVE-2024-36962 , CVE-2024-36960 , CVE-2024-36942 , CVE-2024-36951 , CVE-2024-36950 , CVE-2024-36949 , CVE-2024-36947 , CVE-2024-36946 , CVE-2024-36945 , CVE-2024-36944 , CVE-2024-36959 , CVE-2024-36957 , CVE-2024-36955 , CVE-2024-36954 , CVE-2024-36953 , CVE-2024-36952 , CVE-2024-36916 , CVE-2024-36914 , CVE-2024-36913 , CVE-2024-36912 , CVE-2024-36911 , CVE-2024-36941 , CVE-2024-36940 , CVE-2024-36939 , CVE-2024-36938 , CVE-2024-36937 , CVE-2024-36910 , CVE-2024-36934 , CVE-2024-36933 , CVE-2024-36931 , CVE-2024-36930 , CVE-2024-36929 , CVE-2024-36928 , CVE-2024-36927 , CVE-2024-36909 , CVE-2024-36926 , CVE-2024-36925 , CVE-2024-36924 , CVE-2024-36922 , CVE-2024-36921 , CVE-2024-36920 , CVE-2024-36919 , CVE-2024-36918 , CVE-2024-36917 , CVE-2024-36908 , CVE-2024-36880 , CVE-2024-36889 , CVE-2024-36888 , CVE-2024-36887 , CVE-2024-36886 , CVE-2024-36885 , CVE-2024-36883 , CVE-2024-36906 , CVE-2024-36905 , CVE-2024-36904 , CVE-2024-36903 , CVE-2024-36902 , CVE-2024-36901 , CVE-2024-36900 , CVE-2024-36882 , CVE-2024-36899 , CVE-2024-36898 , CVE-2024-36897 , CVE-2024-36896 , CVE-2024-36895 , CVE-2024-36894 , CVE-2024-36893 , CVE-2024-36891 , CVE-2024-36890 , CVE-2024-36881 , CVE-2024-36032 , CVE-2023-52882 , CVE-2024-36031 , CVE-2024-36028 , CVE-2024-36017 , CVE-2024-36011 , CVE-2024-36012 , CVE-2024-35947 , CVE-2024-35848 , CVE-2024-36029 , CVE-2024-35990 , CVE-2024-35999 , CVE-2024-35998 , CVE-2024-35997 , CVE-2024-35996 , CVE-2024-35995 , CVE-2024-35993 , CVE-2024-35992 , CVE-2024-36009 , CVE-2024-36008 , CVE-2024-36007 , CVE-2024-36006 , CVE-2024-36005 , CVE-2024-36004 , CVE-2024-36003 , CVE-2024-36000 , CVE-2024-35991 , CVE-2024-35989 , CVE-2024-35988 , CVE-2024-35987 , CVE-2024-35986 , CVE-2024-35985 , CVE-2024-35983 , CVE-2024-35984 , CVE-2024-35855 , CVE-2024-35854 , CVE-2024-35853 , CVE-2024-35852 , CVE-2024-35851 , CVE-2024-35850 , CVE-2024-35849 , CVE-2024-35858 , CVE-2024-35857 , CVE-2024-35856 , CVE-2024-35847 , CVE-2024-27396 , CVE-2024-27395 , CVE-2024-35981 , CVE-2024-35980 , CVE-2024-35869 , CVE-2024-35870 , CVE-2024-35812 , CVE-2024-27013 , CVE-2024-27020 , CVE-2024-27019 , CVE-2024-27018 , CVE-2024-27016 , CVE-2024-27015 , CVE-2024-27014 , CVE-2024-26988 , CVE-2024-26987 , CVE-2024-26986 , CVE-2024-26984 , CVE-2024-26983 , CVE-2024-27009 , CVE-2024-27008 , CVE-2024-27005 , CVE-2024-27004 , CVE-2024-27003 , CVE-2024-27002 , CVE-2024-27001 , CVE-2024-27000 , CVE-2024-26999 , CVE-2024-26981 , CVE-2024-26998 , CVE-2024-26997 , CVE-2024-26996 , CVE-2024-26994 , CVE-2024-26993 , CVE-2024-26992 , CVE-2024-26990 , CVE-2024-26989 , CVE-2024-26936 , CVE-2024-26980 , CVE-2024-26939 , CVE-2024-36025 , CVE-2024-36026 , CVE-2024-35961 , CVE-2024-35960 , CVE-2024-35959 , CVE-2024-35958 , CVE-2024-35956 , CVE-2024-35982 , CVE-2024-35955 , CVE-2024-35979 , CVE-2024-35978 , CVE-2024-35977 , CVE-2024-35976 , CVE-2024-35975 , CVE-2024-35974 , CVE-2024-35973 , CVE-2024-35972 , CVE-2024-35954 , CVE-2024-35971 , CVE-2024-35970 , CVE-2024-35969 , CVE-2024-35967 , CVE-2024-35962 , CVE-2024-35953 , CVE-2024-35952 , CVE-2024-35950 , CVE-2024-35951 , CVE-2024-26923 CVE-2024-36023 , CVE-2024-35941 , CVE-2024-35946 , CVE-2024-35945 , CVE-2024-35944 , CVE-2024-35943 , CVE-2024-35942 , CVE-2024-35925 , CVE-2024-35924 , CVE-2024-35923 , CVE-2024-35922 , CVE-2024-35921 , CVE-2024-35920 , CVE-2024-35940 , CVE-2024-35939 , CVE-2024-35938 , CVE-2024-35937 , CVE-2024-35919 , CVE-2024-35936 , CVE-2024-35935 , CVE-2024-35934 , CVE-2024-35933 , CVE-2024-35932 , CVE-2024-35930 , CVE-2024-35929 , CVE-2024-35928 , CVE-2024-35927 , CVE-2023-52699 , CVE-2024-35918 , CVE-2024-26817 , CVE-2024-36021 , CVE-2024-36020 , CVE-2024-36018 , CVE-2024-36019 , CVE-2024-35910 , CVE-2024-35917 , CVE-2024-35916 , CVE-2024-35915 , CVE-2024-35912 , CVE-2024-35911 , CVE-2024-35890 , CVE-2024-35888 , CVE-2024-35887 , CVE-2024-35886 , CVE-2024-35885 , CVE-2024-35884 , CVE-2024-35909 , CVE-2024-35908 , CVE-2024-35907 , CVE-2024-35905 , CVE-2024-35904 , CVE-2024-35903 , CVE-2024-35902 , CVE-2024-35901 , CVE-2024-35883 , CVE-2024-35900 , CVE-2024-35899 , CVE-2024-35898 , CVE-2024-35897 , CVE-2024-35896 , CVE-2024-35895 , CVE-2024-35893 , CVE-2024-35892 , CVE-2024-35891 , CVE-2024-35882 , CVE-2024-35860 , CVE-2024-35868 , CVE-2024-35867 , CVE-2024-35866 , CVE-2024-35865 , CVE-2024-35864 , CVE-2024-35863 , CVE-2024-35880 , CVE-2024-35862 , CVE-2024-35879 , CVE-2024-35878 , CVE-2024-35877 , CVE-2024-35876 , CVE-2024-35875 , CVE-2024-35872 , CVE-2024-35871 , CVE-2024-35861 , CVE-2024-35799 , CVE-2024-27393 , CVE-2024-27080 , CVE-2024-26928 , CVE-2024-26925 , CVE-2024-26921 CVE-2024-27055 CVE-2023-52671 , CVE-2024-35826 , CVE-2024-35824 , CVE-2024-35825 , CVE-2024-35804 , CVE-2024-35803 , CVE-2024-35802 , CVE-2024-35801 , CVE-2024-35800 , CVE-2024-35798 , CVE-2024-35823 , CVE-2024-35822 , CVE-2024-35821 , CVE-2024-35819 , CVE-2024-35818 , CVE-2024-35817 , CVE-2024-35816 , CVE-2024-35815 , CVE-2024-35797 , CVE-2024-35814 , CVE-2024-35813 , CVE-2024-35812 , CVE-2024-35811 , CVE-2024-35810 , CVE-2024-35809 , CVE-2024-35807 , CVE-2024-35806 , CVE-2024-35805 , CVE-2024-35795 , CVE-2024-35796 , CVE-2024-35792 , CVE-2024-35791 , CVE-2024-35790 , CVE-2024-35789 , CVE-2024-35787 , CVE-2024-35786 , CVE-2024-35784 , CVE-2024-35785 , CVE-2024-27063 , CVE-2024-27062 , CVE-2024-27061 , CVE-2024-27058 , CVE-2024-27059 , CVE-2024-26965 , CVE-2024-26974 , CVE-2024-26973 , CVE-2024-26971 , CVE-2024-26970 , CVE-2024-26969 , CVE-2024-26968 , CVE-2024-26979 , CVE-2024-26978 , CVE-2024-26977 , CVE-2024-26976 , CVE-2024-26975 , CVE-2024-26966 , CVE-2024-26937 , CVE-2024-26935 , CVE-2024-26934 , CVE-2024-26933 , CVE-2024-26931 , CVE-2024-26964 , CVE-2024-26963 , CVE-2024-26961 , CVE-2024-26960 , CVE-2024-26959 , CVE-2024-26958 , CVE-2024-26930 , CVE-2024-26957 , CVE-2024-26956 , CVE-2024-26955 , CVE-2024-26953 , CVE-2024-26951 , CVE-2024-26950 , CVE-2024-26929 , CVE-2024-26947 , CVE-2024-26946 , CVE-2024-26943 , CVE-2024-26940 , CVE-2024-26938 , CVE-2023-52647 , CVE-2023-52648 , CVE-2024-27437 , CVE-2024-26814 , CVE-2024-26813 , CVE-2024-26810 , CVE-2024-26812 )
binutils ( CVE-2023-1972 )
c-ares ( CVE-2024-25629 )
coreutils ( coreutils-2024-03-28 , CVE-2024-0684 )
curl ( CVE-2024-2004 , CVE-2024-2379 , CVE-2024-2398 , CVE-2024-2466 , CVE-2023-46218 , CVE-2023-46219 )
expat ( CVE-2023-52425 , CVE-2024-28757 )
gcc ( CVE-2023-4039 )
glibc ( CVE-2024-2961 , CVE-2024-33599 , CVE-2024-33600 , CVE-2024-33601 , CVE-2024-33602 , CVE-2023-5156 , CVE-2023-6246 , CVE-2023-6779 , CVE-2023-6780 )
gnupg ( gnupg-2024-01-25 )
gnutls ( CVE-2024-28834 , CVE-2024-28835 , CVE-2023-5981 , CVE-2024-0567 , CVE-2024-0553 )
intel-microcode ( CVE-2023-22655 , CVE-2023-28746 , CVE-2023-38575 , CVE-2023-39368 , CVE-2023-43490 , CVE-2023-23583 )
less ( CVE-2024-32487 )
libuv ( CVE-2024-24806 )
libxml2 ( CVE-2024-25062 , CVE-2023-45322 )
nghttp2 ( CVE-2024-28182 )
openssl ( CVE-2023-5678 , CVE-2023-6129 , CVE-2023-6237 , CVE-2024-0727 )
sudo ( CVE-2023-42465 )
traceroute ( CVE-2023-46316 )
vim ( CVE-2023-48231 , CVE-2023-48232 , CVE-2023-48233 , CVE-2023-48234 , CVE-2023-48235 , CVE-2023-48236 , CVE-2023-48237 , CVE-2023-48706 , CVE-2023-5344 , CVE-2023-5441 , CVE-2023-5535 , CVE-2023-46246 )
SDK: dnsmasq ( CVE-2023-28450 , CVE-2023-50387 , CVE-2023-50868 )
SDK: perl ( CVE-2023-47038 , CVE-2023-3817 , CVE-2023-5363 , CVE-2023-5678 )
SDK: python ( CVE-2023-6597 , CVE-2024-0450 , gh-81194 , gh-113659 , gh-102388 , gh-114572 , gh-115243 )

Bug fixes:

Fixed issue file generation from ‘/etc/issue.d’ ( scripts#2018 )
Fixed the handling of OEM update payloads in a Nebraska response with self-hosted packages ( ue-rs#49 )
Fixes kubevirt vm creation by ensuring that /dev/vhost-net exists ( Flatcar#1336 )
Hetzner: Fixed duplicated prefix in the Afterburn metadata ( scripts#2141 )
Removed custom CloudSigma coreos-cloudinit service configuration since it will be called with the cloudsigma oem anyway. The restart of the service can also cause the serial port to be stuck in an nondeterministic state which breaks future runs.
Resolved kmod static nodes creation in bootengine ( bootengine#85 )

Changes:

Added zram-generator package to the image ( scripts#1772 )
A new format qemu_uefi_secure is introduced to test Flatcar for SecureBoot-enabled features. The format will be later merged into qemu_uefi.
Added Intel igc driver to support I225/I226 family NICs. ( flatcar/scripts#1786 )
Added Hetzner images ( flatcar/scripts#1880 )
Added Hyper-V VHDX image ( flatcar/scripts#1791 )
Added Ignition Clevis support for encrypted disks unlocked with a TPM2 device or a Tang server ( scripts#1560 )
Added KubeVirt qcow2 image for amd64/arm64 ( flatcar/scripts#1962 )
Added Scaleway images ( flatcar/scripts#1683 )
Added support for unlocking the rootfs with a TPM set up by systemd-cryptenroll ( bootengine#93 )
Backported systemd-sysext mutable overlays functionality from yet-unreleased systemd v256. ( flatcar/scripts#1753 )
Enabled amd-pstate,amd-pstate-epp cpufreq drivers for some AMD CPUs in the kernel. ( flatcar/scripts#1770 )
Enabled ntpd by default on AWS & GCP, enabled chronyd by default on Azure. The native time sync source is used on each cloud. ( scripts#1792 )
Enabled the GRUB TPM2 module to measure the boot code path and files into PCR 8+9 in UEFI ( scripts#1861 )
Enabled the ptp_vmw module in the kernel.
Hetzner: Added COREOS_HETZNER_PRIVATE_IPV4_0 Afterburn attribute for Hetzner private IPs ( scripts#2141 )
Hyper-V images, both .vhd and .vhdx files are available as zip compressed, switching from bzip2 to a built-in available Windows compression - zip ( scripts#1878 )
OpenStack, Brightbox: Added the flatcar.autologin kernel cmdline parameter by default as the hypervisor manages access to the console ( scripts#1866 )
Provided a Podman Flatcar extension as optional systemd-sysext image with the release. Write ‘podman’ to /etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning ( scripts#1964 )
OpenStack: Changed metadata hostname source order. The service first tries with the config drive then fallback on the metadata service. ( bootengine#96 )
Provided a ZFS-2.2.2 Flatcar extension as optional systemd-sysext image with the release. Write ‘zfs’ to /etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning. ZFS support is experimental and ZFS is not supported for the root partition. ( flatcar/scripts#1742 )
Removed Linux drivers for Mellanox Technologies Switch ASICs family and Spectrum/Spectrum-2/Spectrum-3/Spectrum-4 Ethernet Switch ASICs to reduce the initrd size on AMD64 by ~5MB ( flatcar/scripts#1734 ). This change is part of the effort to reduce the initrd size ( Flatcar#1381 ).
Removed actool from the image and acbuild from the SDK as these tools are deprecated and not used ( scripts#1817 )
Scaleway: images are now provided directly as .qcow2 to ease the import on Scaleway ( scripts#1953 )
Switched ptp_kvm from kernel builtin to module.
The default VM memory was bumped to 2 GB in the Qemu script and for VMware OVFs
Update generation SLSA provenance info from v0.2 to v1.0.
Removed coreos-cloudinit support for automatic keys conversion (e.g reboot-strategy -> reboot_strategy) ( scripts#1687 )

Updates:

Linux ( 6.6.43 (includes 6.6.42 , 6.6.41 , 6.6.40 , 6.6.39 , 6.6.38 , 6.6.37 , 6.6.36 , 6.6.35 , 6.6.34 , 6.6.33 , 6.6.32 , 6.6.31 , 6.6.30 , 6.6.29 , 6.6.28 , 6.6.27 , 6.6.26 , 6.6.25 , 6.6.24 , 6.6.23 , 6.6.22 , 6.6.21 , 6.6.20 , 6.6.19 , 6.6.18 , 6.6.17 , 6.6.16 , 6.6.15 , 6.6.14 , 6.6.13 , 6.6.12 , 6.6.11 , 6.6.10 , 6.6.9 , 6.6.8 , 6.6.7 , 6.6 ))
Linux Firmware ( 20240513 (includes 20240410 , 20240312 , 20240220 , 20240115 , 20231211 ))
Go ( 1.20.14 (includes 1.20.13 ))
Ignition ( 2.18.0 (includes 2.17.0 , 2.16.2 , 2.16.1 and 2.16.0 ))
acl ( 2.3.2 )
afterburn ( 5.5.1 )
attr ( 2.5.2 )
audit ( 3.1.1 )
bash ( 5.2_p21 )
bind-tools ( 9.16.48 )
binutils ( 2.41 )
bpftool ( 6.7.6 (includes 6.5.7 ))
c-ares ( 1.27.0 (includes 1.26.0 , 1.25.0 , 1.21.0 ))
cJSON ( 1.7.17 )
ca-certificates ( 3.103 (includes 3.102 , 3.102.1 , 3.101.1 ))
checkpolicy ( 3.6 )
containerd ( 1.7.17 (includes 1.7.16 , 1.7.15 , 1.7.14 , 1.7.13 , 1.7.12 , 1.7.11 ))
coreutils ( 9.5 (includes 9.4 ))
curl ( 8.7.1 (includes 8.7.0 ,