Overview

File _patchinfo of Package patchinfo.24947

<patchinfo incident="24947">
  <issue tracker="bnc" id="1199524">VUL-0: CVE-2022-1706: ignition: configs are accessible from unprivileged containers in VMs running on VMware products</issue>
  <issue tracker="bnc" id="1188479">SLE Micro failing to boot new installation on bare metal</issue>
  <issue tracker="bnc" id="1196679">SLE Micro 5.1 unable to boot on azure</issue>
  <issue tracker="bnc" id="1184202">vfat support in initrd missing</issue>
  <issue tracker="bnc" id="1172510">ignition presets not applied</issue>
  <issue tracker="bnc" id="1159232">ignition: no error if ssh key couldn't be written</issue>
  <issue tracker="bnc" id="1167289">ignition: missing dependencies</issue>
  <issue tracker="bnc" id="1161265">ignition writes unsupprted authorized_keys.d/ format</issue>
  <issue tracker="bnc" id="1173402">Kernel delays boot by 12s if ip= option given</issue>
  <packager>fos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for ignition</summary>
  <description>This update for ignition fixes the following issues:

- CVE-2022-1706: Fixed accessible configs from unprivileged containers in VMs running on VMware products (bsc#1199524).
- Update to version 2.14.0

The following non-security bugs were fixed:

- Use /bin/sh instead of /usr/bin/sh (for backwards compatibility with SLE Micro 5.1) (bsc#1196679).
- providers/azure: add support for azure gen2 VMs (bsc#1196679).
- Include vfat and nls kernel modules into initrd so that we can read the ignition configuration from USB drives (bsc#1184202).
- Ignore error return code if no virtualization environment detected (bsc#1188479).
- 02_ignition_firstboot, ignition-enable-network.sh: Drop ip=dhcp, it's the default anyway and avoids a delay on boot (bsc#1173402)
- Fixed "ignition presets not applied" (bsc#1172510)
- Added explicit Recommends for helper applications (bsc#1167289).
- Do not use SSH keys fragments, those are not supported by openSUSE (bsc#1161265).
- Don't silently ignore if the SSH key could not be written (bsc#1159232).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places