/etc/ssh/sshd_config.d/./etc/shadow, /etc/gshadow are now owned by the shadow group, /usr/bin/unix_chkpwd, /usr/bin/chage and /usr/bin/expiry are now also owned by the shadow group with a sticky bit enabled.Changes since Beta 4459.1.2
systemd-tmpfiles --create and systemctl daemon-reload first.flatcar.release_file_server_url and flatcar.dev_file_server_url to specify custom servers where Flatcar extensions should be downloaded on boot (bootengine#112)/boot to 1 GB, the two /usr partitions to 2 GB, /oem to 1 GB so that we can use more space in a few years when we can assume that most nodes run the new partition layout - existing nodes can still update for the next years (scripts#3027)/boot by half. Flatcar now uses a minimal first stage initrd just to access the /usr partition and then switches to the full initrd that does the full system preparation as before. Since this means that the set of kernel modules available in the first initrd is reduced, please report any impact.CONFIG_MEMCG_V1 to mitigate cgroupsv1 removal (e.g JVM) (Flatcar#1884)/usrChanges since Alpha 4459.0.0
CONFIG_CPUSETS_V1 to mitigate cgroupsv1 removal (e.g JVM) (Flatcar#1884)messagebus between acct-user/acct-group and baselayout. (baselayout#36)/etc/subuid and /etc/subgid generation for core user, before this change it partially overwrites the file and causes issues. (Flatcar#1733) This could be created through initial provisioning. (scripts#3043)overlaybd to /etc/flatcar/enabled-sysext.conf to check it out.
The extension includes both overlaybd as well as accelerated-container-image tools.Changes since Alpha 4426.0.0
CONFIG_CPUSETS_V1 to mitigate cgroupsv1 removal (e.g JVM) (Flatcar#1884)Changes since Alpha 4372.0.1
nftables-load.service and nftables-store.service services to load/store rules from/in /var/lib/nftables/rules-save (Flatcar#900)toolbox (toolbox#11). (cloud-init#32)/etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning. (scripts#1655)flatcar_production_qemu*.sh) received two new options. -D (or -image-disk-opts) can be used to add extra options to the virtio-blk-pci device for primary disk. -d (or -disk) can be used to add extra disks to the machine - this one takes a path to a raw or qcow2 image file and, after a comma, virtio-blk-pci options. To learn what disk options can be passed to -D or -d, call qemu-system-x86_64 -device virtio-blk-pci,help (qemu-system-aarch64 can be used too)./boot is now only accessible by the root user for better security. (Flatcar#296)/etc/subuid and /etc/subgid generation for root user, it has to be created through initial provisioning. (scripts#3028)Changes since Alpha 4344.0.0
toolbox (toolbox#11)/boot is now only accessible by the root user for better security. (Flatcar#296)/etc/subuid and /etc/subgid generation for root user, it has to be created through initial provisioning. (scripts#3028)flatcar-install, needed for download verification of releases built from March 2025 onwards, if you have copies of flatcar-install or the image signing pub key, you need to update them as well (init#129)-f option. (flatcar/scripts#2575)Changes since Alpha 4230.0.1
flatcar-install, needed for download verification of releases built from March 2025 onwards, if you have copies of flatcar-install or the image signing pub key, you need to update them as well (init#129)Changes since Alpha 4186.0.0
Changes since Alpha 4152.0.0
/usr/sbin directory is now merged into /usr/bin, so the former became a symlink to the latter. The SDK now has the same base layout as the generic images. (flatcar/scripts#2068)Changes since Alpha 4116.0.0
kvp, vss, and fcopy for better HyperV hypervisor integration with Flatcar guests (scripts#2309).docker build command will now use buildx as its backend as the old one became deprecated and a loud "DEPRECATED" information is printed every time it's used.Changes since Alpha 4081.0.0
kvp, vss, and fcopy for better HyperV hypervisor integration with Flatcar guests (scripts#2309).Changes since Alpha 4054.0.0
COREOS_HETZNER_PRIVATE_IPV4_0 Afterburn attribute for Hetzner private IPs (scripts#2141)/etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning (scripts#1979)Changes since Alpha 4012.0.1
COREOS_HETZNER_PRIVATE_IPV4_0 Afterburn attribute for Hetzner private IPs (scripts#2141)/etc/issue.d (scripts#2018)/etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning (scripts#1964)Changes since Alpha 3975.0.0
/etc/issue.d (scripts#2018)Changes since Beta 3913.1.0
zip compressed, switching from bzip2 to a built-in available Windows compression - zip (scripts#1878)flatcar.autologin kernel cmdline parameter by default as the hypervisor manages access to the console (scripts#1866)actool from the image and acbuild from the SDK as these tools are deprecated and not used (scripts#1817).qcow2 to ease the import on Scaleway (scripts#1953)Changes since Alpha 3941.0.0
.qcow2 to ease the import on Scaleway (scripts#1953)toolbox to prevent mounted ctr snapshots from being garbage-collected (toolbox#9)qemu_uefi_secure is introduced to test Flatcar for SecureBoot-enabled features. The format will be later merged into qemu_uefi./etc/flatcar/enabled-sysext.conf through Ignition and the sysext will be installed during provisioning. ZFS support is experimental and ZFS is not supported for the root partition. (flatcar/scripts#1742)reboot-strategy -> reboot_strategy) (scripts#1687)qemu_uefi build target provides the regular qemu and the qemu_uefi_secure artifacts (scripts#1847)Changes since Alpha 3913.0.0
toolbox to prevent mounted ctr snapshots from being garbage-collected (toolbox#9)qemu_uefi build target provides the regular qemu and the qemu_uefi_secure artifacts (scripts#1847)/usr/share/oem brings the OEM partition contents (Flatcar#1376)Changes since Alpha 3874.0.0
/usr/share/oem brings the OEM partition contents (Flatcar#1376)update-engine.service to the postinstall script to support fetching OEM systemd-sysext payloads through a proxy (Flatcar#1326)flatcar-update --oem-payloads <yes|no> flag to skip providing OEM payloads, e.g., for downgrades (init#114)Changes since Alpha 3850.0.0
update-engine.service to the postinstall script to support fetching OEM systemd-sysext payloads through a proxy (Flatcar#1326)flatcar-update --oem-payloads <yes|no> flag to skip providing OEM payloads, e.g., for downgrades (init#114)update_engine will not perform torcx sanity checks post-update anymore.overlay2 driver
(changelog, upstream pr).
Using the btrfs driver can still be enforced by creating a respective docker config at /etc/docker/daemon.json.btrfs storage driver for backwards-compatibility with your deployment.
btrfs driver entirely in a future version. Please consider migrating your deployments to the overlay2 driver./usr and being part of the OEM A/B updates (flatcar#1146)Changes since Alpha 3815.0.0
/etc that have a tmpfiles rule that normally would recreate them will now show up again through the /etc lowerdir (Flatcar#1265, bootengine#79)/etc/extensions/ symlinks for the inbuilt Docker/containerd systemd-sysext images on update from Beta 3760.1.0 (update_engine#32)Changes since Beta 3745.1.0
/usr/share/amazon/eks/download-kubelet.sh to include download paths for these versions. (scripts#1210)sshkeys.service more robust to only run coreos-metadata-sshkeys@core.service when not masked and also retry on failure (init#112).gz or .bz2 images)Changes since Alpha 3760.0.0
sshkeys.service more robust to only run coreos-metadata-sshkeys@core.service when not masked and also retry on failure (init#112).gz or .bz2 images)/usr/etc/ssh/ssh_config and /etc/ssh/sshd_config which include config snippets in /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d, respectively./usr/libexec/kubernetes/kubelet-plugins/volume/exec is now a symlink to the writable folder /var/kubernetes/kubelet-plugins/volume/exec (Flatcar#1193)Changes since Alpha 3745.0.0
/usr/libexec/kubernetes/kubelet-plugins/volume/exec is now a symlink to the writable folder /var/kubernetes/kubelet-plugins/volume/exec (Flatcar#1193)Changes compared to Beta 3602.1.6
/usr. For Azure images this also means that the image has a normal Python installation available through the sysext image. The OEM software is still not updated but this will be added soon./usr to make it available on all platforms (scripts#932, Flatcar#1077)/usr/share/oem to /oem. /usr/share/oem became a symlink to /oem for backward compatibility. Despite the move, the initrd images providing files through /usr/share/oem should keep using /usr/share/oem. The move was done to enable activating the OEM sysext images that are placed in the OEM partition.nvidia.service from /etc on Azure because it's now part of /usr (Flatcar#60)/var/log/sssd is created if it doesn't exist, required for sssd.service (Flatcar#1096)flatcar-install and added error reporting for disk write failures (Flatcar#1059)Changes since Alpha 3602.0.0
Changes since Alpha 3572.0.1
NVIDIA_DRIVER_VERSION=460.106.00 in /etc/flatcar/nvidia-metadata/var/log/journal/ is created early enough for systemd-journald to persist the logs on first boot (bootengine#60, baselayout#29)journalctl --user permission issue (Flatcar#989)/usr/share/oem is given as initrd mount point (bootengine#58)flatcar-reset tool and boot logic for selective OS resets to reconfigure the system with Ignition while avoiding config drift (bootengine#55, init#91)flatcar-install, needed for download verification of releases built from July 2023 onwards, if you have copies of flatcar-install or the image signing pub key, you need to update them as well (init#92)pigz to the image, a parallel gzip implementation, which is useful to speed up the (de)compression for large container image imports/exports (coreos-overlay#2504)/etc is now set up as overlayfs with the original /etc folder being the store for changed files/directories and /usr/share/flatcar/etc providing the lower default directory tree (bootengine#53, scripts#666)/etc that are the same as provided by the booted /usr/share/flatcar/etc default for the overlay mount on /etc are deleted to ensure that future updates of /usr/share/flatcar/etc are propagated - to opt out create /etc/.no-dup-update in case you want to keep an unmodified config file as is or because you fear that a future Flatcar version may use the same file as you at which point your copy is cleaned up and any other future Flatcar changes would be applied (bootengine#54)/usr/share/oem is not needed anymore (bootengine#58)Changes since Alpha 3549.0.0
/var/log/journal/ is created early enough for systemd-journald to persist the logs on first boot (bootengine#60, baselayout#29)journalctl --user permission issue (Flatcar#989)nodelocaldns and kube-ipvs0 from being managed with systemd-networkd which interfered with the setup (init#89).Changes since Alpha 3510.0.0
nodelocaldns and kube-ipvs0 from being managed with systemd-networkd which interfered with the setup (init#89).Changes since Alpha 3493.0.0
core user or group in /etc/passwd or /etc/group (baselayout#26)Changes since Alpha 3446.0.0
Changes since Alpha 3432.0.0
Changes since Alpha 3417.0.0
CONFIG_NF_CONNTRACK_BRIDGE (for nf_conntrack_bridge) and CONFIG_NFT_BRIDGE_META (for nft_meta_bridge) to the kernel config to allow using conntrack rules for bridges in nftables and to match on bridge interface names (coreos-overlay#2207)--strip-unneeded to --strip-debug when installing kernel modules, which makes kernel stacktraces more accurate and makes debugging issues easier (coreos-overlay#2196)Changes since Alpha 3402.0.1
Changes since Beta 3346.1.0
coreos-metadata-sshkeys@.service to provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246)Changes since Alpha 3374.0.0
coreos-metadata-sshkeys@.service to provision SSH keys from metadata. (Flatcar#817, coreos-overlay#2246)gettext to the OS (Flatcar#849)m3.small.x86 instance by expanding the GRUB check for i386 to x86_64 (coreos-overlay#2122)nc to ncat. -q option is not yet supported (flatcar#545)Changes since Alpha 3346.0.0
gettext to the OS (Flatcar#849)m3.small.x86 instance by expanding the GRUB check for i386 to x86_64 (coreos-overlay#2122)wireguard (and others) from systemd-networkd management. (init#80)flatcar-install (the old expired on 10th August 2022), only an updated flatcar-install script can verify releases signed with the new key (init#79)Changes since Beta 3277.1.0
systemd-networkd default management (Flatcar#808)/etc/resolv.conf symlink by pointing it at resolv.conf instead of stub-resolv.conf. This bug was present since the update to systemd v250 (coreos-overlay#2057)networkd Ignition translation (Flatcar#812)Packages:
Architectures:
Changes since Alpha 3277.0.0
grub.cfg exists, this was fixed by creating it first (bootengine#47)Changes since Beta 3227.1.1
grub.cfg exists, this was fixed by creating it first (bootengine#47)containerd.service unit, br_netfilter and overlay modules by default to follow Kubernetes requirements (coreos-overlay#1944, init#72)ignition-delete-config.service to remove Ignition config from VM metadata, see also here (coreos-overlay#1948)Changes since Beta 3227.1.0
Changes since Beta 3185.1.1
/etc/flatcar/update.conf exists because it happens to be used as flag file for Ansible (init#71)metal to follow the Ignition upstream change which otherwise resulted in a broken boot when the Flatcar OEM ID pxe was used (bootengine#45)networkd translation to files section when converting from Ignition 2.x to Ignition 3.x (coreos-overlay#1910, flatcar#741)CONFIG_INTEL_RAPL on AMD64 Kernel config to compile intel_rapl_common module in order to allow power monitoring on modern Intel processors (flatcar#coreos-overlay#1801)Changes since Alpha 3227.0.0
/etc/flatcar/update.conf exists because it happens to be used as flag file for Ansible (init#71)metal to follow the Ignition upstream change which otherwise resulted in a broken boot when the Flatcar OEM ID pxe was used (bootengine#45)networkd translation to files section when converting from Ignition 2.x to Ignition 3.x (coreos-overlay#1910, flatcar#741)Changes since Beta 3185.1.0
ensure-sysext.service if systemd-sysext.service won't be started, to prevent reporting a dependency failure (Flatcar#710)systemd-sysext.service drop-in unit to restore the OEM partition mount after the overlay mounts in /usr are done (init#69)/etc/hostname from instance metadata with Afterburn/etc/hostname from the instance metadata because it used a long FQDN but we can just use use the hostname set via DHCP (Flatcar#707)ghcr.io/flatcar/mantle image (coreos-overlay#1827, scripts#275)Changes since Beta 3139.1.1
authorized_keys.d/ignition again and added a call to update-ssh-keys after Ignition ran to create the merged authorized_keys file, which fixes the problem that keys added by Ignition get lost when update-ssh-keys runs (init#66)auditd.service but left it disabled by default, a custom configuration can be created by removing /etc/audit/auditd.conf and replacing it with an own file (coreos-overlay#1636)ManageForeignRoutes and ManageForeignRoutingPolicyRules settings are now disabled through a drop-in file and thus can only be enabled again by a drop-in file under /etc/systemd/networkd.conf.d/ because drop-in files take precedence over /etc/systemd/networkd.conf (init#61)systemd-sysext.service to activate systemd-sysext images on boot, to disable you will need to mask it. Also added a helper service ensure-sysext.service which reloads the systemd units to reevaluate the sockets, timers, and multi-user targets when systemd-sysext.service is (re)started, making it possible to enable units that are part of a sysext image (coreos-overlay#65)/usr/lib used to be a symlink to /usr/lib64 but now they became two separate folders as common in other distributions (and was the case for arm64 already). Compatibility symlinks exist in case /usr/lib64 was used to access, e.g., the modules folder or the systemd folder (coreos-overlay#1713, scripts#255)cryptsetup to the initramfs for the Ignition luks directive (flatcar-linux/coreos-overlay#1760)SYSEXT_LEVEL=1.0 and ID=flatcar (Flatcar#643)bz2 image, a gz compressed image is published. This helps against hitting the compression timeout that sometimes lets the image import fail.bz2 image, a gz compressed image is published. This allows Glance to directly consume the images by simply passing in the URL of the image.bz2, gz, zip, none, zst. Selecting the image format can now be done by passing the --image_compression_formats option. This flag gets a comma separated list of formats.Changes since Alpha 3185.0.0
authorized_keys.d/ignition again and added a call to update-ssh-keys after Ignition ran to create the merged authorized_keys file, which fixes the problem that keys added by Ignition get lost when update-ssh-keys runs (init#66)cryptsetup to the initramfs for the Ignition luks directive (flatcar-linux/coreos-overlay#1760)Changes since Beta-3139.1.0
brd drbd nbd rbd xen-blkfront zram libarc4 lru_cache zsmalloc kernel modules to the initramfs since they were missing compared to the Flatcar 3033.2.x releases where the 5.10 kernel is used (bootengine#40)Changes since Alpha 3139.0.0
ManageForeignRoutes and ManageForeignRoutingPolicyRules by default to ensure that CNIs like Cilium don't get their routes or routing policy rules discarded on network reconfiguration events (Flatcar#620).fsck[1343]: Failed to stat /dev/disk/by-label/ROOT: No such file or directory when creating a btrfs root filesystem (ignition#35)/etc/flatcar-cgroupv1 through ignition. (coreos-overlay#1666)Changes since Beta 3066.1.2
USER environment variable which may not be set in all environments, causing the script to fail unless a workaround was used like prepending an additional sudo invocation (init#58)ManageForeignRoutes and ManageForeignRoutingPolicyRules by default to ensure that CNIs like Cilium don't get their routes or routing policy rules discarded on network reconfiguration events (Flatcar#620).fsck[1343]: Failed to stat /dev/disk/by-label/ROOT: No such file or directory when creating a btrfs root filesystem (ignition#35)/run/reboot-required flag file for kured (update_engine#15)grub.cfg (check it taking effect with cat /proc/sys/crypto/fips_enabled) (coreos-overlay#1602)/etc/flatcar-cgroupv1 through ignition. (coreos-overlay#1666)/etc/flatcar/update.conf file, leaving it totally to the user to define the contents as it was unnecessarily overwriting the /use/share/flatcar/update.conf (flatcar-linux/scripts#212)Changes since Beta 3066.1.1
policycoreutils used the wrong ROOT to update the SELinux store (flatcar-linux/coreos-overlay#1502)policycoreutils instead of /var/lib/selinux (flatcar-linux/Flatcar#596)Changes since Beta 3066.1.0
/run/xtables.lock coordination file exists for modifications of the xtables backend from containers (must be bind-mounted) or the iptables-legacy binaries on the host (flatcar-linux/init#57)policycoreutils used the wrong ROOT to update the SELinux store (flatcar-linux/coreos-overlay#1502)elf support for iproute2 (flatcar-linux/coreos-overlay#1256)Changes since Alpha 3066.0.0
Security fixes
Bug Fixes
ETCD_NAME conflicting with --name for etcd-member to start (flatcar-linux/coreos-overlay#1444)Changes
flatcar-update tool to the image to ease manual updates, rollbacks, channel/release jumping, and airgapped updates (flatcar-linux/init#53)Updates
Changes since Beta 3033.1.1
Security fixes
Changes:
Bug Fixes
tcsd for machine with TPM 2.0 (flatcar-linux/coreos-overlay#1364,flatcar-linux/coreos-overlay#1365)Updates
Packages:
Architectures:
Changes since Beta 3033.1.0
Security fixes
Updates
Changes
Packages:
Architectures:
Changes since Alpha 3033.0.0
Security fixes
Changes
Updates
Changes since Beta 2983.1.2
Security fixes
Bug fixes
ignition/torcx service unit failure in dracut (bootengine#28)Changes
bcc (flatcar-linux/coreos-overlay#1278)Updates
Packages:
Architectures:
As of Alpha version 2969.0.0, Flatcar Container Linux migrates to the unified cgroup hierarchy (aka CGroupsV2)! New nodes will utilize CGroupsV2 by default. Existing nodes remain on CGroupsV1 and need to be manually migrated to CGroupsV2. To learn more about CGroupsV2 on Flatcar Container Linux and the migration guide, please refer to https://flatcar-linux.org/docs/latest/container-runtimes/switching-to-unified-cgroups/
New Beta release 2983.1.2
Changes since Beta 2983.1.1
Security fixes
Bux fixes
Updates
Packages:
Architectures:
Changes since Beta 2983.1.0
Security fixes
Updates
Packages:
Architectures:
Changes since Beta 2942.1.2
Update to CGroupsV2
As of Alpha version 2969.0.0, Flatcar Container Linux migrates to the unified cgroup hierarchy (aka CGroupsV2)! New nodes will utilize CGroupsV2 by default. Existing nodes remain on CGroupsV1 and need to be manually migrated to CGroupsV2. To learn more about CGroupsV2 on Flatcar Container Linux and the migration guide, please refer to https://flatcar-linux.org/docs/latest/container-runtimes/switching-to-unified-cgroups/
Security fixes
Bug Fixes
Changes
3.5.0, 0.14.0 to get multiarch images for arm64 support. Note for users of the old etcd v2 support: ETCDCTL_API=2 must be set to use v2 store as well as ETCD_ENABLE_V2=true in the etcd-member.service - this support will be removed in 3.6.0 (coreos-overlay#1179)Updates
Changes since Alpha 2983.0.0
Security fixes
Updates
Packages:
Architectures:
Changes since Beta 2942.1.1
Security fixes
Bug Fixes
Updates
Packages:
Architectures:
Security fixes
Bug Fixes
pam.d sssd LDAP auth with sudo (coreos-overlay#1170)Changes
Updates
Packages:
Architectures:
Security Fixes
Bug Fixes
dockerd wrapper script (coreos-overlay#1149)Changes
Updates
Changes since Alpha 2942.0.0
Security fixes
Bug fixes
dockerd wrapper script (coreos-overlay#1149)Updates
Packages:
Architectures:
Security Fixes
Updates
Changes since Beta 2905.1.0
Updates
Packages:
Architectures:
Changes
Updates
Changes since Beta 2823.1.3: Security fixes
Bug Fixes
Updates
Deprecation
Packages:
Architectures:
Bug fixes
Changes
Updates
Packages:
Architectures:
Updates
Packages:
Architectures:
Updates
Packages:
Architectures:
Security fixes
Bug fixes
Updates
Changes since Beta 2801.1.0:
Security fixes
Bug Fixes
Changes
Updates
Packages:
Architectures:
Bug Fixes
Changes
Updates
Deprecation
Packages:
Architectures:
Bug Fixes
Updates
Packages:
Architectures:
Bug fixes
/etc/iscsi/initiatorname.iscsi is generated by the iscsi-init service (#321)Changes
/run/containerd/containerd.sock) and also as a symlink in the previous location (/run/docker/libcontainerd/docker-containerd.sock) (#771)Updates
Packages:
Architectures:
Bug fixes
net.ipv4.conf.*.rp_filter is set to 0 for the Cilium CNI plugin to work (kinvolk/Flatcar#181)Changes
Updates
Packages:
Architectures:
Bug fixes:
Changes:
Updates:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Bug fixes:
/etc/coreos to /etc/flatcar symlink always exists, relevant for the Container Linux Config transpiler (ct) when specifying directives for update: or locksmith: while also reformatting the rootfs (baselayout PR#7)Updates:
Packages:
Architectures:
Bug fixes:
/etc/portage/savedconfig/ folder that contained a dump of the firmware config flatcar-linux/coreos-overlay#613Changes:
Updates:
Packages:
Architectures:
Changes:
sysctl net.ipv4.conf.(all|*).rp_filter to 0 (instead of the systemd upstream value 2) to be less restrictive which some network solutions rely on (PR#11)flatcar-install allows installation to a multipath drive (PR#24)Updates:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Changes:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Bug Fixes:
ip=<ip>::<gateway>:<netmask>:<hostname>:<iface>:none[:<dns1>[:<dns2>]] https://github.com/flatcar/bootengine/pull/15Updates:
Packages:
Architectures:
Security fixes:
Changes:
/usr/share/licenses/INFOUpdates:
Packages:
Architectures:
Security fixes:
Bug fixes:
/boot/coreos only if /boot/coreos/vmlinux-* exists (https://github.com/flatcar/update_engine/pull/5)BINHOST URLs in the development container to download binary packagesChanges:
/boot/coreos/first_boot flag file (https://github.com/flatcar/bootengine/pull/13)etcd-member.service, flanneld.service, and kubelet-wrapperflatcar.autologin kernel command line parameter on Azure and VMware for auto login on the serial consoleconntrack (conntrack-tools)journalctl output, pstore kernel crash logs, and coredumpctl list output in the mayday reportcoreos.config.* and flatcar.config.* guestinfo variables on VMware OEMUpdates:
Packages:
Architectures:
Bug fixes:
Changes:
tracepath alongside traceroute6 (https://github.com/flatcar/Flatcar/issues/50)Updates:
Packages:
Architectures:
Bug fixes:
coreos.oem.*, coreos.autologin, coreos.first_boot, and the QEMU firmware config path opt/com.coreos/config (https://github.com/flatcar/Flatcar/issues/16 https://github.com/flatcar/afterburn/pull/7 https://github.com/flatcar/bootengine/pull/7 https://github.com/flatcar/bootengine/pull/8 https://github.com/flatcar/init/pull/16 https://github.com/flatcar/init/pull/17 https://github.com/flatcar/ignition/pull/8)Updates:
Packages:
Architectures:
Bug fixes:
Security fixes:
Changes:
qede kernel moduleUpdates:
Packages:
Architectures:
Security fixes:
Updates:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Security fixes:
Bug fixes:
Updates:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Security fixes:
Updates:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Security fixes:
Bug fixes:
Updates:
Packages:
Architectures:
Security fixes:
Updates:
Packages:
Architectures:
Security fixes:
Updates:
Bug fixes:
Packages:
Architectures:
Security fixes:
Updates:
Changes:
Packages:
Architectures:
Packages:
Architectures:
No changes for beta promotion
Packages:
Architectures:
Bug fixes:
guestinfo.(coreos|ignition).config parameters are specified on VMware (coreos/ignition#821)Updates:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Security fixes:
Bug fixes:
Updates:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Security fixes:
Updates:
Packages:
Architectures:
Bug fixes:
MountFlags=shared option (#2579)Changes:
Packages:
Architectures:
Bug fixes:
Changes:
atlantic kernel module (#2576)Updates:
Packages:
Architectures:
Bug fixes:
Changes:
atlantic kernel module (#2576)Updates:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Security fixes:
sockfs_setattr (CVE-2019-8912)Updates:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Security fixes:
Changes:
/sys/bus/rbd/add to Linux 4.14 behavior (#2544)Updates:
Packages:
Architectures:
Security fixes:
Updates:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Security fixes:
INT_MAX (CVE-2018-19788)Updates:
Packages:
Architectures:
Changes:
Packages:
Architectures:
Security fixes:
Updates:
Packages:
Architectures:
Security fixes:
Changes:
Packages:
Architectures:
Security fixes:
Bug fixes:
Updates:
Packages:
Architectures:
Changes:
flatcar-install (flatcar-linux/init#4)Bug fixes:
/usr/lib/coreos symlink for Container Linux compatibility (flatcar-linux/coreos-overlay#8)Changes:
Packages:
Architectures:
Bug fixes:
Changes:
Updates:
Packages:
Architectures:
Changes:
Updates:
Packages:
Architectures:
Security fixes:
Bug fixes:
Changes:
Packages:
Architectures:
Security fixes:
Bug fixes:
Updates:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Changes:
Packages:
Architectures:
Updates:
Packages:
Architectures:
Changes:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Bug fixes:
Updates:
Packages:
Architectures:
Security fixes:
Bug fixes:
Updates:
Packages:
Architectures:
Changes:
Updates:
Packages:
Architectures:
Security fixes:
Updates:
Packages:
Architectures:
Bug fixes:
Changes:
Packages:
Architectures:
Initial Flatcar release.
Bug fixes:
Notes:
Bug fixes:
Packages:
Architectures: