Releases · microsoft/azurelinux (original) (raw)
3.0.20260602
Generic Kernel version-release: kernel-6.6.139.1-1
Add gcab 1.6 cabinet archive library package
Add koji.
Add support for Azure Container Linux in WALinuxAgent
Enable edk2 aarch64 VMF build.
Enable missing kernel-mshv configs per customer request
Fix azcopy ptest
Fix azcopy ptests failure
Fix Cython ptest
Fix docs: remove/deprecate references to 2.0
Fix docs: update readme
Fix docs: update readme text
Fix git-lfs ptest
Fix git-lfs ptests failure
Fix haproxy config file overwrite on upgrade
Fix libical ptest
Fix librelp ptest
Fix lujavrite ptest
Fix ptest issue for libmicrohttpd
Fix python‑markdown ptest
Fix python‑tqdm ptest
Fix systemd unmanaged interface in networkd
Fix systemd unnecessary nftables initialization by backporting upstream
Patch application-gateway-kubernetes-ingress for CVE-2026-42506, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-25681, CVE-2026-25680, CVE-2026-33814
Patch azcopy for CVE-2026-39821
Patch azurelinux-image-tools for CVE-2026-39821, CVE-2026-33814
Patch binutils for CVE-2025-3198
Patch binutils for CVE-2026-6846
Patch cert-manager for CVE-2026-46597, CVE-2026-42506, CVE-2026-39834, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-39835, CVE-2026-39828, CVE-2026-39827, CVE-2026-25681, CVE-2026-25680, CVE-2026-35469, CVE-2026-33814
Patch cf-cli for CVE-2026-46597, CVE-2026-42506, CVE-2026-39834, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-27136
Patch cloud-provider-kubevirt for CVE-2026-42506, CVE-2026-39821, CVE-2026-27136
Patch containerd2 for CVE-2026-27136, CVE-2026-39821, CVE-2026-39882, CVE-2026-33814, CVE-2026-42506,
Patch containerized-data-importer for CVE-2026-25681, CVE-2026-25680, CVE-2026-27136, CVE-2026-33814, CVE-2026-35469, CVE-2026-39821, CVE-2026-42502, CVE-2026-42506,
Patch coredns for CVE-2026-32936, CVE-2026-32934, CVE-2026-33489, CVE-2026-33190, CVE-2026-39821
Patch cri-tools for CVE-2026-35469, CVE-2026-42506, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-25681, CVE-2026-25680
Patch curl for CVE-2026-7168, CVE-2026-6276, CVE-2026-4873
Patch docker-buildx for CVE-2026-46597, CVE-2026-42506, CVE-2026-39834, CVE-2026-39832, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-27136, CVE-2026-35469
Patch docker-cli for CVE-2026-39821
Patch docker-compose for CVE-2026-35469, CVE-2026-46597, CVE-2026-42506, CVE-2026-39834, CVE-2026-39832, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-27136
Patch etcd for CVE-2026-39821, CVE-2026-29181
Patch fio for CVE-2026-30656
Patch firewalld for CVE-2026-4948
Patch flannel for CVE-2026-39821
Patch gdb for CVE-2025-1178, CVE-2025-1176, CVE-2026-6846
Patch gh for CVE-2026-46597, CVE-2026-42506, CVE-2026-39834, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-27136
Patch git-lfs for CVE-2026-39821
Patch glibc for CVE-2026-4046
Patch gnutls for CVE-2026-33845, CVE-2026-3832, CVE-2026-33846, CVE-2026-42010, CVE-2026-42009
Patch ignition-flatcar for CVE-2026-29181, CVE-2026-33814, CVE-2026-39821
Patch influxdb for CVE-2026-41602, CVE-2026-42506, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-25681, CVE-2026-25680
Patch jq for CVE-2026-43896, CVE-2026-43895, CVE-2026-41257, CVE-2026-41256, CVE-2026-40612, CVE-2026-44777
Patch jx for CVE-2026-39821
Patch kata-containers for CVE-2026-41602, CVE-2026-39821, CVE-2026-33814
Patch kata-containers-cc for CVE-2026-41602, CVE-2026-39821, CVE-2026-33814
Patch keda for CVE-2026-42506, CVE-2026-39821, CVE-2026-27136, CVE-2026-35469
Patch kf-kcoreaddons for CVE-2026-41526
Patch krb5 for CVE-2026-40356
Patch kube-vip-cloud-provider for CVE-2026-42506, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-25681, CVE-2026-25680
Patch kubernetes for CVE-2026-46597, CVE-2026-42506, CVE-2026-39834, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-39835, CVE-2026-39827, CVE-2026-25681, CVE-2026-25680
Patch kubevirt for CVE-2026-7374, CVE-2026-33814, CVE-2026-35469, CVE-2026-46597, CVE-2026-42506, CVE-2026-39829, CVE-2026-39834, CVE-2026-39830, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-39835, CVE-2026-39828, CVE-2026-39827, CVE-2026-25681, CVE-2026-25680
Patch kured for CVE-2026-35469, CVE-2026-39821
Patch libssh for CVE-2026-0968
Patch libyang for CVE-2026-41401, CVE-2026-44673
Patch memcached for CVE-2026-47783, CVE-2026-47784
Patch moby-containerd-cc for CVE-2026-35469, CVE-2026-39821
Patch moby-engine for CVE-2026-46597, CVE-2026-39834, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-39835, CVE-2026-39827
Patch multus for CVE-2026-42506, CVE-2026-39821, CVE-2026-27136
Patch nano for CVE-2026-6843, CVE-2026-6842
Patch nginx for CVE-2026-8711, CVE-2026-9256,CVE-2026-42946, CVE-2026-42945, CVE-2026-42934, CVE-2026-40701, CVE-2026-40460
Patch nvidia-container-toolkit for CVE-2026-39834, CVE-2026-39830
Patch opa for CVE-2026-39821
Patch openvswitch for CVE-2026-34956
Patch packer for CVE-2026-33814, CVE-2026-46597, CVE-2026-42508, CVE-2026-42506, CVE-2026-39834, CVE-2026-39832, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-27136, CVE-2026-46598, CVE-2026-42502, CVE-2026-39835, CVE-2026-39828, CVE-2026-39827, CVE-2026-25681, CVE-2026-25680
Patch perl-XML-LibXML for CVE-2026-8177
Patch prometheus-adapter for CVE-2026-42506, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-25681, CVE-2026-25680
Patch prometheus-node-exporter for CVE-2026-39821
Patch prometheus-process-exporter for CVE-2026-39821
Patch python-click for CVE-2026-7246
Patch python-pip for CVE-2026-3219, CVE-2026-6357
Patch python-twisted for CVE-2026-42304
Patch python-urllib3 for CVE-2026-44431
Patch Python-virtualenv for CVE-2026-3219, CVE-2026-6357
Patch python3 for CVE-2026-1502
Patch pytorch for CVE-2025-51480
Patch rabbitmq-server for CVE-2026-8466, CVE-2026-7790, CVE-2026-43968
Patch rust-afterburn for CVE-2026-25541
Patch skopeo for CVE-2026-39821
Patch sriov-network-device-plugin for CVE-2026-42506, CVE-2026-39821, CVE-2026-27136, CVE-2026-42502, CVE-2026-25681, CVE-2026-25680
Patch systemd for CVE-2026-40226, CVE-2026-40225
Patch telegraf for CVE-2026-41602, CVE-2026-42154, CVE-2026-46597, CVE-2026-42508, CVE-2026-42506, CVE-2026-39834, CVE-2026-39832, CVE-2026-39830, CVE-2026-39829, CVE-2026-39821, CVE-2026-27136, CVE-2026-42151, CVE-2026-41889
Patch thrift for CVE-2026-41636, CVE-2026-41605, CVE-2026-41603, CVE-2026-41602, CVE-2025-48431
Patch vitess for CVE-2026-39821
qemu: Enable user_static builds for providing user mode emulation.
Remove nodejs 20 package and make nodejs 24 as default nodejs package
Resolved ptest failure in azcopy package
Resolved ptest failure in git-lfs package
Resolved ptest failure in libical by upgrading to version 3.0.10
Resolved ptest failure in lujavrite package
Upgrade azurelinux-image-tools to 1.4.0 (fasttrack)
Upgrade bind to 9.20.23 for CVE-2026-3039, CVE-2026-3592, CVE-2026-3593, CVE-2026-5946, CVE-2026-5947, CVE-2026-5950
Upgrade containerd2 to 2.2.4
Upgrade cups to 2.4.19 for CVE-2026-41079
Upgrade dnsmasq to 2.92 for CVE-2026-2291, CVE-2026-4890, CVE-2026-4891, CVE-2026-4892, CVE-2026-4893, CVE-2026-5172
Upgrade etcd to 3.5.30 for CVE-2026-44283
Upgrade frr to 10.5.4 for CVE-2026-37457
Upgrade golang to 1.25.10-1
Upgrade golang to 1.26.3-1
Upgrade haveged to 1.9.22 for CVE-2026-41054
Upgrade httpd to 2.4.67 for CVE-2026-29168, CVE-2026-24072, CVE-2026-34059, CVE-2026-23918, CVE-2026-33857, CVE-2026-34032, CVE-2026-33006, CVE-2026-33007, CVE-2026-29169, CVE-2026-33523
Upgrade kernel-mshv and kernel-uvm to 6.6.137.mshv1
Upgrade libpng to 1.6.58 for a regression introduced in version 1.6.56 that caused to return stale palette data after applying gamma and background transforms in-place
Upgrade mariadb to 10.11.18 for CVE-2026-44168, CVE-2026-44169, CVE-2026-44170, CVE-2026-44171, CVE-2026-44172, CVE-2026-44173, CVE-2026-48165, CVE-2026-48163
Upgrade perl-libwww-perl to 6.83 for CVE-2026-8368
Upgrade pgbouncer to 1.25.2 for CVE-2026-6664, CVE-2026-6665, CVE-2026-6666, CVE-2026-6667
Upgrade php to 8.3.31 for CVE-2026-7261, CVE-2026-7258, CVE-2026-6722, CVE-2026-6735, CVE-2026-7262, CVE-2025-14179, CVE-2026-7568, CVE-2026-7259
Upgrade postgresql to 16.14 for CVE-2026-6473, CVE-2026-6479, CVE-2026-6638, CVE-2026-6474, CVE-2026-6475, CVE-2026-6477, CVE-2026-6478, CVE-2026-6472, CVE-2026-6637
Upgrade python-mistune to 3.2.1 for CVE-2026-33079
Upgrade rsync to 3.4.3 for CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232, CVE-2026-29518, CVE-2026-41035
Upgrade unbound to 1.25.1 for CVE-2026-33278, CVE-2026-42944, CVE-2026-42959, CVE-2026-32792, CVE-2026-40622, CVE-2026-41292, CVE-2026-42534, CVE-2026-42923, CVE-2026-42960, CVE-2026-44390, CVE-2026-44608
Upgrade valkey to 8.0.9 for CVE-2026-23479, CVE-2026-25243, CVE-2026-23631
Upgrade vim to 9.2.0488 for CVE-2026-45130, CVE-2026-44656, CVE-2026-46483
3.0.20260517
Generic Kernel version-release: kernel-6.6.139.1-1
Upgrade kernel to 6.6.139.1-1 for CVE-2026-46333
Upgrade kernel-hwe to 6.12.89.1-1 for CVE-2026-46333
3.0.20260510
Generic Kernel version-release: kernel-6.6.138.1-1
This kernel only release is to resolve the "CopyFail2" aka "dirty-frag" security vulnerability: CVE-2026-43284 / CVE-2026-43500
Upgrade kernel to version 6.6.138.1-1
Upgrade kernel to version 6.12.87.1
3.0.20260506
Generic Kernel version-release: kernel-6.6.137.1-2
Add extra macros parameter to PackageBuild.yml
Add ignition to SPECS/SPECS-EXTENDED
Add rust-afterburn to SPECS/SPECS-EXTENDED
Build Wireshark package with Lua support
Cleanup unwanted files for coreos-init
Enable CONFIG_IKCONFIG_PROC on arm64 kernel
Fix c-ares ptest
Fix check before copying cfg.SrpmsDir
Fix IC golden container pip install failure under CFSClean network isolation
Fix python-google-auth-oauthlib ptest
Fix python-pytest-xdist ptest
Fix qemu-guest-agent startup failure by replacing --blacklist with --block-rpcs
Fix shim update sbat csv to match architecture
Fix systemd pcrlock failure on Hyper-V VMs with vTPM
Improve Live Migration support in QEMU
Patch avahi for CVE-2026-34933
Patch binutils for CVE-2025-69652, CVE-2025-69649, CVE-2025-69646, CVE-2025-69645, CVE-2025-11839, CVE-2025-1148, CVE-2025-1147, CVE-2025-69647, CVE-2026-4647
Patch clamav for CVE-2026-33056, CVE-2026-33055
patch containerd2 for CVE-2026-35469, CVE-2026-34986
Patch containerized-data-importer for CVE-2026-32288
Patch crash for CVE-2026-4647
Patch curl for CVE-2026-3784, CVE-2026-3783, CVE-2026-1965
Patch edk2 for CVE-2026-28390, CVE-2026-28389
Patch emacs for CVE-2026-6861
Patch erlang for CVE-2026-28808, CVE-2026-32147
Patch expat for CVE-2026-32778, CVE-2026-32777, CVE-2026-32776
Patch fluent-bit for CVE-2025-63652 and CVE-2025-63657
Patch frr for CVE-2026-28532, CVE-2026-5107
Patch gdb for CVE-2026-4647
Patch gdk-pixbuf2 for CVE-2026-5201
Patch gh for CVE-2026-32288, CVE-2026-5160
Patch haproxy for CVE-2026-33555
Patch ignition-flatcar for CVE-2026-27141
Patch jq for CVE-2026-40164, CVE-2026-39979, CVE-2026-39956, CVE-2026-33948, CVE-2026-33947, CVE-2026-32316
Patch keras for CVE-2026-1669
Patch kubernetes for CVE-2026-35469
Patch lcms2 for CVE-2026-41254
Patch libarchive for CVE-2026-5121, CVE-2026-4426, CVE-2026-4424
Patch libcap for CVE-2026-4878
Patch libexif for CVE-2026-40386, CVE-2026-40385
Patch libgcrypt for CVE-2026-41989
Patch libsoup for CVE-2026-2436
Patch libssh for CVE-2026-0967, CVE-2026-0966, CVE-2026-0965, CVE-2026-0964
Patch libssh2 for CVE-2026-7598
Patch libtiff for CVE-2026-4775
Patch mesa for CVE-2026-40393
Patch moby-containerd-cc for CVE-2026-39882
Patch moby-engine for CVE-2026-32288, CVE-2026-39882
Patch nodejs for CVE-2026-21716, CVE-2026-21715, CVE-2026-21714, CVE-2026-21713, CVE-2026-21710
Patch nodejs24 for CVE-2026-33672, CVE-2026-33671, CVE-2026-21710, CVE-2026-21637, CVE-2026-21717, CVE-2026-21713, CVE-2026-21714, CVE-2026-21712, CVE-2026-21716, CVE-2026-21715
Patch ntfs-3g for CVE-2026-40706
Patch openssh for CVE-2026-35414, CVE-2026-35388, CVE-2026-35386, CVE-2026-35385
Patch openssl for ....
Patch perl-XML-Parser for CVE-2006-10003, CVE-2006-10002
Patch poetry for CVE-2026-34591
Patch protobuf for CVE-2026-6409
Patch python-lxml for CVE-2026-41066
Patch python-mako for CVE-2026-41205
Patch python-wheel for CVE-2026-24049
Patch pytorch for CVE-2026-34446, CVE-2026-34445
Patch rpm-ostree for CVE-2026-33056, CVE-2026-33055
Patch ruby for CVE-2026-27820
Patch rubygem-faraday for CVE-2026-25765
Patch rubygem-rdiscount for CVE-2026-35201
Patch rust for CVE-2026-2006, CVE-2026-33056, CVE-2026-33055, CVE-2026-34743
Patch sed for CVE-2026-5958
Patch skopeo for CVE-2026-32288
Patch sleuthkit for CVE-2026-40026, CVE-2026-40025, CVE-2026-40024
Patch sqlite for CVE-2025-70873
Patch sudo for CVE-2026-35535
Patch systemd-bootstrap for CVE-2026-29111
Patch telegraf for CVE-2026-33216, CVE-2026-29785 CVE-2026-5160
Patch util-linux for CVE-2026-3184, CVE-2026-27456
Patch vim for CVE-2026-34714, CVE-2026-34982, CVE-2026-35177, CVE-2026-39881, CVE-2026-41411
Patch xorg-x11-server-Xwayland for CVE-2026-34003, CVE-2026-34001, CVE-2026-33999
Patch xz for CVE-2026-34743
Update kernel-uvm-micro config to be able to start kata pod
Upgrade buildah to 1.43.1
upgrade clamav to 1.5.2
Upgrade cloud-hypervisor to v51.1.56
Upgrade containerd2 version to 2.1.6
Upgrade cups to 2.4.18 for CVE-2026-39316, CVE-2026-39314, CVE-2026-34979, CVE-2026-34980 and to fix cupsd crash if user does not exist.
Upgrade erlang to 26.2.5.20 for CVE-2026-28808 and CVE-2026-32147
Upgrade freeipmi to 1.6.17 for CVE-2026-33554
Upgrade golang to 1.26.2-1 and 1.25.9-1
Upgrade irqbalance to 1.9.5 and patch for ENOSPC handling
Upgrade kernel to 6.6.137.1
Upgrade kernel version-release: kernel-6.6.137.1-2
Upgrade kernel-mshv to 6.6.135.mshv2
Upgrade kernel-uvm to 6.6.130.mshv1
Upgrade libpng to 1.6.57 for CVE-2026-34757
Upgrade mysql to 8.0.46
Upgrade python-ecdsa to 0.19.2 for CVE-2026-33936
Upgrade rubygem-addressable to 2.9.0 for CVE-2026-35611
Upgrade vim to 9.2.0323 for CVE-2026-34714, CVE-2026-34982, CVE-2026-35177, CVE-2026-39881, CVE-2026-41411
Note
On the next monthly update (the June Update) the nodejs package will automatically redirect to nodejs24. nodejs20 is End of Life and no longer supported.
3.0.20260401
Generic Kernel version-release: kernel-6.6.130.1-3
Add azure-vm-utils to SPECS/SPECS-EXTENDED
Add bootengine to SPECS/SPECS-EXTENDED
Add coreos-cloudinit to SPECS/SPECS-EXTENDED
Add coreos-init to SPECS/SPECS-EXTENDED
Add kata-containers-preview to SPECS/SPECS-EXTENDED
Add Kernel config validation tool
Add Nodejs24 container and distroless image
Add support for kernel flavor versioning
Add update-ssh-keys to SPECS/SPECS-EXTENDED
Add uvm micro kernel to SPECS/SPECS-EXTENDED
Enable crypto kernel configs in kernel version 6.12
Enable lz4, lz4hc and zstd zram compression
Fix Cisco Telegraf
Fix docker engine multiarch image push
Fix espeak-ng ptest
Fix fontconfig ptest
Fix libsoup with_check condition
Fix ntpdate-wrapper binary path
Fix python-daemon ptest regression
Fix python-fields ptest
Fix shim-unsigned-* separately from shim
Patch azurelinux-image-tools for CVE-2026-27141
Patch cmake for CVE-2026-27135
Patch coredns for CVE-2026-26018, CVE-2026-26017
Patch dcos-cli for CVE-2025-30204
Patch edk2 for CVE-2025-69419 and align edk2-hvloader-signed release
Patch flannel for CVE-2026-32241
Patch freetype for CVE-2026-23865
Patch giflib for CVE-2026-23868
Patch glibc for CVE-2026-4437, CVE-2026-4438
Patch grub2 for CVE-2025-0622 and increase SBAT to grub,5
Patch hdf5 for CVE-2025-2915
Patch kernel to enable CONFIG_TCP_CONG_BBR3
Patch kernel-mshv to enable CONFIG_WIREGUARD
Patch libarrow for CVE-2026-25087
Patch libarchive for CVE-2026-4111
Patch libexif for CVE-2026-32775
Patch libssh for CVE-2026-3731
Patch libsoup for CVE-2026-0716, CVE-2026-2443, CVE-2026-2369
Patch libvirt for TPM patches
Patch nasm for CVE-2022-46456
Patch ncurses for CVE-2025-69720
Patch netavark for CVE-2026-25541
Patch nghttp2 for CVE-2026-27135
Patch nodejs for CVE-2026-27135
Patch ocaml for CVE-2026-28364
Patch plexus-utils for CVE-2025-67030
Patch pyOpenSSL for CVE-2026-27459, CVE-2026-27448
Patch python-pyasn1 for CVE-2026-30922
Patch python3 for CVE-2026-4519
Patch python-requests for CVE-2026-25645
Patch python-virtualenv for CVE-2025-50181, CVE-2026-24049, CVE-2026-1703
Patch rpm-ostree for CVE-2026-25541, CVE-2025-58160
Patch rust for CVE-2026-25541, CVE-2026-25727, CVE-2023-48795
Patch skopeo for CVE-2026-24117
Patch squid for CVE-2026-33526, CVE-2026-33515, CVE-2026-32748
Patch strongswan for CVE-2026-25075
Patch telegraf for CVE-2026-4645
Patch vim for CVE-2026-32249 CVE-2026-33412
Upgrade bind to 9.20.21 for CVE-2026-3591, CVE-2026-3119, CVE-2026-3104, CVE-2026-1519
Upgrade erlang to 26.2.5.18 for CVE-2026-23941, CVE-2026-23942, CVE-2026-23943
Upgrade etcd to 3.5.28 for CVE-2026-33413, CVE-2026-33343
Upgrade frr to 10.5.0
Upgrade golang to 1.26.1-1
Upgrade kernel to 6.6.130.1 and reapply recent BBR3 and zram compressions. Includes crackarmor fix CVE-2026-23269
Upgrade kernel-hwe to 6.12.78.2.1 for CVE-2026-23269.
Upgrade KubeVirt to v1.7.1
Upgrade libpng to 1.6.56 for CVE-2026-33636, CVE-2026-33416
Upgrade mariadb to 10.11.16 for CVE-2026-3494
Upgrade nginx to 1.28.3 for CVE-2026-27654, CVE-2026-27784, CVE-2026-32647, CVE-2026-27651, CVE-2026-28753, CVE-2026-28755
Upgrade shim to v16.1
Upgrade SymCrypt-OpenSSL to 1.9.5
Upgrade trident to v0.22
Additional Notes:
Kernel-hwe was upgraded to 6.12.78.2.1 resulting in a rebuild of cuda-open-hwe OOT module (cuda-open-hwe-580.105.08-7_6.12.78.2.1.azl3.aarch64.rpm)
Note that in a bare metal test scenario, running nvidia-smi caused the kernel to crash with "Trying to vfree() nonexistent vm area (000000001f7525a8)". In virtualized scenarios all testing passed.
2.0.20260331
Generic Kernel version-release: kernel-5.15.202.1-1
Bump collectd and keepalived releases
Fix systemd ipc dbus communication issue
Patch cmake for CVE-2025-14524, CVE-2025-10966, CVE-2026-27135
Patch coredns for CVE-2026-26018, CVE-2026-26017
Patch erlang for CVE-2026-23943, CVE-2026-23942, CVE-2026-23941
Patch freetype for CVE-2026-23865
Patch giflib for CVE-2026-23868
Patch glib for CVE-2026-1489, CVE-2026-0988
Patch hdf5 for CVE-2025-2915
Patch libarchive for CVE-2026-4111
Patch libexif for CVE-2026-32775
Patch libsoup for CVE-2026-1801, CVE-2026-1761, CVE-2026-1467
Patch mariadb for CVE-2026-3494
Patch mysql for CVE-2025-0838, CVE-2024-2410
Patch nasm for CVE-2022-46456
Patch ncurses for CVE-2025-69720
Patch nghttp2 for CVE-2026-27135
Patch nginx for CVE-2026-32647, CVE-2026-28753, CVE-2026-27784, CVE-2026-27654, CVE-2026-27651, CVE-2026-28755
Patch nodejs18 for CVE-2026-27135
Patch ocaml for CVE-2026-28364
Patch openssl for PKCS12_item_decrypt_d2i_ex(): Check oct argument for NULL
Patch plexus-utils for CVE-2025-67030
Patch python-pyasn1 for CVE-2026-30922
Patch python-urllib3 for CVE-2025-66471
Patch python-virtualenv for CVE-2026-1703, CVE-2026-24049
Patch qemu for CVE-2024-8354
Patch qt5-qtdeclarative for CVE-2025-12385
Patch rook for CVE-2025-30204, CVE-2025-11065
Patch rust for CVE-2026-25541, CVE-2026-25727, CVE-2025-58160, CVE-2026-27171
Patch skopeo for CVE-2026-24117
Patch systemd-bootstrap for CVE-2026-29111
Patch telegraf for CVE-2026-4645
Patch terraform for CVE-2026-4645
Patch vim for CVE-2026-32249, CVE-2026-33412
Patch vitess for CVE-2026-27969, CVE-2026-27965
Rebuild lldpd & rsyslog for net-snmp-libs to version 5.9.5.2-1
Upgrade etcd to 3.5.28 for CVE-2026-33413, CVE-2026-33343
Upgrade libpng to 1.6.56 for CVE-2026-33636, CVE-2026-33416
Upgrade msft-golang to 1.25.8
3.0.20260304
Generic Kernel version-release: kernel-6.6.126.1-1
Add 6.6 kernel config options to 6.12 for Aquantia AQtion DMA P2P DM cache
Add OpenSSL FIPS provider
Add Trident RPM for 0.21.0 and Upgrade ImageCustomizer RPM to 1.2.0
Enable additional tracing in kernel-mshv
Enable kernel LWTUNNEL_BPF and SCHED_CORE
Enable kernel-hwe lwtunnel,lwtunnel_bpf,sched_core
First iteration fips boot support for 6.12 kernel
Patch abseil-cpp for CVE-2025-0838
Patch alsa-lib for CVE-2026-25068
Patch application-gateway-kubernetes-ingress for CVE-2025-58190, CVE-2025-47911
Patch binutils for CVE-2025-0840, CVE-2025-1176, CVE-2025-1178, CVE-2025-1181, CVE-2025-1182
Patch cert-manager for CVE-2025-11065, CVE-2025-58190, CVE-2025-47911
Patch cf-cli for CVE-2025-47911, CVE-2025-58190
Patch cloud-hypervisor for CVE-2026-27211
Patch cloud-provider-kubevirt for CVE-2025-58190, CVE-2025-47911
Patch cmake for CVE-2025-10966, CVE-2025-14524
Patch cni for CVE-2025-47911
Patch cni-plugins for CVE-2025-47911, CVE-2025-58190
Patch containerd2 for CVE-2025-58190, CVE-2025-47911
Patch containerized-data-importer for CVE-2025-58190, CVE-2025-47911
Patch coredns for CVE-2025-11065
Patch cri-tools for CVE-2025-58190, CVE-2025-47911
Patch dasel for CVE-2025-58190, CVE-2025-47911
Patch docker-buildx for CVE-2025-11065, CVE-2025-58190, CVE-2025-47911
Patch docker-cli for CVE-2025-11065
Patch docker-compose for CVE-2025-11065, CVE-2025-58190, CVE-2025-47911
Patch gh for CVE-2025-11065, CVE-2026-23991, CVE-2026-23992, CVE-2026-24117, CVE-2025-58190, CVE-2025-47911
Patch glib for CVE-2026-1489
Patch influxdb for CVE-2025-11065, CVE-2025-58190, CVE-2025-47911, CVE-2025-30204
Patch javapackages-bootstrap for CVE-2026-24400
Patch kata-containers for CVE-2026-24834, CVE-2026-25727, CVE-2025-65637, CVE-2026-25541, CVE-2025-11065
Patch keda for CVE-2025-11065, CVE-2026-2303, CVE-2025-58190, CVE-2025-47911
Patch kube-vip-cloud-provider for CVE-2025-58190, CVE-2025-47911
Patch kubernetes for CVE-2025-47911, CVE-2025-58190
Patch kubevirt for CVE-2025-11065, CVE-2025-58190, CVE-2025-47911
Patch kured for CVE-2025-11065
Patch libsoup for CVE-2026-1801, CVE-2026-1761, CVE-2026-1536, CVE-2025-32049, CVE-2026-1467
Patch libtiff for CVE-2025-61144, CVE-2025-61143
Patch libxml2 for CVE-2026-0990, CVE-2026-0992, CVE-2025-8732
Patch multus for CVE-2025-47911, CVE-2025-58190
Patch nodejs24 for CVE-2025-69418
Patch npm coexistence with respective nodejs versions
Patch opa for CVE-2025-11065
Patch packer for CVE-2025-11065, CVE-2025-58190, CVE-2025-47911
Patch prometheus-adapter for CVE-2025-47911, CVE-2025-58190
Patch protobuf for CVE-2026-0994
Patch python-cryptography for CVE-2026-26007
Patch python-pip for CVE-2026-1703
Patch python3 for CVE-2026-1299
Patch pytorch for CVE-2026-0994
Patch rust for CVE-2025-68114, CVE-2025-4207, CVE-2025-55159, CVE-2025-12818, CVE-2025-67873, CVE-2026-24116, CVE-2025-58160
Patch skopeo for CVE-2025-11065
Patch sriov-network-device-plugin for CVE-2025-47911, CVE-2025-58190
Patch systemd for ipc issue (Fixes issue relating to dbus-based ipc communication)
Patch telegraf for CVE-2025-11065, CVE-2025-47911, CVE-2026-27571, CVE-2026-26014, CVE-2026-2303, CVE-2025-58190,
Patch tensorflow for CVE-2026-2492
Patch vitess for CVE-2025-11065,CVE-2026-27969, CVE-2026-27965
Upgrade erlang to 26.2.5.17 for CVE-2026-21620
Upgrade golang to 1.26.0-1
Upgrade kernel to 6.6.126.1
Upgrade kernel-mshv to 6.6.121.mshv1
Upgrade kubevirt to 1.7.0, libvirt to 10.10.0 and QEMU to 9.1.0
Upgrade libpng to 1.6.55 for CVE-2026-25646
Upgrade munge to 0.5.18 for CVE-2026-25506
Upgrade nginx to 1.28.2 for CVE-2026-1642
Upgrade postgresql to 16.12 for CVE-2026-2003, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006, CVE-2026-2007
Upgrade python-virtualenv to 20.36.1 for CVE-2026-22702
Upgrade valkey to 8.0.7 for CVE-2026-21863, CVE-2025-67733
Upgrade vim to 9.2.0088 for CVE-2026-25749, CVE-2026-26269, CVE-2026-28417, CVE-2026-28418, CVE-2026-28419, CVE-2026-28420, CVE-2026-28421, CVE-2026-28422
Upgrade zlib to 1.3.2 for CVE-2026-27171
2.0.20260304
Generic Kernel version-release: kernel-5.15.200.1-1
Patch abseil-cpp for CVE-2025-0838
Patch alsa-lib for CVE-2026-25068
Patch application-gateway-kubernetes-ingress for CVE-2025-30204, CVE-2025-47911
Patch azl-compliance for CVE-2026-25541, CVE-2026-25727
Patch binutils for CVE-2025-1147, CVE-2025-1148, CVE-2025-11839
Patch busybox for CVE-2026-26157
Patch cert-manager for CVE-2025-11065, CVE-2025-58190, CVE-2025-47911
Patch cf-cli for CVE-2025-47911, CVE-2025-30204
Patch cni for CVE-2025-47911
Patch cni-plugins for CVE-2025-58190, CVE-2025-47911
Patch containerized-data-importer for CVE-2025-47911
Patch cri-o for CVE-2025-11065, CVE-2025-47911
Patch cri-tools for CVE-2025-58190, CVE-2025-47911
Patch dcos-cli for CVE-2025-30204
Patch edk2 for CVE-2026-22795, CVE-2025-69421, CVE-2025-69419, CVE-2025-69420, CVE-2026-22796, CVE-2025-69418, CVE-2025-68160
Patch expat for CVE-2026-25210
Patch gh for CVE-2025-47911
Patch glibc for CVE-2025-15281
Patch helm for CVE-2025-58190, CVE-2025-47911
Patch influxdb for CVE-2025-47911, CVE-2025-30204, CVE-2025-11065
Patch jx for CVE-2025-30204
Patch keda for CVE-2025-11065, CVE-2025-47911, CVE-2025-30204
Patch kube-vip-cloud-provider for CVE-2025-11065, CVE-2025-30204
Patch kubernetes for CVE-2025-47911, CVE-2025-58190
Patch kubevirt for CVE-2025-11065, CVE-2025-47911, CVE-2025-30204
Patch kured for CVE-2025-11065
Patch libpcap for CVE-2025-11961
Patch libsoup for CVE-2025-32049, CVE-2026-1536, CVE-2026-0716
Patch libxml2 for CVE-2025-8732
Patch moby-buildx for CVE-2025-11065
Patch moby-cli for CVE-2025-11065
Patch moby-compose for CVE-2025-11065
Patch multus for CVE-2025-58190, CVE-2025-47911
Patch opa for CVE-2025-11065
Patch openssl for ASN1 validation, BIO buffer overflow, OCB encryption, UTF8 encoding, and PKCS12 NULL checks
Patch packer for CVE-2025-11065, CVE-2025-47911, CVE-2025-58190
Patch prometheus for CVE-2025-11065
Patch prometheus-adapter for CVE-2025-47911
Patch python3 for CVE-2026-0865, CVE-2025-12084
Patch skopeo for CVE-2025-11065
Patch sriov-network-device-plugin for CVE-2025-58190, CVE-2025-47911
Patch telegraf for CVE-2026-27571, CVE-2026-26014, CVE-2026-2303, CVE-2025-58190, CVE-2025-47911, CVE-2025-11065
Patch terraform for CVE-2025-11065, CVE-2025-47911
Patch vitess for CVE-2025-11065, CVE-2025-47911, CVE-2025-58190
Upgrade python-virtualenv to 20.36.1 for CVE-2026-22702
Upgrade vim to 9.2.0088 for CVE-2026-28417, CVE-2026-28418, CVE-2026-28419, CVE-2026-28420, CVE-2026-28421, CVE-2026-28422
3.0.20260204
Generic Kernel version-release: kernel-6.6.121.1-1
Add Gen1 marketplace image with HWE kernel 6.12
Add llhttp to SPECS/SPECS-EXTENDED
Add option to require explicit gpg key verification for image builds
Add patches from fedora f40 to fix tests with new versions of openssl and python
Enable aarch64 HWE kernel configs for performance improvements
Enable CONFIG_FTRACE_SYSCALLS for kernel-mshv
Enable CONFIG_INET_DIAG_DESTROY for kernel
Enable CONFIG_SQUASHFS_ZSTD and CONFIG_FW_CFG_SYSFS for kernel
Enable xfrm_interface for kernel
Fix by adding useful debug message when files are missing from config
Fix containerd2 credential leak in CRI error logs
Fix crash-gcore by adding upstream set_context patch
Fix edk2 merge conflict and update changelog
Fix imager to avoid truncating arbitrary host files
Fix javacc build issue
Fix kexec-tools dependency selection
Fix OSGuard OS disk size to 30 GB
Fix podman install issue and add required dependent packages
Fix systemd network/tc stack overflow when dropping tclass or qdisc
Patch avahi for CVE-2025-68471, CVE-2025-68276, CVE-2025-68468, CVE-2026-24401
Patch bind for CVE-2025-13878
Patch cmake for CVE-2025-14017
Patch coredns for CVE-2025-68151
Patch curl for CVE-2025-14017
Patch edk2 for CVE-2025-2295, CVE-2026-22796, CVE-2025-69421, CVE-2025-69420, CVE-2025-69418, CVE-2025-68160
Patch expat for CVE-2026-24515, CVE-2026-25210
Patch fluent-bit for CVE-2025-62408
Patch glib for CVE-2025-14087, CVE-2025-14512, CVE-2026-1484
Patch glibc for CVE-2025-15281, CVE-2026-0861, CVE-2026-0915
Patch gnupg2 for CVE-2025-30258
Patch gnutls for CVE-2025-13151, CVE-2025-9820
Patch harfbuzz for CVE-2026-22693
Patch influxdb for CVE-2025-10543
Patch krb5 for CVE-2025-24528
Patch libarchive for CVE-2025-60753
Patch libpcap for CVE-2025-11961
Patch libpng for CVE-2026-22695, CVE-2026-22801
Patch libsndfile for CVE-2025-56226
Patch libtasn1 for CVE-2025-13151
Patch memcached for CVE-2026-24809
Patch mysql for CVE-2026-21948, CVE-2026-21968, CVE-2026-21941, CVE-2026-21964, CVE-2026-21936, CVE-2026-21937
Patch ntopng for CVE-2021-44964
Patch python3 for CVE-2025-13837, CVE-2025-12084, CVE-2025-13836, CVE-2026-0865, CVE-2025-11468, CVE-2026-0672
Patch python-filelock for CVE-2026-22701, CVE-2025-68146
Patch pytorch for CVE-2025-3001
Patch ruby for CVE-2025-61594
Patch telegraf for CVE-2025-10543
Patch util-linux for CVE-2025-14104
Upgrade apache-commons-compress to 1.26.1
Upgrade bcc to add subpackage libbpf-tools
Upgrade CDI to 1.62.0
Upgrade cloud-hypervisor to 48.0.246
Upgrade crash to 9.0.0
Upgrade golang to 1.25.6-1
Upgrade gnome-desktop-testing to 2021.1
Upgrade hdf5 to 1.14.6 and patch hdf5 for CVE-2025-2153, CVE-2025-2310, CVE-2025-2914, CVE-2025-2926, CVE-2025-6816, CVE-2025-2925, CVE-2025-2924, CVE-2025-44905, CVE-2025-6269, CVE-2025-6750, CVE-2025-6857, CVE-2025-7067, CVE-2025-7068, CVE-2025-6858, CVE_2025-2923, CVE-2025-2913, CVE-2025-6516, CVE-2025-6818, CVE-2025-6817, CVE-2025-6856, CVE-2025-7069
Upgrade highlight to 4.18
Upgrade ibus-libzhuyin to 1.10.4 and libpinyin to 2.10.3
Upgrade ibus-table to 1.17.16
Upgrade imagecustomizer to 1.1.0
Upgrade kernel to 6.6.119.3
Upgrade kernel to 6.6.121.1
Upgrade Kernel version-release to kernel-6.6.121.1-1
Upgrade kernel-uvm config to support extended attributes with CIFS
Upgrade Jtidy to 1.0.4
Upgrade KubeVirt to 1.6.3
Upgrade libreport to 2.17.15
Upgrade lasso to 2.9.0
Upgrade mod_auth_openidc with updated pcre2
Upgrade MOFED 24.10 to DOCA-OFED 25.07
Upgrade nginx to 1.28.1
Upgrade osgi-core to 8.0.0
Upgrade pacemaker to 3.0.1
Upgrade perl-Alien-pkgconf to 0.21; fix perl-FFI-CheckLib install issue
Upgrade perl-FFI-CheckLib to 0.31
Upgrade perl-Params-ValidationCompiler to 0.31
Upgrade perl-PkgConfig-LibPkgConf to 0.11-24
Upgrade perl-Return-MultiLevel to 0.08
Upgrade python-debtcollector to 3.0.0
Upgrade python-oslo-i18n to 6.7.1
Upgrade python-pytest-flake8 to 1.3.0
Upgrade python-zmq to 27.1.0
Upgrade rhino to 1.7.15.1
Upgrade satyr to 0.43
Upgrade suitesparse to 7.11.0
Upgrade trilead-ssh2 to 217.371.vc1d30dc5a_b_32
Upgrade rust to 1.90.0
Upgrade xbean to 4.24
Upgrade xmldb-api to 1.7.0
2.0.20260203
Generic Kernel version-release: kernel-5.15.186.1-1
Bump toolkit crypto and jwt packages
Patch avahi for CVE-2026-24401, CVE-2025-68471, CVE-2025-68468, CVE-2025-68276
Patch coredns for CVE-2025-68151
Patch cmake for CVE-2025-14017
Patch curl for CVE-2025-14017
Patch edk2 for CVE-2025-2295
Patch frr for CVE-2025-61099,CVE-2025-61100,CVE-2025-61101,CVE-2025-61102,CVE-2025-61103,CVE-2025-61104,CVE-2025-61106 & CVE-2025-61107
Patch glibc for CVE-2025-0395, CVE-2026-0915, CVE-2026-0861
Patch gnutls for CVE-2025-13151, CVE-2025-9820
Patch hvloader for CVE-2025-2295
Patch influxdb for CVE-2025-65637
Patch krb5 for CVE-2025-24528
Patch libarchive for CVE-2025-60753
Patch libpng for CVE-2026-22695, CVE-2026-22801
Patch libtasn1 for CVE-2025-13151
Patch libvirt for CVE-2025-12748
Patch libxml2 for CVE-2026-0992, CVE-2026-0990, CVE-2025-7425
Patch lua for CVE-2026-24827
Patch memcached for CVE-2026-24809
Patch nmap for CVE-2025-11961
Patch nodejs18 for CVE-2025-55131
Patch ntopng for CVE-2026-24809
Patch python3 for CVE-2026-1299, CVE-2026-0672
Patch python-urllib3 for CVE-2025-66418, CVE-2026-21441
Patch pytorch for CVE-2025-3001
Patch ruby for CVE-2025-61594
Patch rpm-ostree for CVE-2025-58160
Patch strongswan for CVE-2025-62291
Upgrade libsodium to 1.0.18-FINAL for CVE-2025-69277
Upgrade msft-golang to 1.24.12
Upgrade mysql to 8.0.45 for CVE-2026-21948, CVE-2026-21968, CVE-2026-21941, CVE-2026-21964, CVE-2026-21936, CVE-2026-21937
Upgrade toolkit crypto and jwt packages