Tabel berikut memberikan ringkasan rilis Container-Optimized OS yang tersedia di Compute Engine:
Pencapaian Aktif
Versi OS | Project gambar | Keluarga image x86 | Kelompok image Arm | Dibuat oleh | Akhir dukungan | Catatan rilis |
---|---|---|---|---|---|---|
COS 121 DEV | cos-cloud |
cos-dev |
cos-arm64-dev |
Ditentukan Nanti | dev | |
COS 117 LTS | cos-cloud |
cos-117-lts |
cos-arm64-117-lts |
September 2026 | milestone 117 | |
COS 113 LTS | cos-cloud |
cos-113-lts |
cos-arm64-113-lts |
Maret 2026 | milestone 113 | |
COS 109 LTS | cos-cloud |
cos-109-lts |
cos-arm64-109-lts |
September 2025 | milestone 109 | |
COS 105 LTS | cos-cloud |
cos-105-lts |
cos-arm64-105-lts |
Maret 2025 | milestone 105 | |
Pencapaian yang Tidak Digunakan Lagi
Versi OS | Project gambar | Keluarga image x86 | Kelompok image Arm | Dibuat oleh | Tanggal penghentian | Catatan rilis |
---|---|---|---|---|---|---|
COS 101 LTS | cos-cloud |
cos-101-lts |
N/A |
Oktober 2024 | milestone 101 | |
COS 97 LTS | cos-cloud |
cos-97-lts |
N/A |
April 2024 | milestone 97 | |
COS 93 LTS | cos-cloud |
cos-93-lts |
N/A |
Oktober 2023 | milestone 93 | |
COS 89 LTS | cos-cloud |
cos-89-lts |
N/A |
Maret 2023 | milestone 89 | |
COS 85 LTS | cos-cloud |
cos-85-lts |
N/A |
September 2022 | milestone 85 | |
COS 81 LTS | cos-cloud |
cos-81-lts |
N/A |
September 20211 | milestone 81 | |
COS 77 LTS | cos-cloud |
cos-77-lts |
N/A |
April 20211 | milestone 77 | |
COS 73 LTS | cos-cloud |
cos-73-lts |
N/A |
Juni 2020 | milestone 73 | |
COS 69 LTS | cos-cloud |
cos-69-lts |
N/A |
Desember 2019 | milestone 69 |
-
COS 77 LTS dan COS 81 LTS, jika dipaketkan dengan GKE, memiliki durasi dukungan yang sedikit lebih lama. Pengguna GKE harus melihat jadwal rilis GKE untuk mengetahui detailnya. ↩
Catatan Rilis Pengembangan
Log Perubahan
cos-89-16108-470-1
Date: Jun 24, 2021 Kernel: COS-5.4.120 Kubernetes: v1.20.5 Docker: v20.10.3 Containerd: v1.4.4 Default GPU Driver: v450.119.04 Changelog (vs 89-16108-403-51): * LTS Refresh Release. * Upgraded dev-db/sqlite to v3.34.1. This resolves CVE-2021-20227. * Upgraded app-arch/tar to v1.34. This resolves CVE-2021-20193. * Upgraded dev-vcs/git to v2.29.3. This resolves CVE-2021-21300. * Updated the Linux kernel to v5.4.120. This resolves CVE-2021-31916 and CVE-2021-31829. * Updated kubernetes to v1.20.5. * Updated containerd to v1.4.4. This resolves CVE-2021-21334. * Upgraded Google OS Config Agent(aka VMManager) to version 20210607.00. * Fixed CVE-2021-3537 and CVE-2020-24977 in dev-libs/libxml2. * Automatically mount OEM partition if it is sealed.
cos-dev-93-16509-0-0
Date: Jun 21, 2021 Kernel: COS-5.10.44 Kubernetes: v1.20.5 Docker: v20.10.6 Containerd: v1.4.4 Default GPU Driver: v450.119.04 Changelog (vs 93-16482-0-0): * Updated the Linux kernel to v5.10.44. * Set kernel config flag to enable dump capture kernel for ARM64. * Runtime sysctl: * Changed: fs.epoll.max_user_watches: 1668321 -> 1668341 * Changed: fs.file-max: 814309 -> 814308
cos-89-16108-403-51
Date: Jun 21, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Containerd: v1.4.3 Default GPU Driver: v450.119.04 Changelog (vs 89-16108-403-47): * Fixed a memory leak in the GVE kernel driver.
cos-85-13310-1260-26
Date: Jun 21, 2021 Kernel: COS-5.4.109 Kubernetes: v1.18.15 Docker: v19.03.15 Containerd: v1.4.3 Default GPU Driver: v450.51.06 Changelog (vs 85-13310-1260-23): * Fixed a memory leak in the GVE kernel driver. * Fixed a low network bandwidth issue in the Linux kernel.
cos-89-16108-403-47
Date: Jun 14, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Containerd: v1.4.3 Default GPU Driver: v450.119.04 Changelog (vs 89-16108-403-46): * Fixed a network regression on single-core systems when using the GVE network interface.
cos-85-13310-1260-23
Date: Jun 14, 2021 Kernel: COS-5.4.109 Kubernetes: v1.18.15 Docker: v19.03.15 Containerd: v1.4.3 Default GPU Driver: v450.51.06 Changelog (vs 85-13310-1260-22): * Fixed a network regression on single-core systems when using the GVE network interface.
cos-dev-93-16482-0-0
Date: Jun 09, 2021 Kernel: COS-5.10.42 Kubernetes: v1.20.5 Docker: v20.10.6 Containerd: v1.4.4 Default GPU Driver: v450.119.04 Changelog (vs 93-16442-0-0): * Upgraded Google OS Config Agent (VMManager) to version 20210607.00. * Upgraded cloud-init to v21.2. * Upgraded the Linux kernel to v5.10.42. * Updated runc to v1.0.0_rc95. This resolves CVE-2021-30465. * Stackdriver logs now record Docker container names by default. * As a result of the kernel upgrade, the following sysctl changes occurred: * Added: kernel.hung_task_all_cpu_backtrace: 0 * Added: kernel.oops_all_cpu_backtrace: 0 * Added: kernel.sched_deadline_period_max_us: 4194304 * Added: kernel.sched_deadline_period_min_us: 100 * Added: net.ipv4.ip_autobind_reuse: 0 * Added: net.ipv4.nexthop_compat_mode: 1 * Added: net.ipv4.tcp_comp_sack_slack_ns: 100000 * Added: net.ipv4.tcp_no_ssthresh_metrics_save: 1 * Added: net.ipv4.tcp_reflect_tos: 0 * Added: net.ipv6.conf.all.rpl_seg_enabled: 0 * Added: net.ipv6.conf.default.rpl_seg_enabled: 0 * Added: net.ipv6.conf.docker0.rpl_seg_enabled: 0 * Added: net.ipv6.conf.eth0.rpl_seg_enabled: 0 * Added: net.ipv6.conf.lo.rpl_seg_enabled: 0 * Added: user.max_time_namespaces: 31820 * Added: vm.compaction_proactiveness: 20 * Added: vm.page_lock_unfairness: 5 * Changed: fs.epoll.max_user_watches: 1668751 -> 1668321 * Changed: fs.file-max: 814576 -> 814309 * Changed: kernel.cap_last_cap: 37 -> 40 * Changed: kernel.threads-max: 63658 -> 63641 * Changed: kernel.usermodehelper.bset: 4294967295 63 -> 4294967295 511 * Changed: kernel.usermodehelper.inheritable: 4294967295 63 -> 4294967295 511 * Changed: net.core.bpf_jit_kallsyms: 0 -> 1 * Changed: net.ipv4.tcp_mem: 94299 125733 188598 -> 94275 125700 188550 * Changed: net.ipv4.udp_mem: 188598 251466 377196 -> 188550 251401 377100 * Changed: user.max_cgroup_namespaces: 31829 -> 31820 * Changed: user.max_ipc_namespaces: 31829 -> 31820 * Changed: user.max_mnt_namespaces: 31829 -> 31820 * Changed: user.max_net_namespaces: 31829 -> 31820 * Changed: user.max_pid_namespaces: 31829 -> 31820 * Changed: user.max_user_namespaces: 31829 -> 31820 * Changed: user.max_uts_namespaces: 31829 -> 31820 * Deleted: kernel.random.read_wakeup_threshold: 64
cos-85-13310-1260-22
Date: Jun 09, 2021 Kernel: COS-5.4.109 Kubernetes: v1.18.15 Docker: v19.03.15 Containerd: v1.4.3 Default GPU Driver: v450.51.06 Changelog (vs 85-13310-1260-17): * Fixed a network regression on multi-core systems when using the GVE network interface. * Updated runc to v1.0.0_rc95. This resolves CVE-2021-30465.
cos-89-16108-403-46
Date: Jun 08, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Containerd: v1.4.3 Default GPU Driver: v450.119.04 Changelog (vs 89-16108-403-42): * Fixed a low network bandwidth issue in the Linux kernel. * Updated runc to v1.0.0_rc95. This resolves CVE-2021-30465.
cos-81-12871-1290-12
Date: Jun 08, 2021 Kernel: COS-4.19.188 Kubernetes: v1.17.17 Docker: v19.03.15 Containerd: v1.3.9 Changelog (vs 81-12871-1290-11): * Updated runc to v1.0.0_rc95. This resolves CVE-2021-30465.
cos-89-16108-403-42
Date: Jun 07, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Containerd: v1.4.3 Default GPU Driver: v450.119.04 Changelog (vs 89-16108-403-26): * Upgraded the default GPU drver version to 450.119.04. * Fixed a network regression on multi-core systems when using the GVE network interface. * Fixed CPU usage for workloads with heavy page cache usage.
cos-85-13310-1260-17
Date: Jun 07, 2021 Kernel: COS-5.4.109 Kubernetes: v1.18.15 Docker: v19.03.15 Containerd: v1.4.3 Default GPU Driver: v450.51.06 Changelog (vs 85-13310-1260-8): * Fixed CPU usage for workloads with heavy page cache usage.
cos-81-12871-1290-11
Date: Jun 07, 2021 Kernel: COS-4.19.188 Kubernetes: v1.17.17 Docker: v19.03.15 Containerd: v1.3.9 Changelog (vs 81-12871-1290-8): * Fixed CVE-2019-25044 in the Linux kernel.
cos-dev-93-16442-0-0
Date: Jun 01, 2021 Kernel: COS-5.4.120 Kubernetes: v1.20.5 Docker: v20.10.6 Containerd: v1.4.4 Default GPU Driver: v450.119.04 Changelog (vs 93-16379-0-0): * Fixed CPU usage for workloads with heavy page cache usage. * Fixed 32 x truesize under-estimation for tiny skbs in the Linux kernel. * Fixed CVE-2021-3537 in libxml2. * Automatically mount OEM partition if it is sealed. * Upgraded the default GPU drver version to 450.119.04. * Upgraded Google OS Config Agent to v20210506.00. * Updated docker to v20.10.6. * Updated the Linux kernel to v5.4.120. * Updated makedumpfile package to v1.6.9.
cos-81-12871-1290-8
Date: Jun 01, 2021 Kernel: COS-4.19.188 Kubernetes: v1.17.17 Docker: v19.03.15 Containerd: v1.3.9 Changelog (vs 81-12871-1290-2): * Updated docker to v19.03.15. This fixed CVE-2021-21285.
cos-dev-93-16379-0-0
Date: May 03, 2021 Kernel: COS-5.4.114 Kubernetes: v1.20.5 Docker: v20.10.3 Containerd: v1.4.4 Changelog (vs 93-16351-0-0): * Fixed CVE-2020-24977 in libxml2. * Updated the Linux kernel to v5.4.114. * Updated google-guest-agent to v20210408.00. * Updated sshd.service to not drop active ssh sessions when sshd is restarted.
cos-89-16108-403-26
Date: May 03, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Containerd: v1.4.3 Changelog (vs 89-16108-403-22): * Updated google-guest-agent to v20210408.00. * Updated sshd.service to not drop active ssh sessions when sshd is restarted.
cos-85-13310-1260-8
Date: May 03, 2021 Kernel: COS-5.4.109 Kubernetes: v1.18.15 Docker: v19.03.15 Containerd: v1.4.3 Changelog (vs 85-13310-1260-5): * Upgraded dev-vcs/git to version 2.26.3. This resolves CVE-2021-21300.
cos-81-12871-1290-2
Date: Apr 27, 2021 Kernel: COS-4.19.188 Kubernetes: v1.17.17 Docker: v19.03.14 Containerd: v1.3.9 Changelog (vs 81-12871-1245-24): * LTS Refresh Release. * Fixed an authentication error when using go-dbus to connect systemd. * Addressed CVE-2020-12049 in dbus. * Updated the Linux kernel to v4.19.188. * Fixed CVE-2021-23840 and CVE-2021-23841 in openssl. * Updated the built-in kubectl/kubelet to 1.17.17. * Updated glib to v2.66.7. This resolved CVE-2021-27218 and CVE-2021-27219. * Updated curl to v7.74.0. This resolved CVE-2020-8177, CVE-2020-8169, CVE-2020-8285, CVE-2020-8284 and CVE-2020-8286. * Upgraded tar to 1.34. * Upgraded libgcrypt to v1.9.1. This addresses CVE-2021-3345.
cos-dev-93-16351-0-0
Date: Apr 22, 2021 Kernel: COS-5.4.113 Kubernetes: v1.20.5 Docker: v20.10.3 Containerd: v1.4.4 Changelog (vs 93-16340-0-0): * Updated the Linux kernel to v5.4.113. * Upgraded dev-vcs/git to version 2.31.0. This resolves CVE-2021-21300. * Fixed an out-of-bounds write issue in the Linux kernel.
cos-89-16108-403-22
Date: Apr 22, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Containerd: v1.4.3 Changelog (vs 89-16108-403-15): * Fixed an out-of-bounds write issue in the Linux kernel.
cos-85-13310-1260-5
Date: Apr 22, 2021 Kernel: COS-5.4.109 Kubernetes: v1.18.15 Docker: v19.03.15 Containerd: v1.4.3 Changelog (vs 85-13310-1260-1): * Fixed an out-of-bounds write issue in the Linux kernel.
cos-81-12871-1245-24
Date: Apr 22, 2021 Kernel: COS-4.19.167 Kubernetes: v1.17.15 Docker: v19.03.14 Containerd: v1.3.9 Changelog (vs 81-12871-1245-19): * Fixed an out-of-bounds write issue in the Linux kernel.
cos-dev-93-16340-0-0
Date: Apr 19, 2021 Kernel: COS-5.4.112 Kubernetes: v1.20.5 Docker: v20.10.3 Containerd: v1.4.4 Changelog (vs 93-16331-0-0): * Updated the Linux kernel to v5.4.112. * Updated kubernetes to v1.20.5. * Upgrade tar to 1.34. * Enable ip6table_nat as module.
cos-85-13310-1260-1
Date: Apr 13, 2021 Kernel: COS-5.4.109 Kubernetes: v1.18.15 Docker: v19.03.15 Containerd: v1.4.3 Changelog (vs 85-13310-1209-29): * LTS Refresh Release. * Updated the Linux kernel to v5.4.109. * Updated glib to v2.66.7. This fixes CVE-2021-27218 and CVE-2021-27219. * Updated the built-in kubectl/kubelet to v1.18.15. * Fixed CVE-2020-28493 in dev-python/jinja. * Fixed CVE-2020-13630,CVE-2020-9327,CVE-2020-13871, CVE-2020-11656,CVE-2020-11655,CVE-2020-15358, CVE-2020-13631,CVE-2020-13632,CVE-2020-13434,CVE-2020-9327,CVE-2020-13435 for dev-db/sqlite * Upgraded docker to v19.03.15 * Added cos-package-info.json file containing the installed packages as well as packages used during build time of COS image.
cos-dev-93-16331-0-0
Date: Apr 12, 2021 Kernel: COS-5.4.110 Kubernetes: v1.20.2 Docker: v20.10.3 Containerd: v1.4.4 Changelog (vs 93-16303-0-0): * Updated the Linux kernel to v5.4.110. * Upgraded dev-db/sqlite to version 3.34.1. This resolves CVE-2021-20227. * Upgraded Google OS Config Agent to version 20210331.00. * Updated containerd to version 1.4.4. * Configured google-guest-agent to use usermod instead of gpasswd to add users to groups. This fixes an issue where users created through cloud-init sometimes were not added to the appropriate groups. * Enabled CONFIG_IP6_NF_MANGLE to allow ip6table_mangle kernel module.
cos-85-13310-1209-29
Date: Apr 12, 2021 Kernel: COS-5.4.89 Kubernetes: v1.18.13 Docker: v19.03.14 Containerd: v1.4.3 Changelog (vs 85-13310-1209-24): * Upgraded openssh to version 8.5_p1. This resolves CVE-2021-28041. * Upgraded openssl to version 1.1.1k. This resolves CVE-2021-3449 and CVE-2021-3450.
cos-89-16108-403-15
Date: Apr 07, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 89-16108-403-11): * Configured google-guest-agent to use usermod instead of gpasswd to add users to groups. This fixes an issue where users created through cloud-init sometimes were not added to the appropriate groups. * Upgraded Google OS Config Agent to version 20210331.00. * M89 has been promoted to stable; this image is now ready for production use.
cos-dev-93-16303-0-0
Date: Apr 05, 2021 Kernel: COS-5.4.108 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 93-16295-0-0): * Updated openssl to 1.1.1k to resolve CVE-2021-3449 and CVE-2021-3450. * Enabled CONFIG_TLS and CONFIG_TLS_DEVICE in the kernel to support kTLS.
cos-beta-89-16108-403-11
Date: Apr 05, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 89-16108-403-7): * Updated openssh to 8.5_p1 to resolve CVE-2021-28041. * Updated openssl to 1.1.1k to resolve CVE-2021-3449 and CVE-2021-3450.
cos-85-13310-1209-24
Date: Apr 05, 2021 Kernel: COS-5.4.89 Kubernetes: v1.18.13 Docker: v19.03.14 Changelog (vs 85-13310-1209-17): * Updated openssl to version 1.1.1j. This resolves CVE-2021-23840 and CVE-2021-23841.
cos-81-12871-1245-19
Date: Apr 05, 2021 Kernel: COS-4.19.167 Kubernetes: v1.17.15 Docker: v19.03.14 Changelog (vs 81-12871-1245-15): * Updated sqlite to version 3.33.0. This resolves the following CVEs: CVE-2020-13630 CVE-2020-9327 CVE-2020-13871 CVE-2020-11656 CVE-2020-11655 CVE-2020-15358 CVE-2020-13631 CVE-2020-13632 CVE-2020-13434 CVE-2020-9327 CVE-2020-13435
cos-dev-93-16295-0-0
Date: Mar 29, 2021 Kernel: COS-5.4.108 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 93-16259-0-0): * Upgraded OpenSSH to v8.5_p1. This resolved CVE-2021-28041. * Updated docker-credential-gcr to v2.0.4. * Updated the Linux kernel to v5.4.108. * Fixed an issue in google-guest-agent where the GID of a user's home directory referred to a different user after a reboot. * Enabled CONFIG_TLS in the kernel to support OpenSSL3.0.
cos-beta-89-16108-403-7
Date: Mar 29, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 89-16108-403-1): * Enabled CONFIG_TLS in the kernel to support OpenSSL3.0. * Fixed an issue in google-guest-agent where the GID of a user's home directory referred to a different user after a reboot.
cos-beta-89-16108-403-1
Date: Mar 23, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 89-16108-0-380): * LTS Refresh Release. * Upgraded dev-python/jinja to v2.11.3. This resolved CVE-2020-28493. * Updated openssl to version 1.1.1j. This resolved CVE-2021-23840 and CVE-2021-23841. * Updated glib to v2.66.7. This resolved CVE-2021-27218 and CVE-2021-27219. * Updated the Linux kernel to v5.4.104. This resolved CVE-2021-28038, CVE-2021-27363, CVE-2021-27365, CVE-2021-27364 and CVE-2020-27825. * Updated docker-cli to v20.10.3. This resolved CVE-2021-21285. * Updated docker to v20.10.3. This resolved CVE-2021-21285. * Updated e2fsprogs and e2fsprogs-libs to v1.46.2. * Updated docker-credential-gcr to v2.0.4.
cos-dev-93-16259-0-0
Date: Mar 22, 2021 Kernel: COS-5.4.104 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 93-16240-0-0): * Updated cos-gpu-installer to v2.0.5 in cos-extensions. * Upgrade e2fsprogs to version 1.46.2 * Updated the Linux kernel to upstream/v5.4.104.
cos-beta-89-16108-0-380
Date: Mar 22, 2021 Kernel: COS-5.4.92 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 89-16108-0-376): * Make google-guest-agent part of systemd-networkd.
cos-dev-93-16240-0-0
Date: Mar 15, 2021 Kernel: COS-5.4.102 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 93-16234-0-0): * Updated the Linux kernel to v5.4.102.
cos-dev-93-16234-0-0
Date: Mar 08, 2021 Kernel: COS-5.4.101 Kubernetes: v1.20.2 Docker: v20.10.3 Changelog (vs 93-16207-0-0): * Revert "Stackdriver logs now record Docker container names by default" due to an incompatibility with Kubernetes. * Upgraded sys-auth/pambase to version 20201103. * Upgraded sys-libs/pam to version 1.5.1. * Upgraded sys-auth/passwdqc to version 1.4.0. * Updated the Linux kernel to upstream/v5.4.101. * Updated Docker to 20.10.3. * Updated openssl to version 1.1.1j. This resolves CVE-2021-23840 and CVE-2021-23841. * Updated chronyd to run as the chrony user instead of the root user.
cos-beta-89-16108-0-376
Date: Mar 08, 2021 Kernel: COS-5.4.92 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 89-16108-0-262): * Revert "Stackdriver logs now record Docker container names by default" due to an incompatibility with Kubernetes. * Fixed warning in docker when homedir not present. * Fixed CVE-2021-3347 in the Linux kernel.
cos-dev-93-16207-0-0
Date: Mar 01, 2021 Kernel: COS-5.4.100 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 93-16173-0-0): * Upgraded libgcrypt to v1.9.1. This addresses CVE-2021-3345. * Upgraded dev-python/jinja to v2.11.3. This addresses CVE-2020-28493. * Updated glib to v2.66.7. This addresses CVE-2021-27218 and CVE-2021-27219. * Updated the Linux kernel to v5.4.100. * Fixed warning in docker when homedir not present. * Updated cos-gpu-installer to v2.0.4 in cos-extensions. * Added support for multiple architectures in toolbox.
cos-beta-89-16108-0-262
Date: Mar 01, 2021 Kernel: COS-5.4.92 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 89-16108-0-180): * Upgraded libgcrypt to v1.9.1. This addresses CVE-2021-3345.
cos-85-13310-1209-17
Date: Mar 01, 2021 Kernel: COS-5.4.89 Kubernetes: v1.18.13 Docker: v19.03.14 Changelog (vs 85-13310-1209-12): * Upgraded libgcrypt to v1.9.1. This addresses CVE-2021-3345.
cos-81-12871-1245-15
Date: Mar 01, 2021 Kernel: COS-4.19.167 Kubernetes: v1.17.15 Docker: v19.03.14 Changelog (vs 81-12871-1245-10): * Upgraded libgcrypt to v1.9.1. This addresses CVE-2021-3345.
cos-dev-93-16173-0-0
Date: Feb 22, 2021 Kernel: COS-5.4.98 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 93-16136-0-0): * Fixed a kernel crash due to fast commit changes. * Updated the Linux kernel to upstream/v5.4.98.
cos-85-13310-1209-12
Date: Feb 22, 2021 Kernel: COS-5.4.89 Kubernetes: v1.18.13 Docker: v19.03.14 Changelog (vs 85-13310-1209-10): * Fixed an issue where firewall initialization would fail because ip6tables was not waiting to claim the xtables lock.
cos-81-12871-1245-10
Date: Feb 22, 2021 Kernel: COS-4.19.167 Kubernetes: v1.17.15 Docker: v19.03.14 Changelog (vs 81-12871-1245-7): * Fixed an issue where firewall initialization would fail because ip6tables was not waiting to claim the xtables lock.
cos-beta-89-16108-0-180
Date: Feb 16, 2021 Kernel: COS-5.4.92 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 89-16108-0-69): * Fixed a kernel crash due to fast commit changes. * Fixed an issue where firewall initialization would fail because ip6tables was not waiting to claim the xtables lock.
cos-dev-93-16136-0-0
Date: Feb 08, 2021 Kernel: COS-5.4.95 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 89-16091-0-0): * Remove read/write/execute permissions of group and other user accounts for systemd timer files. * Upgraded e2fsprogs to version 1.46.0. * Upgraded sys-libs/e2fsprogs-libs-1.46.0. * Downgraded Google OS Config Agent to v20201229.01. * Added package net-fs/cifs-utils v6.11. * Updated the Linux kernel to v5.4.95.
cos-beta-89-16108-0-69
Date: Feb 08, 2021 Kernel: COS-5.4.92 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 89-16091-0-0): * Remove read/write/execute permissions of group and other user accounts for systemd timer files. * Upgraded e2fsprogs to version 1.46.0. * Upgraded sys-libs/e2fsprogs-libs-1.46.0. * Downgraded Google OS Config Agent to v20201229.01. * Added package net-fs/cifs-utils v6.11.
cos-85-13310-1209-10
Date: Feb 08, 2021 Kernel: COS-5.4.89 Kubernetes: v1.18.13 Docker: v19.03.14 Changelog (vs 85-13310-1209-7): * Fixed 32 x truesize under-estimation for tiny skbs in the Linux kernel.
cos-81-12871-1245-7
Date: Feb 08, 2021 Kernel: COS-4.19.167 Kubernetes: v1.17.15 Docker: v19.03.14 Changelog (vs 81-12871-1245-6): * Fixed 32x truesize under-estimation for tiny skbs in the Linux kernel.
cos-dev-89-16091-0-0
Date: Feb 01, 2021 Kernel: COS-5.4.92 Kubernetes: v1.20.2 Docker: v20.10.2 Changelog (vs 88-16038-0-0): * Upgraded app-admin/sudo to version 1.9.5_p2. This resolves CVE-2021-3156. * Upgraded the default GPU driver version to 450.80.02. * Upgraded Docker to v20.10.2. * Updated runc to v1.0.0_rc92. * Updated tini to v0.19.0. * Updated docker-proxy to v0.8.0_p20201215. * Updated the Linux kernel to v5.4.92. * Updated the built-in kubectl/kubelet to 1.20.2. * Updated node-problem-detector to v0.8.6. * Updated systemd to track the v239-stable branch. * Added CIFS support. * Backported support for experimental ext4 fast commit. * Stackdriver logs now record Docker container names by default.
cos-85-13310-1209-7
Date: Feb 01, 2021 Kernel: COS-5.4.89 Kubernetes: v1.18.13 Docker: v19.03.14 Changelog (vs 85-13310-1209-3): * Upgraded app-admin/sudo to version 1.9.5_p2. This resolves CVE-2021-3156.
cos-81-12871-1245-6
Date: Feb 01, 2021 Kernel: COS-4.19.167 Kubernetes: v1.17.15 Docker: v19.03.14 Changelog (vs 81-12871-1245-2): * Upgraded app-admin/sudo to version 1.9.5_p2. This resolves CVE-2021-3156.
cos-dev-88-16038-0-0
Date: Jan 25, 2021 Kernel: COS-5.4.90 Kubernetes: v1.19.2 Docker: v19.03.13 Changelog (vs 88-16013-0-0): * Updated cos-gpu-installer to v2.0.3 in cos-extensions. Fixed an issue in which installing GPU drivers was failing due to loading GPU kernel modules in incorrect order. * Updated the Linux kernel to upstream/v5.4.90. * Added support for parsing container logs in json format.
cos-85-13310-1209-3
Date: Jan 25, 2021 Kernel: COS-5.4.89 Kubernetes: v1.18.13 Docker: v19.03.14 Changelog (vs 85-13310-1041-161): * LTS Refresh Release. * Updated cos-gpu-installer to v2.0.3 in cos-extensions. Fixed an issue in which installing GPU drivers was failing due to loading GPU kernel modules in incorrect order. * Fixed an authenication error when using go-dbus to connect systemd. * Updated Docker to v19.03.14. * Updated the Linux kernel to upstream/v5.4.89. * Updated the built-in kubectl/kubelet to v1.18.13. * Added support for the bpf_get_netns_cookie eBPF helper. * Updated containerd to v1.4.3.
cos-81-12871-1245-2
Date: Jan 25, 2021 Kernel: COS-4.19.167 Kubernetes: v1.17.15 Docker: v19.03.14 Changelog (vs 81-12871-1230-3): * LTS Refresh Release. * Updated Docker to v19.03.14. * Updated the Linux kernel to upstream/v4.19.167. * Updated containerd to v1.3.9. * Updated the built-in kubectl/kubelet to v1.17.15.
cos-dev-88-16013-0-0
Date: Jan 11, 2021 Kernel: COS-5.4.87 Kubernetes: v1.19.2 Docker: v19.03.13 Changelog (vs 88-15978-0-0): * Updated oslogin to v20201216.00. * Updated stackdriver-logging-agent to 1.8.4. * Add build time packages to cos-package-info.json. * Updated containerd to v1.4.3. * Updated the Linux kernel to v5.4.87. * Updated Google OS Config Agent to version 20201217.00. * Add cri-tools package to COS.
cos-85-13310-1041-161
Date: Jan 11, 2021 Kernel: COS-5.4.49 Kubernetes: v1.18.9 Docker: v19.03.9 Changelog (vs 85-13310-1041-38): * Fixed CVE-2020-29661 in the Linux kernel. * Fixed CVE-2020-29660 in the Linux kernel. * Fixed an issue where sshd is restarted every minute if no oslogin users are returned by the metadata server.
cos-81-12871-1230-3
Date: Jan 11, 2021 Kernel: COS-4.19.150 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1226-0): * Created /var/lib/chrony for chrony to work accurately. * Fixed CVE-2020-29660 in the Linux kernel. * Fixed CVE-2020-29661 in the Linux kernel.
cos-77-12371-1109-0
Date: Jan 11, 2021 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-1105-0): * Fixed CVE-2020-29660 in the Linux kernel. * Fixed CVE-2020-29661 in the Linux kernel.
cos-dev-88-15978-0-0
Date: Dec 15, 2020 Kernel: COS-5.4.83 Kubernetes: v1.19.2 Docker: v19.03.13 Changelog (vs 88-15823-0-0): * Updated node-problem-detector to v0.8.5. * Updated the Linux kernel to upstream/v5.4.83. * Updated Google OS Config Agent to version 20201208.00. * Ported sched/futex enhancement to COS kernel. * Removed metrics-daemon.service from sysdaemons. * Upgraded python based compute-image-packages to the new Go based google-guest-agent v20201102.00. * Added crictl. * Added console=tty1 to the kernel command line.
cos-dev-88-15823-0-0
Date: Dec 02, 2020 Kernel: COS-5.4.79 Kubernetes: v1.19.2 Docker: v19.03.13 Changelog (vs 88-15480-0-0): * Updated shadow tool suite (sys-apps/shadow) to 4.8.1. * Updated the Linux kernel to upstream/v5.4.78. * Updated AppArmor to 2.13.5. * Updated net-firewall/iptables to 1.8.5. * Updated Linux Audit (sys-process/audit) to 2.8.5. * Updated the Linux kernel to upstream/v5.4.79. * Addressed a regression in VM provisioning time by restructuring cloud-init service dependencies. * Updated sosreport to 4.0. * Fixed an authenication error when using go-dbus to connect to systemd. * Updated the default toolbox Docker image to 20201104-00. * Moved Docker's "registry-mirrors" configuration to the dockerd command line to address Kubernetes cluster provisioning errors. * Fixed CVE-2020-15257 in containerd.
cos-85-13310-1041-38
Date: Dec 02, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.9 Docker: v19.03.9 Changelog (vs 85-13310-1041-28): * Fixed CVE-2020-15257 in containerd.
cos-81-12871-1226-0
Date: Dec 02, 2020 Kernel: COS-4.19.150 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1218-0): * Fixed CVE-2020-15257 in containerd.
cos-77-12371-1105-0
Date: Dec 02, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-1096-0): * Fixed CVE-2020-15257 in containerd.
cos-stable-85-13310-1041-28
Date: Nov 11, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.9 Docker: v19.03.9 Changelog (vs 85-13310-1041-24): * cloud-init starts after network-online because cloud-init does not configure network for COS on GCP.
cos-dev-88-15480-0-0
Date: Nov 02, 2020 Kernel: COS-5.4.72 Kubernetes: v1.19.2 Docker: v19.03.13 Changelog (vs 86-15217-0-0): * Updated the Linux kernel to upstream/v5.4.72. * Backported INIT_STACK_ALL_ZERO to replace INIT_STACK_ALL. * Added PPP loadable modules back, which were removed in cos-rc-85-13310-1019-0. * Enabled GENEVE in kernel. * Updated node-problem-detector to identify HungTasks. * Upgraded libcrypt package to libcrypt-1. * Made node-problem-detector as default monitoring agent. Also, deprecated Stackdriver monitoring agent. * Fixed data corruption in network packet for gve-1.1.0. * Upgraded google-osconfig-agent to 20201008.00.
cos-81-12871-1218-0
Date: Oct 26, 2020 Kernel: COS-4.19.150 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1216-0): * Updated the Linux kernel to v4.19.150.
cos-77-12371-1096-0
Date: Oct 26, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-1088-0): * Fixed CVE-2020-14356.
cos-stable-85-13310-1041-24
Date: Oct 19, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.9 Docker: v19.03.9 Changelog (vs 85-13310-1041-17): * Backported INIT_STACK_ALL_ZERO to replace INIT_STACK_ALL. * Fixed data corruption in network packet for gve-1.1.0.
cos-81-12871-1216-0
Date: Oct 19, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1210-0): * Fixed CVE-2020-14356.
cos-stable-85-13310-1041-17
Date: Oct 12, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.9 Docker: v19.03.9 Changelog (vs 85-13310-1041-14): * Added PPP loadable modules back, which were removed in cos-rc-85-13310-1019-0. * Moved Docker's "registry-mirrors" configuration to the dockerd command line to address Kubernetes cluster provisioning errors.
cos-81-12871-1210-0
Date: Oct 12, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1207-0): * Added PPP loadable modules back, which were removed in cos-81-12871-1185-0. * Moved Docker's "registry-mirrors" configuration to the dockerd command line to address Kubernetes cluster provisioning errors.
cos-77-12371-1088-0
Date: Oct 12, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-1086-0): * Added PPP loadable modules back, which were removed in cos-77-12371-1072-0. * Moved Docker's "registry-mirrors" configuration to the dockerd command line to address Kubernetes cluster provisioning errors.
cos-dev-86-15217-0-0
Date: Oct 08, 2020 Kernel: COS-5.4.69 Kubernetes: v1.19.2 Docker: v19.03.13 Changelog (vs 86-15199-0-0): * Updated the Linux kernel to v5.4.69. * Moved the configuration of Docker's "registry-mirrors" option from the dockerd command line to /etc/docker/daemon.json. This should allow users to configure a custom registry mirror, which can be useful when responding to recent Docker Hub free tier changes.
cos-stable-85-13310-1041-14
Date: Oct 08, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.9 Docker: v19.03.9 Changelog (vs 85-13310-1041-9): * Moved the configuration of Docker's "registry-mirrors" option from the dockerd command line to /etc/docker/daemon.json. This should allow users to configure a custom registry mirror, which can be useful when responding to recent Docker Hub free tier changes.
cos-81-12871-1207-0
Date: Oct 08, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1200-0): * Fixed an issue in containerd that can cause the Kubelet on master VMs to fail to restart containers in static pods. * Moved the configuration of Docker's "registry-mirrors" option from the dockerd command line to /etc/docker/daemon.json. This should allow users to configure a custom registry mirror, which can be useful when responding to recent Docker Hub free tier changes.
cos-77-12371-1086-0
Date: Oct 08, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-1079-0): * Moved the configuration of Docker's "registry-mirrors" option from the dockerd command line to /etc/docker/daemon.json. This should allow users to configure a custom registry mirror, which can be useful when responding to recent Docker Hub free tier changes. * Fixed CVE-2020-15157 in containerd.
cos-dev-86-15199-0-0
Date: Oct 01, 2020 Kernel: COS-5.4.68 Kubernetes: v1.19.2 Docker: v19.03.13 Changelog (vs 86-15184-0-0): * Updated the Linux kernel to v5.4.68. * Fixed a kernel crash in KTD. * Updated node-problem-detector to detect dockerhung, corruptdockeroverlays and docker start-up failures.
cos-dev-86-15184-0-0
Date: Sep 24, 2020 Kernel: COS-5.4.66 Kubernetes: v1.19.2 Docker: v19.03.13 Changelog (vs 86-15168-0-0): * Fixed CVE-2019-5815 in libxslt (heap corruption via crafted XML data). * Fixed CVE-2019-19956 in libxml2 (memory leak). * Updated cloud-init to 20.1. * Upgraded Docker to version 19.03.13. * Updated the Linux kernel to v5.4.66. * Added nfs-utils. * Updated the built-in kubectl/kubelet to 1.19.2. * Upgraded containerd to version 1.4.1.
cos-85-13310-1041-9
Date: Sep 24, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.9 Docker: v19.03.9 Changelog (vs 85-13310-1041-1): * Updated the built-in kubectl/kubelet to 1.18.9. * Updated e2fsprogs to fix partition resize issue. * Upgraded containerd to version 1.4.1. * Fixed a kernel crash in KTD. * Added nfs-utils.
cos-81-12871-1200-0
Date: Sep 24, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1196-0): * Fixed an issue where containerd leaked eventfds.
cos-dev-86-15168-0-0
Date: Sep 18, 2020 Kernel: COS-5.4.65 Kubernetes: v1.18.8 Docker: v19.03.9 Changelog (vs 86-15151-0-0): * Updated node-problem-detector to version 0.8.4 * Updated the Linux kernel to v5.4.65. * Deprecate stackdriver monitoring and replace with node-problem-detector when `google-monitoring-enabled` key is set to true. * Fixed a containerd issue found after 1.4.0 upgrade where the container would become unresponsive after running `docker exec`.
cos-beta-85-13310-1041-1
Date: Sep 18, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.8 Docker: v19.03.9 Changelog (vs 85-13310-1040-0): * Fixed a containerd issue found after 1.4.0 upgrade where the container would become unresponsive after running `docker exec`.
cos-81-12871-1196-0
Date: Sep 05, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1190-0): * Fixed Linux kernel vulnerability CVE-2020-14386 by fixing an integer overflow issue in tpacket_rcv.
cos-77-12371-1079-0
Date: Sep 05, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-1073-0): * Fixed Linux kernel vulnerability CVE-2020-14386 by fixing an integer overflow issue in tpacket_rcv.
cos-73-11647-656-0
Date: Sep 05, 2020 Kernel: COS-4.14.174 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-600-0): * Fixed Linux kernel vulnerability CVE-2020-14386 by fixing an integer overflow issue in tpacket_rcv.
cos-dev-86-15151-0-0
Date: Sep 04, 2020 Kernel: COS-5.4.61 Kubernetes: v1.18.8 Docker: v19.03.9 Changelog (vs 86-15130-0-0): * Fixed Linux kernel vulnerability CVE-2020-14386 by fixing an integer overflow issue in tpacket_rcv. * Added package rpcbind to support rpc. * Updated the Linux kernel to v5.4.61. * Added package nfs-utils to support NFS. * Upgraded containerd to v1.4.0.
cos-beta-85-13310-1040-0
Date: Sep 04, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.8 Docker: v19.03.9 Changelog (vs 85-13310-1037-0): * Fixed Linux kernel vulnerability CVE-2020-14386 by fixing an integer overflow issue in tpacket_rcv. * Added package rpcbind to support rpc. * Added package nfs-utils to support NFS. * Upgraded containerd to v1.4.0.
cos-beta-85-13310-1037-0
Date: Sep 02, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.8 Docker: v19.03.9 Changelog (vs 85-13310-1034-0): * Added ext4 block bitmap prefetching feature.
cos-dev-86-15130-0-0
Date: Aug 27, 2020 Kernel: COS-5.4.60 Kubernetes: v1.18.8 Docker: v19.03.9 Changelog (vs 86-15119-0-0): * Updated the built-in kubectl/kubelet to 1.18.8. * Updated Konlet to v0.11.0. * Updated the Linux kernel to v5.4.60. * Updated OpenSSH to v8.3_p1.
cos-rc-85-13310-1034-0
Date: Aug 27, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.8 Docker: v19.03.9 Changelog (vs 85-13310-1032-0): * Updated the built-in kubectl/kubelet to 1.18.8. * Updated Konlet to v0.11.0.
cos-stable-77-12371-1073-0
Date: Aug 21, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-1072-0): * Enabled utmp in systemd to allow creation of utmp files.
cos-stable-81-12871-1190-0
Date: Aug 20, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1185-0): * Reverted the change that enforcing kernel modules must be signed. * Removed cos-extensions utility. Users should use cos-gpu-installer to install GPU drivers on COS milestone 81. * Enabled utmp in systemd to allow creation of utmp files.
cos-dev-86-15119-0-0
Date: Aug 17, 2020 Kernel: COS-5.4.58 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 86-15103-0-0): * Upgraded the Linux kernel to v5.4.58. * Enabled utmp in systemd to allow creation of utmp files. * Added XFS quota support in preview mode. * Upgraded default GPU driver version to 450.51.06. * Upgraded containerd to 1.4.0-rc.0.
cos-rc-85-13310-1032-0
Date: Aug 17, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 85-13310-1028-0): * Created /var/lib/chrony for chrony to work accurately. * Enabled utmp in systemd to allow creation of utmp files. * Upgraded default GPU driver version to 450.51.06.
cos-dev-86-15103-0-0
Date: Aug 10, 2020 Kernel: COS-5.4.57 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 86-15078-0-0): * Fixed CVE-2020-14308, CVE-2020-14311 and CVE-2020-15705 in grub. * Update docker-credential-gcr to v2.0.2. * Made dioread_nolock non-default. * Added the cos-extensions-manager package. Click here to learn more about cos-extensions. * Fixed bug in chrony due to non-presence of /var/lib/chrony. * Updated the Linux kernel to v5.4.57. * Updated e2fsprogs to fix partition resize issue.
cos-77-12371-1072-0
Date: Aug 10, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-1064-0): * Disabled CONFIG_PPP to mitigate Linux Kernel CVE-2020-14416. * Fixed CVE-2020-15705 in grub.
cos-rc-85-13310-1028-0
Date: Aug 07, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 85-13310-1023-0): * Fixed CVE-2020-14308, CVE-2020-14311 and CVE-2020-15705 in grub. * Fixed CVE-2020-14155 and CVE-2019-20838 in libpcre. * Updated docker-credential-gcr to v2.0.2. * Made dioread_nolock non-default. * Added the cos-extensions-manager package. Click here to learn more about cos-extensions.
cos-81-12871-1185-0
Date: Aug 07, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1174-0): * Fixed CVE-2020-14308, CVE-2020-14311 and CVE-2020-15705 in grub. * Disabled CONFIG_PPP to mitigate Linux Kernel CVE-2020-14416. * Added the cos-extensions-manager package. Click here to learn more about cos-extensions. * Updated docker-credential-gcr to v2.0.2.
cos-dev-86-15078-0-0
Date: Jul 30, 2020 Kernel: COS-5.4.53 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 86-15053-0-0): * Removed the metrics daemon to address an issue where it would periodically cause CPU usage spikes in some cases. * Updated the Linux kernel to v5.4.53. * Updated toolbox to version 20200715-00. * Added support for LSM and SELinux checks. * Fixed CVE-2020-14155 by updating libpcre to version 8.44.
cos-rc-85-13310-1023-0
Date: Jul 30, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 85-13310-1019-0): * Removed the metrics daemon to address an issue where it would periodically cause CPU usage spikes in some cases.
cos-81-12871-1174-0
Date: Jul 30, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-1160-0): * Removed the metrics daemon to address an issue where it would periodically cause CPU usage spikes in some cases. * Changed kernel command line to enforce kernel module must be signed.
cos-77-12371-1064-0
Date: Jul 30, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-326-0): * Removed the metrics daemon to address an issue where it would periodically cause CPU usage spikes in some cases.
cos-rc-85-13310-1019-0
Date: Jul 24, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 85-13310-1015-0): * Backport upstream patch 'perf_event: support for LSM and SELinux check'. * Disable CONFIG_PPP to mitigate Linux Kernel CVE-2020-14416. * Updated toolbox tag to 20200715-00.
cos-stable-81-12871-1160-0
Date: Jul 24, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-181-0): * Updated node problem detector to 0.8.1
cos-rc-85-13310-1015-0
Date: Jul 15, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 85-13310-12-0): * Update tcp_keepalive_time to 300 seconds.
cos-stable-81-12871-181-0
Date: Jul 13, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-148-0): * Added rsync back into the image, which was removed in cos-dev-77-12293-0-0. * Mount /var/lib/containerd with exec option. * Fixed CVE-2019-9169. * Enabled support for Confidential VMs.
cos-stable-77-12371-326-0
Date: Jul 13, 2020 Kernel: COS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-296-0): * Added rsync back into the image, which was removed in cos-dev-77-12293-0-0. * Mount /var/lib/containerd with exec option. * Moved Kernel source to cos.googlesource.com. * Fixed CVE-2019-9169.
cos-stable-73-11647-600-0
Date: Jul 13, 2020 Kernel: COS-4.14.174 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-559-0): * Moved Kernel source to cos.googlesource.com. * Mounted /var/lib/containerd with exec option. * Fixed incorrect bprm->vma_pages prevent capturing all stack pages.
cos-dev-86-15053-0-0
Date: Jul 09, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 85-13288-0-0): * Disabled CONFIG_PPP to mitigate Linux Kernel CVE-2020-14416. * Enabled INIT_STACK_ALL kernel hardening option. * Made /proc/self/mem readonly. * Integrated KTD LSM into 5.4 kernel. * Disabled hung_task_panic by default. * Upgraded Konlet to v0.10.0 * Added rsync back into the image, which was removed in cos-dev-77-12293-0-0. * Upgraded docker-credential-gcr to 2.0.1. * Added FUSE userspace utilities. * Added the cos-extensions-manager package. Click here to learn more about cos-extensions. * Updated tcp_keepalive_time to 300 seconds. * Increased kdump memory reservation to 256M for 8G-16G instances. * Enabled DEVTMFS_SAFE, which automounts devtmpfs with nosuid and noexec. * Added sys-apps/nvme-cli package. * Upgraded oslogin to v20200507.00. * Made chrony the default NTP client. * Added Google OS Config Agent. * Upgraded the Linux kernel to v5.4.49. * Mount /var/lib/containerd with exec option. * Upgraded compute-image-packages to v20191210. * Addressed CVE-2020-12049 in dbus. * Fixed a bug that caused OS login to use excessive amounts of memory. * Enabled support for Confidential VMs.
cos-rc-85-13310-12-0
Date: Jul 09, 2020 Kernel: COS-5.4.49 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 85-13288-0-0): * Upgraded oslogin to v20200507.00. * Mount /var/lib/containerd with exec option. * Upgraded docker-credential-gcr to 2.0.1. * Upgraded the Linux kernel to v5.4.49. * Enabled INIT_STACK_ALL kernel hardening option. * Made /proc/self/mem readonly. * Upgraded compute-image-packages to v20191210. * Added rsync back into the image, which was removed in cos-dev-77-12293-0-0. * Added sys-apps/nvme-cli package. * Integrated KTD LSM into 5.4 kernel. * Upgraded Konlet to v0.10.0. * Disabled hung_task_panic by default. * Enabled DEVTMFS_SAFE, which automounts devtmpfs with nosuid and noexec. * Increased kdump memory reservation to 256M for 8G-16G instances. * Added FUSE userspace utilities. * Added Google OS Config Agent. * Made chrony the default NTP client. * Addressed CVE-2020-12049 in dbus. * Fixed a bug that caused OS login to use excessive amounts of memory. * Enabled support for Confidential VMs.
cos-dev-85-13288-0-0
Date: Jun 17, 2020 Kernel: COS-4.19.127 Kubernetes: v1.18.3 Docker: v19.03.9 Changelog (vs 85-13260-0-0): * Fixed a build issue in systemd due to Meson upgrade. * Updated toolbox base container image to include security patches. * Upgraded the Linux kernel to v4.19.127. * Made dioread_nolock non-default. * Updated the built-in kubectl/kubelet to 1.18.3. * Updated GVNIC driver to version 1.1.0.
cos-stable-81-12871-148-0
Date: Jun 17, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-146-0): * Made dioread_nolock non-default.
cos-stable-81-12871-146-0
Date: Jun 16, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-130-0): * Updated toolbox base container image to include security patches.
cos-77-12371-296-0
Date: Jun 16, 2020 Kernel: ChromiumOS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-284-0): * Updated toolbox base container image to include security patches.
cos-stable-81-12871-130-0
Date: Jun 16, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.6 Docker: v19.03.6 Changelog (vs 81-12871-119-0): * Updated the built-in kubectl/kubelet to v1.17.6 to fix a bug that could result in the inability to start a cluster.
cos-dev-85-13260-0-0
Date: Jun 01, 2020 Kernel: COS-4.19.124 Kubernetes: v1.18.2 Docker: v19.03.9 Changelog (vs 84-13078-0-0): * Upgraded the Linux kernel to v4.19.124. * Upgraded Docker to v19.03.9. * Upgraded gve driver to v1.1.0. * Upgraded json-c to v0.14-r2. * Fixed OS Login CVEs. * Set default umask to 027.
cos-77-12371-284-0
Date: Jun 01, 2020 Kernel: ChromiumOS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-274-0): * Upgraded libseccomp to version 2.4.2 to address CVE-2019-9893.
cos-73-11647-559-0
Date: Jun 01, 2020 Kernel: ChromiumOS-4.14.174 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-534-0): * Upgraded libseccomp to version 2.4.2 to address CVE-2019-9893.
cos-stable-81-12871-119-0
Date: May 28, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-117-0): * Fixed a few OS Login CVEs: CVE-2020-8903, CVE-2020-8907, CVE-2020-8933.
cos-stable-81-12871-117-0
Date: May 27, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-103-0): * Upgraded sys-libs/libseccomp to version 2.4.2-r1 to fix CVE-2019-9893.
cos-77-12371-274-0
Date: May 26, 2020 Kernel: ChromiumOS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-273-0): * Fixed a few OS Login CVEs: CVE-2020-8903, CVE-2020-8907, CVE-2020-8933.
cos-beta-81-12871-117-0
Date: May 26, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-44-0): * Added package sys-apps/acl. * Backported systemd patch ba0d56f55 to address an issue that resulted in leaked mount units. * Disabled `accept_ra` on all interfaces by default. * Moved kernel repository to https://cos.googlesource.com/third_party/kernel. * Removed gve package. * Upgraded dev-db/sqlite to version 3.31.1. * Upgraded sys-libs/libseccomp to version 2.4.2-r1 to fix CVE-2019-9893.
cos-77-12371-273-0
Date: May 21, 2020 Kernel: ChromiumOS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-251-0): * Fixed a Stackdriver Monitoring agent bug where not all mounted disk partitions has their usage reported.
cos-dev-84-13078-0-0
Date: May 07, 2020 Kernel: COS-4.19.119 Kubernetes: v1.18.2 Docker: v19.03.8 Changelog (vs 83-13020-12-0): * Updated makedumpfile to 1.6.7. * Added package sys-apps/acl. * Updated docker to 19.03.8. * Upgraded to latest google sdk(287) in cos-toolbox. * Disabled `accept_ra` on all interfaces by default. * Updated containerd to v1.3.4. * Upgraded the Linux kernel to v4.19.119. * Updated the built-in kubectl/kubelet to 1.18.2. * Updated the Python requests package to v2.22.0 to address CVE-2018-18074. * Updated libseccomp to v2.4.2 to address CVE-2019-9893.
cos-81-12871-103-0
Date: May 07, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-96-0): * Added package sys-apps/acl.
cos-73-11647-534-0
Date: May 07, 2020 Kernel: ChromiumOS-4.14.174 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-510-0): * Image rebuild to address an infrastructure issue. No image changes.
cos-81-12871-96-0
Date: Apr 29, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-76-0): * Fixed a kernel bug where eBPF programs can cause softlockups.
cos-77-12371-251-0
Date: Apr 29, 2020 Kernel: ChromiumOS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-233-0): * Fixed a kernel bug where eBPF programs can cause softlockups. lockups
cos-81-12871-76-0
Date: Apr 29, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-69-0): * Disabled `accept_ra` on all interfaces by default.
cos-77-12371-233-0
Date: Apr 29, 2020 Kernel: ChromiumOS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-227-0): * Disabled `accept_ra` on all interfaces by default.
cos-dev-83-13020-12-0
Date: Apr 13, 2020 Kernel: COS-4.19.114 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 83-12998-0-0): * Backported systemd patch ba0d56f55 to address an issue that resulted in leaked mount units. * Moved kernel repository to https://cos.googlesource.com/third_party/kernel. * Upgraded the Linux kernel to v4.19.112. * Backported necessary ext4 patches and made dioread_nolock default.
cos-stable-73-11647-510-0
Date: Apr 13, 2020 Kernel: ChromiumOS-4.14.174 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-501-0): * Disabled `accept_ra` on all interfaces by default. * Upgraded OpenSSH to 7.9_p1 to fix CVE-2018-15473.
cos-stable-81-12871-69-0
Date: Apr 05, 2020 Kernel: COS-4.19.112 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-44-0): * Upgraded the Linux kernel to v4.19.112. * Backported systemd patch ba0d56f55 to address an issue that resulted in leaked mount units. * Upgraded dev-db/sqlite to 3.31.1. * Moved kernel repository to cos.googlesource.com/third_party/kernel. * Backported necessary ext4 patches and made dioread_nolock default.
cos-stable-77-12371-227-0
Date: Apr 05, 2020 Kernel: ChromiumOS-4.19.112 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-208-0): * Upgraded the Linux kernel to v4.19.112. * Backported systemd patch ba0d56f55 to address an issue that resulted in leaked mount units.
cos-stable-73-11647-501-0
Date: Apr 05, 2020 Kernel: ChromiumOS-4.14.174 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-459-0): * Upgraded the Linux kernel to v4.14.174. * Backported systemd patch ba0d56f55 to address an issue that resulted in leaked mount units.
cos-dev-83-12998-0-0
Date: Mar 27, 2020 Kernel: ChromiumOS-4.19.108 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 82-12962-0-0): * Upgraded cloud-init to v19.4. * Upgraded the Linux kernel to v4.19.108. * Removed size limit on /etc/ to fix cluster creation failure because of large number of addons. * Upgraded node problem detector to v0.8.1.
cos-stable-81-12871-59-0
Date: Mar 27, 2020 Kernel: ChromiumOS-4.19.112 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-44-0): * Upgraded the Linux kernel to v4.19.112.
cos-beta-81-12871-44-0
Date: Mar 17, 2020 Kernel: ChromiumOS-4.19.108 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-38-0): * Upgraded the Linux kernel to v4.19.108. * Removed size limit on /etc/ to fix cluster creation failure because of large number of addons.
cos-stable-80-12739-104-0
Date: Mar 17, 2020 Kernel: ChromiumOS-4.19.87 Kubernetes: v1.16.6 Docker: v19.03.5 Changelog (vs 80-12739-91-0): * Removed size limit on /etc/ to fix cluster creation failure because of large number of addons.
cos-stable-77-12371-208-0
Date: Mar 17, 2020 Kernel: ChromiumOS-4.19.109 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-183-0): * Enabled NETFILTER_XT_MATCH_SOCKET. * Fixed a bug where DHCP is not started after link flaps. * Removed size limit on /etc/ to fix cluster creation failure because of large number of addons. * Upgraded the Linux kernel to v4.19.109
cos-dev-82-12962-0-0
Date: Mar 09, 2020 Kernel: ChromiumOS-4.19.107 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 82-12941-0-0): * Enabled kernel config NETFILTER_XT_MATCH_SOCKET. * Upgraded the Linux kernel to v4.19.107. * Fixed ssh hostkey verification error. * Backported two trace_uprobe patches from upstream to make USDT work.
cos-beta-81-12871-38-0
Date: Mar 09, 2020 Kernel: ChromiumOS-4.19.107 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-31-0): * Enabled kernel config NETFILTER_XT_MATCH_SOCKET. * Upgraded the Linux kernel to v4.19.107. * Fixed ssh hostkey verification error. * Backported two trace_uprobe patches from upstream to make USDT work.
cos-dev-82-12941-0-0
Date: Mar 03, 2020 Kernel: ChromiumOS-4.19.105 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 82-12919-0-0): * Upgraded the Linux kernel to v4.19.105.
cos-beta-81-12871-31-0
Date: Mar 03, 2020 Kernel: ChromiumOS-4.19.105 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-17-0): * Upgraded the Linux kernel to v4.19.105. * Fixed a bug where DHCP is not started after link flaps.
cos-stable-80-12739-91-0
Date: Mar 03, 2020 Kernel: ChromiumOS-4.19.87 Kubernetes: v1.16.6 Docker: v19.03.5 Changelog (vs 80-12739-78-0): * Minor changes.
cos-dev-82-12919-0-0
Date: Feb 21, 2020 Kernel: ChromiumOS-4.19.104 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 82-12894-0-0): * Fixed a bug where DHCP is not started after link flaps. * Upgraded the Linux kernel to v4.19.104. * Updated the built-in kubectl/kubelet to 1.17.3. * Made Python3 the default Python interpreter. * Updated Docker to release v19.03.6. * Bring back 99-virtio.network to fix DHCPv6 issue. * Fixed TCP empty skb at the tail of the write queue bug in kernel.
cos-beta-81-12871-17-0
Date: Feb 21, 2020 Kernel: ChromiumOS-4.19.104 Kubernetes: v1.17.3 Docker: v19.03.6 Changelog (vs 81-12871-7-0): * Upgraded the Linux kernel to v4.19.104. * Updated the built-in kubectl/kubelet to 1.17.3. * Upgraded runc to 1.0.0-rc10. This resolves CVE-2019-19921. * Updated Docker to release v19.03.6. * Bring back 99-virtio.network to fix DHCPv6 issue. * Fixed TCP empty skb at the tail of the write queue bug in kernel.
cos-stable-80-12739-78-0
Date: Feb 21, 2020 Kernel: ChromiumOS-4.19.87 Kubernetes: v1.16.6 Docker: v19.03.5 Changelog (vs 80-12739-68-0): * Bring back 99-virtio.network to fix DHCPv6 issue. * Fixed TCP empty skb at the tail of the write queue bug in kernel.
cos-77-12371-183-0
Date: Feb 21, 2020 Kernel: ChromiumOS-4.19.104 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-175-0): * Upgraded the Linux kernel to v4.19.104 * Fixed TCP empty skb at the tail of the write queue bug in kernel.
cos-73-11647-459-0
Date: Feb 21, 2020 Kernel: ChromiumOS-4.14.171 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-449-0): * Upgraded the Linux kernel to v4.14.171. * Fixed TCP empty skb at the tail of the write queue bug in kernel.
cos-dev-82-12894-0-0
Date: Feb 12, 2020 Kernel: ChromiumOS-4.19.102 Kubernetes: v1.17.2 Docker: v19.03.5 Changelog (vs 82-12892-0-0): * Upgraded the Linux kernel to v4.19.102.
cos-beta-81-12871-7-0
Date: Feb 12, 2020 Kernel: ChromiumOS-4.19.102 Kubernetes: v1.17.2 Docker: v19.03.5 Changelog (vs 81-12871-6-0): * Upgraded the Linux kernel to v4.19.102.
cos-stable-80-12739-68-0
Date: Feb 12, 2020 Kernel: ChromiumOS-4.19.87 Kubernetes: v1.16.6 Docker: v19.03.5 Changelog (vs 80-12739-66-0): * Upgraded runc to 1.0.0-rc10. This resolves CVE-2019-19921.
cos-77-12371-175-0
Date: Feb 12, 2020 Kernel: ChromiumOS-4.19.102 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-141-0): * Enabled some QoS and Fair Queuing options in the Linux kernel. * Upgraded the Linux kernel to v4.19.102. * Upgraded runc to 1.0.0-rc10. This resolves CVE-2019-19921.
cos-73-11647-449-0
Date: Feb 12, 2020 Kernel: ChromiumOS-4.14.170 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-415-0): * Upgraded runc to 1.0.0-rc10. This resolves CVE-2019-19921. * Upgraded the Linux kernel to v4.14.170.
cos-dev-82-12892-0-0
Date: Feb 10, 2020 Kernel: ChromiumOS-4.19.101 Kubernetes: v1.17.2 Docker: v19.03.5 Changelog (vs 81-12854-0-0): * Upgraded runc to 1.0.0-rc10. This resolves CVE-2019-19921. * Upgraded cloud-init to v18.5. * Upgraded the built-in kubelet to 1.17.2. * Upgraded the Linux kernel to v4.19.101. * Upgraded iptables to 1.6.2. * Enabled some QoS and Fair Queuing options.
cos-beta-81-12871-6-0
Date: Feb 10, 2020 Kernel: ChromiumOS-4.19.101 Kubernetes: v1.17.2 Docker: v19.03.5 Changelog (vs 81-12854-0-0): * Promoted to beta channel. * Upgraded the built-in kubelet to 1.17.2. * Upgraded the Linux kernel to v4.19.101. * Enabled some QoS and Fair Queuing options.
cos-stable-80-12739-66-0
Date: Feb 10, 2020 Kernel: ChromiumOS-4.19.87 Kubernetes: v1.16.6 Docker: v19.03.5 Changelog (vs 80-12739-48-0): * Promoted to stable channel. * Updated the built-in kubelet to 1.16.6.
cos-dev-81-12854-0-0
Date: Jan 27, 2020 Kernel: ChromiumOS-4.19.97 Kubernetes: v1.17.1 Docker: v19.03.5 Changelog (vs 81-12834-0-0): * Upgraded the Linux kernel to v4.19.97. * Updated the built-in kubelet to 1.17.1. * Upgraded iptables to v1.6.2. * Upgraded openssl to 1.0.2u.
cos-beta-80-12739-48-0
Date: Jan 27, 2020 Kernel: ChromiumOS-4.19.87 Kubernetes: v1.16.5 Docker: v19.03.5 Changelog (vs 80-12739-37-0): * Updated the built-in kubelet to 1.16.5.
cos-dev-81-12834-0-0
Date: Jan 16, 2020 Kernel: ChromiumOS-4.19.94 Kubernetes: v1.17.0 Docker: v19.03.5 Changelog (vs 81-12813-0-0): * Updated the Linux kernel to v4.19.94. * Updated gve driver to v1.0.1. * Updated docker-credential-gcr to 2.0.0. * Updated docker-credential-helpers to 0.6.3. * Updated the built-in kubelet to 1.17.0.
cos-beta-80-12739-37-0
Date: Jan 16, 2020 Kernel: ChromiumOS-4.19.87 Kubernetes: v1.16.4 Docker: v19.03.5 Changelog (vs 80-12739-29-0): * Minor changes.
cos-dev-81-12813-0-0
Date: Jan 07, 2020 Kernel: ChromiumOS-4.19.91 Kubernetes: v1.16.4 Docker: v19.03.5 Changelog (vs 80-12688-0-0): * Fixed vulnerability in glibc (CVE-2019-19126). * Upgraded sqlite to 3.30.1 to fix CVE-2019-16168. * Upgraded sudo to 1.8.28_p1 to fix CVE-2019-14287. * Fixed CFS quota throttling issue. * Updated the built-in kubelet to 1.16.4. * Upgraded oslogin package to v20190315. * Upgraded the Linux kernel to v4.19.91. * Upgraded cos-toolbox to 20191218-00. * Upgrade containerd to v1.3.2. * Added chrony as an alternative NTP client. * Added GVNIC driver kernel module. * Added tcm_loop kernel module. * Disable multicast protocol LLMNR and MDNS by default.
cos-beta-80-12739-29-0
Date: Jan 07, 2020 Kernel: ChromiumOS-4.19.87 Kubernetes: v1.16.4 Docker: v19.03.5 Changelog (vs 80-12688-0-0): * Upgraded sudo to 1.8.28_p1 to fix CVE-2019-14287. * Backported fix for Linux kernel CVE-2019-19072. * Upgraded the Linux kernel to v4.19.87. * Updated the built-in kubelet to 1.16.4. * Upgraded oslogin package to v20190315. * Added GVNIC driver kernel module. * Removed alsa/midi/audio kernel features.
cos-stable-79-12607-80-0
Date: Jan 07, 2020 Kernel: ChromiumOS-4.19.79 Kubernetes: v1.16.3 Docker: v19.03.5 Changelog (vs 79-12607-60-0): * Backported fix for Linux kernel CVE-2019-19072.
cos-stable-77-12371-141-0
Date: Jan 07, 2020 Kernel: ChromiumOS-4.19.91 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-114-0): * Backported fix for Linux kernel CVE-2019-19072. * Fixed CFS quota throttling issue. * Upgraded the Linux kernel to v4.19.91.
cos-stable-73-11647-415-0
Date: Jan 07, 2020 Kernel: ChromiumOS-4.14.160 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-348-0): * Fixed CFS quota throttling issue. * Increase sysctl net.ipv4.tcp_limit_output_bytes to 1048576. * Upgraded the Linux kernel to v4.14.160.
cos-beta-79-12607-60-0
Date: Dec 16, 2019 Kernel: ChromiumOS-4.19.79 Kubernetes: v1.16.3 Docker: v19.03.5 Changelog (vs 79-12607-46-0): * Fixed CFS quota throttling issue.
cos-stable-78-12499-89-0
Date: Dec 16, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.4 Docker: v19.03.3 Changelog (vs 78-12499-59-0): * Fixed CFS quota throttling issue.
cos-beta-79-12607-46-0
Date: Dec 04, 2019 Kernel: ChromiumOS-4.19.79 Kubernetes: v1.16.3 Docker: v19.03.5 Changelog (vs 79-12607-32-0): * Updated Docker to v19.03.5. * Updated the built-in kubelet to 1.16.3.
cos-dev-80-12688-0-0
Date: Nov 18, 2019 Kernel: ChromiumOS-4.19.83 Kubernetes: v1.16.3 Docker: v19.03.5 Changelog (vs 80-12657-0-0): * Fixed the problem of spawning 8 runc state process for every exec on containerd. This was leading to high cpu utilization. * Upgraded to docker v19.03.5. * Changed the MTU of the default docker network to 1460. * Updated the built-in kubelet to 1.16.3. * Upgraded the Linux kernel to v4.19.83. * Upgraded sys-libs/libapparmor to version 2.13.3.
cos-beta-79-12607-32-0
Date: Nov 18, 2019 Kernel: ChromiumOS-4.19.79 Kubernetes: v1.16.0 Docker: v19.03.3 Changelog (vs 79-12607-22-0): * Minor changes.
cos-dev-80-12657-0-0
Date: Nov 11, 2019 Kernel: ChromiumOS-4.19.81 Kubernetes: v1.15.3 Docker: v19.03.4 Changelog (vs 79-12607-7-0): * Increase sysctl net.ipv4.tcp_limit_output_bytes to 1048576. * Fixed the unnecessary creation of two separate test slices (resulting in 4 systemd log messages total + runtime overhead) for every runc execution. * Enabled AMD_MEM_ENCRYPT in COS kernel config. * Fixed a Stackdriver Monitoring agent bug where not all mounted disk partitions has their usage reported. * Upgraded node problem detector to v0.8.0. * Upgraded Docker to v19.03.4. * Fixed the problem of spawning 8 runc state process for every exec on containerd. This was leading to high cpu utilization. * Revert kubernetes to v1.15.3. * Revert containerd to v1.2.9. * Upgraded jsonpatch to v1.23. * Upgraded jsonpointer to v2.0. * Upgraded configobj to v5.0.6. * Fixed a performance regression in completely fair scheduler (CFS).
cos-beta-79-12607-22-0
Date: Nov 11, 2019 Kernel: ChromiumOS-4.19.79 Kubernetes: v1.16.0 Docker: v19.03.3 Changelog (vs 79-12607-7-0): * Increase sysctl net.ipv4.tcp_limit_output_bytes to 1048576. * Fixed the unnecessary creation of two separate test slices (resulting in 4 systemd log messages total + runtime overhead) for every runc execution. * Fixed a Stackdriver Monitoring agent bug where not all mounted disk partitions has their usage reported. * Fixed the problem of spawning 8 runc state process for every exec on containerd. This was leading to high cpu utilization. * Revert containerd to v1.2.9.
cos-stable-78-12499-59-0
Date: Nov 08, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.4 Docker: v19.03.3 Changelog (vs 78-12499-46-0): * Increase sysctl net.ipv4.tcp_limit_output_bytes to 1048576. * Fixed the unnecessary creation of two separate test slices (resulting in 4 systemd log messages total + runtime overhead) for every runc execution. * Fixed the problem of spawning 8 runc state process for every exec on containerd. This was leading to high cpu utilization.
cos-stable-77-12371-114-0
Date: Oct 31, 2019 Kernel: ChromiumOS-4.19.80 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-89-0): * Increased sysctl net.ipv4.tcp_limit_output_bytes to 1048576. * Fixed the problem of spawning 8 runc state process for every exec on containerd. This was leading to high cpu utilization. * Fixed the unnecessary creation of two separate test slices (resulting in 4 systemd log messages total + runtime overhead) for every runc execution. * Fixed an issue in runc that resulted in unnecessary CPU consumption. * Upgraded the Linux kernel to v4.19.80. * Fixed a performance regression in completely fair scheduler (CFS).
cos-dev-79-12607-7-0
Date: Oct 28, 2019 Kernel: ChromiumOS-4.19.79 Kubernetes: v1.16.0 Docker: v19.03.3 Changelog (vs 79-12605-0-0): * Upgraded Docker to v19.03.3. * Fixed a performance regression in completely fair scheduler (CFS).
cos-beta-78-12499-46-0
Date: Oct 28, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.4 Docker: v19.03.3 Changelog (vs 78-12499-38-0): * Fixed an issue in runc that resulted in unnecessary CPU consumption. * Fixed a performance regression in completely fair scheduler (CFS).
cos-73-11647-348-0
Date: Oct 28, 2019 Kernel: ChromiumOS-4.14.150 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-338-0): * Fixed the unnecessary creation of two separate test slices (resulting in 4 systemd log messages total + runtime overhead) for every runc execution. * Fixed a performance regression in completely fair scheduler (CFS). * Upgraded the Linux kernel to v4.14.150.
cos-dev-79-12605-0-0
Date: Oct 21, 2019 Kernel: ChromiumOS-4.19.79 Kubernetes: v1.16.0 Docker: v19.03.2 Changelog (vs 79-12577-0-0): * Upgraded containerd to v1.3.0. * Upgraded the built-in kubelet to 1.16.0. * Upgraded openssl to version 1.0.2t.
cos-beta-78-12499-38-0
Date: Oct 21, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.4 Docker: v19.03.3 Changelog (vs 78-12499-32-0): * Upgraded the built-in kubelet to 1.15.4. * Upgraded Docker to v19.03.3
cos-73-11647-338-0
Date: Oct 21, 2019 Kernel: ChromiumOS-4.14.147 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-329-0): * Fixed an issue in systemd that resulted in unnecessary CPU consumption. * Fixed an issue in runc that resulted in unnecessary CPU consumption.
cos-dev-79-12577-0-0
Date: Oct 14, 2019 Kernel: ChromiumOS-4.19.76 Kubernetes: v1.15.3 Docker: v19.03.2 Changelog (vs 79-12575-0-0): * Minor changes.
cos-beta-78-12499-32-0
Date: Oct 14, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.3 Docker: v19.03.2 Changelog (vs 78-12499-26-0): * Updated openssl to 1.0.2t. This resolves CVE-2019-1563. * Backported a kernel patch to fix performance regression in wbt scale_up/scale_down
cos-stable-77-12371-89-0
Date: Oct 09, 2019 Kernel: ChromiumOS-4.19.76 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-76-0): * Upgraded the Linux kernel to 4.19.76 * Backported a kernel patch to ensure the cfs cgroup quota/period ratio always stays the same. This addresses a Kubernetes issue where the pod cgroup could be changed into an inconsistent state * Backported a kernel patch to fix performance regression in wbt scale_up/scale_down
cos-dev-79-12575-0-0
Date: Oct 08, 2019 Kernel: ChromiumOS-4.19.76 Kubernetes: v1.15.3 Docker: v19.03.2 Changelog (vs 79-12544-0-0): * Upgraded the Linux kernel to 4.19.76 * Enabled FORTIFY_SOURCE, SLAB_FREELIST_RANDOM and SLAB_FREELIST_HARDENED * Backported a kernel patch to ensure the cfs cgroup quota/period ratio always stays the same. This addresses a Kubernetes issue where the pod cgroup could be changed into an inconsistent state
cos-beta-78-12499-26-0
Date: Oct 08, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.3 Docker: v19.03.2 Changelog (vs 78-12499-16-0): * Backported a kernel patch to ensure the cfs cgroup quota/period ratio always stays the same. This addresses a Kubernetes issue where the pod cgroup could be changed into an inconsistent state
cos-stable-73-11647-329-0
Date: Oct 08, 2019 Kernel: ChromiumOS-4.14.145 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-293-0): * Upgraded the Linux kernel to 4.14.145 * Backported a kernel patch to ensure the cfs cgroup quota/period ratio always stays the same. This addresses a Kubernetes issue where the pod cgroup could be changed into an inconsistent state
cos-stable-69-10895-385-0
Date: Oct 08, 2019 Kernel: ChromiumOS-4.14.145 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-348-0): * Upgraded the Linux kernel to 4.14.145. * Backported a kernel patch to ensure the cfs cgroup quota/period ratio always stays the same. This addresses a Kubernetes issue where the pod cgroup could be changed into an inconsistent state
cos-dev-79-12544-0-0
Date: Sep 27, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.3 Docker: v19.03.2 Changelog (vs 78-12493-0-0): * New milestone: M79. * Enabled dm-snapshot. * Cherry-picked https://github.com/containerd/cri/pull/1084 to containerd. * Upgraded containerd to v1.2.9.
cos-beta-78-12499-16-0
Date: Sep 27, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.3 Docker: v19.03.2 Changelog (vs 78-12493-0-0): * Promoted to beta. * Cherry-picked https://github.com/containerd/cri/pull/1084 to containerd.
cos-stable-77-12371-76-0
Date: Sep 27, 2019 Kernel: ChromiumOS-4.19.72 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-57-0): * Promoted to stable. * Cherry-picked https://github.com/containerd/cri/pull/1084 to containerd.
cos-dev-78-12493-0-0
Date: Sep 12, 2019 Kernel: ChromiumOS-4.19.69 Kubernetes: v1.15.3 Docker: v19.03.2 Changelog (vs 78-12477-0-0): * Upgraded Docker to version 19.03.2 * Upgraded compute-image-packages to 20190801
cos-beta-77-12371-57-0
Date: Sep 12, 2019 Kernel: ChromiumOS-4.19.60 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-44-0): * Minor changes.
cos-dev-78-12477-0-0
Date: Sep 04, 2019 Kernel: ChromiumOS-4.19.69 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 78-12466-0-0): * Minor changes.
cos-beta-77-12371-44-0
Date: Sep 04, 2019 Kernel: ChromiumOS-4.19.60 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-37-0): * Upgraded containerd to v1.2.8.
cos-73-11647-293-0
Date: Sep 04, 2019 Kernel: ChromiumOS-4.14.138 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-267-0): * Upgraded containerd to v1.2.8. * Upgraded the Linux kernel to version 4.14.138. * Backported upstream writeback patches to fix a softlockup issue.
cos-dev-78-12466-0-0
Date: Aug 30, 2019 Kernel: ChromiumOS-4.19.68 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 78-12447-0-0): * Upgraded containerd to v1.2.8.
cos-beta-77-12371-37-0
Date: Aug 30, 2019 Kernel: ChromiumOS-4.19.60 Kubernetes: v1.15.3 Docker: v19.03.1 Changelog (vs 77-12371-34-0): * Minor changes.
cos-69-10895-348-0
Date: Aug 30, 2019 Kernel: ChromiumOS-4.14.138 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-329-0): * Backported upstream writeback patches to fix a softlockup issue.
cos-dev-78-12427-0-0
Date: Aug 16, 2019 Kernel: ChromiumOS-4.19.66 Kubernetes: v1.15.2 Docker: v19.03.1 Changelog (vs 77-12366-0-0): * Changed kernel compiler from gcc to clang. * Included app-admin/node-problem-detector in COS. * Upgraded Docker to version 19.03.1. * Updated the built-in kubelet to 1.15.2. * Upgraded to Linux Kernel version 4.19.66; this resolves CVE-2019-1125.
cos-beta-77-12371-24-0
Date: Aug 16, 2019 Kernel: ChromiumOS-4.19.60 Kubernetes: v1.15.2 Docker: v19.03.1 Changelog (vs 77-12366-0-0): * Changed kernel compiler from gcc to clang. * Included app-admin/node-problem-detector in COS * Upgraded Docker to version 19.03.1. * Updated the built-in kubelet to 1.15.2.
cos-stable-76-12239-60-0
Date: Aug 16, 2019 Kernel: ChromiumOS-4.19.44 Kubernetes: v1.14.4 Docker: v18.09.8 Changelog (vs 76-12239-60-0): * Promoted to stable channel.
cos-73-11647-267-0
Date: Aug 08, 2019 Kernel: ChromiumOS-4.14.137 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-239-0): * Upgraded the Linux kernel to v4.14.137. This resolves CVE-2019-1125.
cos-69-10895-329-0
Date: Aug 08, 2019 Kernel: ChromiumOS-4.14.137 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-299-0): * Upgraded the Linux kernel to v4.14.137. This resolves CVE-2019-1125.
cos-dev-77-12366-0-0
Date: Aug 02, 2019 Kernel: ChromiumOS-4.19.60 Kubernetes: v1.15.1 Docker: v18.09.8 Changelog (vs 77-12318-0-0): * Added a package sys-fs/xfsprogs. * Upgraded Docker to version 18.09.8. This resolves CVE-2018-15664. * Upgraded runc to version 1.0.0_rc8. * Upgraded docker-proxy to version 0.8.0_p20190513. * Upgraded the built-in kubelet to 1.15.1.
cos-beta-76-12239-60-0
Date: Aug 02, 2019 Kernel: ChromiumOS-4.19.44 Kubernetes: v1.14.4 Docker: v18.09.8 Changelog (vs 76-12239-39-0): * Upgraded Docker to version 18.09.8.
cos-dev-77-12318-0-0
Date: Jul 12, 2019 Kernel: ChromiumOS-4.19.47 Kubernetes: v1.15.0 Docker: v18.09.6 Changelog (vs 77-12314-0-0): * Minor changes.
cos-beta-76-12239-39-0
Date: Jul 12, 2019 Kernel: ChromiumOS-4.19.44 Kubernetes: v1.14.4 Docker: v18.09.7 Changelog (vs 76-12239-29-0): * Upgraded Docker to version 18.09.7. This resolves CVE-2018-15664. * Upgraded runc to version 1.0.0_rc8. * Updated the built-in kubelet to 1.14.4. * Upgraded docker-proxy to version 0.8.0_p20190513. * Upgraded containerd to v1.2.7.
cos-stable-75-12105-97-0
Date: Jul 12, 2019 Kernel: ChromiumOS-4.14.111 Kubernetes: v1.13.6 Docker: v18.09.7 Changelog (vs 75-12105-88-0): * Upgraded Docker to version 18.09.7. This resolves CVE-2018-15664. * Upgraded runc to version 1.0.0_rc8. * Upgraded docker-proxy to version 0.8.0_p20190513. * Fixed an issue introduced by NFLX-2019-001 fixes.
cos-stable-73-11647-239-0
Date: Jul 12, 2019 Kernel: ChromiumOS-4.14.131 Kubernetes: v1.13.3 Docker: v18.09.7 Changelog (vs 73-11647-231-0): * Upgraded Docker to version 18.09.7. This resolves CVE-2018-15664. * Upgraded runc to version 1.0.0_rc8. * Upgraded docker-proxy to version 0.8.0_p20190513.
cos-stable-69-10895-299-0
Date: Jul 12, 2019 Kernel: ChromiumOS-4.14.132 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-277-0): * Fixed vulnerability in app-arch/bzip2 (CVE-2019-12900). * Updated kernel to version v4.14.132. * Fixed an issue introduced by NFLX-2019-001 fixes.
cos-dev-77-12314-0-0
Date: Jul 02, 2019 Kernel: ChromiumOS-4.19.56 Kubernetes: v1.15.0 Docker: v18.09.6 Changelog (vs 77-12293-0-0): * Upgraded containerd to v1.2.7.
cos-beta-76-12239-29-0
Date: Jul 02, 2019 Kernel: ChromiumOS-4.19.44 Kubernetes: v1.14.2 Docker: v18.09.5 Changelog (vs 76-12239-21-0): * Fixed an issue introduced by NFLX-2019-001 fixes.
cos-stable-75-12105-88-0
Date: Jul 02, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.13.6 Docker: v18.09.3 Changelog (vs 75-12105-77-0): * Upgraded containerd to v1.2.7.
cos-73-11647-231-0
Date: Jul 02, 2019 Kernel: ChromiumOS-4.14.131 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-217-0): * Upgraded containerd to v1.2.7. * Updated kernel to version v4.14.131. * Fixed vulnerability in app-arch/bzip2 (CVE-2019-12900). * Fixed an issue introduced by NFLX-2019-001 fixes.
cos-dev-77-12293-0-0
Date: Jun 24, 2019 Kernel: ChromiumOS-4.19.53 Kubernetes: v1.15.0 Docker: v18.09.6 Changelog (vs 76-12239-14-0): * Upgraded to Linux kernel version 4.19. * Fixed the NFLX-2019-001 TCP SACK vulnerabilities in the Linux kernel. * Updated the built-in kubelet to 1.15.0. * Enabled virtio_balloon driver. * Added the conntrack command line utility. * Enabled cgroup-v2 hybrid mode. * Upgraded Docker to v18.09.6. * Upgraded sys-apps/lm_sensors to version 3.5.0. * Fixed a vulnerability in vim (CVE-2019-12735) that allows remote attackers to execute arbitrary OS commands.
cos-beta-76-12239-21-0
Date: Jun 24, 2019 Kernel: ChromiumOS-4.19.44 Kubernetes: v1.14.2 Docker: v18.09.5 Changelog (vs 76-12239-14-0): * Fixed the NFLX-2019-001 TCP SACK vulnerabilities in the Linux kernel.
cos-stable-75-12105-77-0
Date: Jun 24, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.13.6 Docker: v18.09.3 Changelog (vs 75-12105-71-0): * Fixed the NFLX-2019-001 TCP SACK vulnerabilities in the Linux kernel.
cos-73-11647-217-0
Date: Jun 19, 2019 Kernel: ChromiumOS-4.14.127 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-214-0): * Updated the Linux kernel to version 4.14.127 to resolve the NFLX-2019-001 TCP SACK vulnerabilities.
cos-69-10895-277-0
Date: Jun 19, 2019 Kernel: ChromiumOS-4.14.127 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-273-0): * Updated the Linux kernel to version 4.14.127 to resolve the NFLX-2019-001 TCP SACK vulnerabilities.
cos-dev-76-12239-14-0
Date: Jun 17, 2019 Kernel: ChromiumOS-4.19.44 Kubernetes: v1.14.2 Docker: v18.09.5 Changelog (vs 76-12238-0-0): * Upgraded to Linux kernel version 4.19. * Enabled cgroup-v2 hybrid mode in systemd
cos-beta-75-12105-71-0
Date: Jun 17, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.13.6 Docker: v18.09.3 Changelog (vs 75-12105-54-0): * Minor changes.
cos-73-11647-214-0
Date: Jun 17, 2019 Kernel: ChromiumOS-4.14.124 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-192-0): * Updated kernel to version v4.14.124. * Backported affinity change-set for napi-tx.
cos-69-10895-273-0
Date: Jun 17, 2019 Kernel: ChromiumOS-4.14.124 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-255-0): * Updated kernel to version v4.14.124.
cos-dev-76-12238-0-0
Date: May 31, 2019 Kernel: ChromiumOS-4.14.120 Kubernetes: v1.14.2 Docker: v18.09.5 Changelog (vs 76-12232-0-0): * Updated kernel to version 4.14.120.
cos-beta-75-12105-54-0
Date: May 31, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.13.6 Docker: v18.09.3 Changelog (vs 75-12105-52-0): * Minor changes.
cos-dev-76-12232-0-0
Date: May 28, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.14.2 Docker: v18.09.5 Changelog (vs 76-12206-0-0): * Merged Linux Stable Kernel 'v4.14.119' for resolving Microarchitectural Data Sampling (MDS) vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091). * Upgrade systemd to v239 * Updated the built-in kubelet to 1.14.2. * Upgraded cos-toolbox to version 20190523-00. * Set OOM score to -999 for docker.service and containerd.service to enhance the reliability of core system daemons. * Add restart policy in containerd.service, and corrected docker.service's dependency on containerd.service to allow containerd to recover from crashes. * Cherry-picked upstream patch https://patchwork.kernel.org/patch/10951403/ in kernel to fix a bug in lockd introduced by commit 01b79d20008d "lockd: Show pid of lockd for remote locks" in Linux kernel v4.14.105. * Rotated keys used by UEFI Secure Boot for signing and verifying the UEFI boot path.
cos-beta-75-12105-52-0
Date: May 28, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.13.6 Docker: v18.09.3 Changelog (vs 75-12105-40-0): * Merged Linux Stable Kernel 'v4.14.119' for resolving Microarchitectural Data Sampling (MDS) vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091). * Set OOM score to -999 for docker.service and containerd.service to enhance the reliability of core system daemons. * Add restart policy in containerd.service, and corrected docker.service's dependency on containerd.service to allow containerd to recover from crashes. * Cherry-picked upstream patch https://patchwork.kernel.org/patch/10951403/ in kernel to fix a bug in lockd introduced by commit 01b79d20008d "lockd: Show pid of lockd for remote locks" in Linux kernel v4.14.105. * Rotated keys used by UEFI Secure Boot for signing and verifying the UEFI boot path.
cos-stable-74-11895-125-0
Date: May 28, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.13.5 Docker: v18.09.3 Changelog (vs 74-11895-86-0): * Merged Linux Stable Kernel 'v4.14.119' for resolving Microarchitectural Data Sampling (MDS) vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091). * Upgraded curl to 7.64.1 to fix CVE-2018-16890. * Upgraded containerd to version 1.2.6. * Set OOM score to -999 for docker.service and containerd.service to enhance the reliability of core system daemons. * Add restart policy in containerd.service, and corrected docker.service's dependency on containerd.service to allow containerd to recover from crashes. * Cherry-picked upstream patch https://patchwork.kernel.org/patch/10951403/ in kernel to fix a bug in lockd introduced by commit 01b79d20008d "lockd: Show pid of lockd for remote locks" in Linux kernel v4.14.105. * Rotated keys used by UEFI Secure Boot for signing and verifying the UEFI boot path.
cos-73-11647-192-0
Date: May 28, 2019 Kernel: ChromiumOS-4.14.119+ Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-182-0): * Upgraded curl to 7.64.1 to fix CVE-2018-16890. * Upgraded containerd to version 1.2.6. * Set OOM score to -999 for docker.service and containerd.service to enhance the reliability of core system daemons. * Add restart policy in containerd.service, and corrected docker.service's dependency on containerd.service to allow containerd to recover from crashes. * Backported affinity changes to support napi-tx in COS. * Cherry-picked upstream patch https://patchwork.kernel.org/patch/10951403/ in kernel to fix a bug in lockd introduced by commit 01b79d20008d "lockd: Show pid of lockd for remote locks" in Linux kernel v4.14.105. * Rotated keys used by UEFI Secure Boot for signing and verifying the UEFI boot path.
cos-69-10895-255-0
Date: May 28, 2019 Kernel: ChromiumOS-4.14.119+ Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-242-0): * Upgraded curl to 7.64.1 to fix CVE-2018-16890. * Cherry-picked upstream patch https://patchwork.kernel.org/patch/10951403/ in kernel to fix a bug in lockd introduced by commit 01b79d20008d "lockd: Show pid of lockd for remote locks" in Linux kernel v4.14.105. * Rotated keys used by UEFI Secure Boot for signing and verifying the UEFI boot path.
cos-dev-76-12206-0-0
Date: May 16, 2019 Kernel: ChromiumOS-4.14.118 Kubernetes: v1.14.1 Docker: v18.09.5 Changelog (vs 76-12163-0-0): * Upgraded the built-in kubelet to 1.14.1. * Upgraded containerd to version 1.2.6. * Upgraded sqlite to 3.25.3 to fix CVE-2018-20346. * Mitigated a mount hang issue in the Linux kernel.
cos-beta-75-12105-40-0
Date: May 16, 2019 Kernel: ChromiumOS-4.14.111 Kubernetes: v1.13.6 Docker: v18.09.3 Changelog (vs 75-12105-24-0): * Upgraded containerd to version 1.2.6. * Upgraded the built-in kubelet to 1.13.6. * Upgraded sqlite to 3.25.3 to fix CVE-2018-20346. * Upgraded tar to 1.32 to fix CVE-2019-9923. * Upgraded curl to 7.64.1 to fix CVE-2018-16890.
cos-73-11647-182-0
Date: May 16, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-163-0): * Merged Linux Stable Kernel 'v4.14.119' for resolving Microarchitectural Data Sampling (MDS) vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091). * Mitigated a mount hang issue in the Linux kernel.
cos-69-10895-242-0
Date: May 15, 2019 Kernel: ChromiumOS-4.14.119 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-211-0): * Merged Linux Stable Kernel 'v4.14.119' for resolving Microarchitectural Data Sampling (MDS) vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091). * Mitigated a mount hang issue in the Linux kernel.
cos-dev-76-12163-0-0
Date: May 02, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.4 Docker: v18.09.5 Changelog (vs 76-12128-0-0): * Updated curl to 7.64.1. This resolves CVE-2018-16890, CVE-2019-3822 and CVE-2019-3823. * Updated tar to 1.32. This resolves CVE-2019-9923.
cos-beta-75-12105-24-0
Date: May 02, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.4 Docker: v18.09.3 Changelog (vs 75-12105-10-0): * Backported fix for Linux kernel CVE-2019-7308. * Backported affinity changes to support napi-tx in COS.
cos-dev-76-12128-0-0
Date: Apr 25, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.4 Docker: v18.09.5 Changelog (vs 75-12103-0-0): * Upgraded Docker to v18.09.5 * Backported affinity changes to support napi-tx in COS.
cos-beta-75-12105-10-0
Date: Apr 25, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.4 Docker: v18.09.3 Changelog (vs 75-12103-0-0): * Promoted to beta channel. * Minor changes.
cos-stable-74-11895-86-0
Date: Apr 25, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.5 Docker: v18.09.3 Changelog (vs 74-11895-76-0): * Promoted to stable channel. * Minor changes.
cos-dev-75-12103-0-0
Date: Apr 19, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.4 Docker: v18.09.3 Changelog (vs 75-12062-0-0): * Set LimitNOFILE to 1048576 in containerd.service to fix an issue where the file descriptor limit was not being properly applied to containerd.
cos-beta-74-11895-76-0
Date: Apr 19, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.5 Docker: v18.09.3 Changelog (vs 74-11895-56-0): * Set LimitNOFILE to 1048576 in containerd.service to fix an issue where the file descriptor limit was not being properly applied to containerd.
cos-stable-73-11647-163-0
Date: Apr 19, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-121-0): * Set LimitNOFILE to 1048576 in containerd.service to fix an issue where the file descriptor limit was not being properly applied to containerd.
cos-dev-75-12062-0-0
Date: Apr 11, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.4 Docker: v18.09.3 Changelog (vs 75-12001-0-0): * Included 'perf' tool in the image. * Fixed an issue where Docker did not preserve the UIDs/GIDs of the init process on exec. * Fixed slow access to /sys/fs/cgroup/memory/memory.stat. This resolves kubelet performance degradation.
cos-beta-74-11895-56-0
Date: Apr 11, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.5 Docker: v18.09.3 Changelog (vs 74-11895-38-0): * Minor changes.
cos-69-10895-211-0
Date: Apr 11, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-201-0): * Fixed slow access to /sys/fs/cgroup/memory/memory.stat. This resolves kubelet performance degradation.
cos-dev-75-12001-0-0
Date: Apr 01, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.4 Docker: v18.09.3 Changelog (vs 75-11981-0-0): * Updated compute-image-package and oslogin package to v20190304. * Added cos-kernel tool to toolbox.
cos-beta-74-11895-38-0
Date: Apr 01, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.5 Docker: v18.09.3 Changelog (vs 74-11895-32-0): * Included perf tool in the image. * Fixed a bug that dockerd may start containerd even if containerd.service exists. * Fixed an issue where Docker did not preserve the UIDs/GIDs of the init process on exec. * Updated the built-in kubelet to 1.13.5.
cos-stable-73-11647-121-0
Date: Apr 01, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-112-0): * Included perf tool in the image. * Fixed a bug that dockerd may start containerd even if containerd.service exists. * Fixed an issue where Docker did not preserve the UIDs/GIDs of the init process on exec.
cos-69-10895-201-0
Date: Apr 01, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.8 Docker: v17.03.2 Changelog (vs 69-10895-172-0): * Included perf tool in the image. * Included sosreport in the image. * Updated the built-in kubelet to 1.11.8. * Fixed an issue where Shielded VM integrity measurements weren't being logged properly. * Merged Linux Stable Kernel 'v4.14.106'.
cos-dev-75-11981-0-0
Date: Mar 25, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.4 Docker: v18.09.3 Changelog (vs 74-11892-0-0): * New milestone: M75 * Updated the built-in kubelet to 1.13.4. * Fixed an issue where a race condition between Docker and containerd resulted in a Docker live restore failure. * Upgraded Docker to v18.09.3. * Upgraded containerd to v1.2.5.
cos-beta-74-11895-32-0
Date: Mar 25, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 74-11892-0-0): * Promoted to beta channel. * Upgraded Docker to v18.09.3. * Upgraded containerd to v1.2.5.
cos-stable-73-11647-112-0
Date: Mar 25, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-97-0): * Promoted to stable channel.
cos-beta-73-11647-97-0
Date: Mar 18, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.3 Changelog (vs 73-11647-90-0): * Upgraded Docker to v18.09.3. * Upgraded containerd to v1.2.5.
cos-dev-74-11892-0-0
Date: Mar 15, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 74-11888-0-0): * Enabled Shielded VMs. Instances created from this image will use UEFI firmware and measure boot components into a vTPM by default. Click here to learn more about Shielded VMs.
cos-beta-73-11647-90-0
Date: Mar 15, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 73-11647-75-0): * Minor changes.
cos-stable-72-11316-171-0
Date: Mar 15, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.4 Docker: v18.06.1 Changelog (vs 72-11316-136-0): * Fixed an issue where setting the "cos-update-strategy" metadata key to "update_disabled" had no impact on the system's auto update policy.
cos-dev-74-11888-0-0
Date: Mar 07, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 74-11836-0-0): * Fixed a bug that caused crash-reporter to abort early.
cos-beta-73-11647-75-0
Date: Mar 07, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 73-11647-64-0): * Fixed a bug that caused crash-reporter to abort early.
cos-dev-74-11836-0-0
Date: Feb 28, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 74-11800-0-0): * Fixed an issue where setting the "cos-update-strategy" metadata key to "update_disabled" had no impact on the system's auto update policy.
cos-beta-73-11647-64-0
Date: Feb 28, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 73-11647-46-0): * Fixed an issue where setting the "cos-update-strategy" metadata key to "update_disabled" had no impact on the system's auto update policy.
cos-69-10895-172-0
Date: Feb 28, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-138-0): * Enabled kernel.softlockup_all_cpu_backtrace. This was previously disabled to mitigate a kernel deadlock issue, which is now resolved. * Configured docker.service by setting RestartSecs=10 to always restart Docker after 10 seconds.
cos-dev-74-11800-0-0
Date: Feb 22, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 74-11758-0-0): * Configured docker.service by setting RestartSecs=10 to always restart Docker after 10 seconds.
cos-beta-73-11647-46-0
Date: Feb 22, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 73-11647-35-0): * Configured docker.service by setting RestartSecs=10 to always restart Docker after 10 seconds.
cos-dev-74-11758-0-0
Date: Feb 14, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 73-11647-29-0): * New milestone: M74. * Updated containerd to 1.2.3. * Enabled RAID0 related kernel config. * Updated openssl to 1.0.2q. This resolves CVE-2018-0734.
cos-beta-73-11647-35-0
Date: Feb 14, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 73-11647-29-0): * Promoted to beta channel. * Updated containerd to 1.2.3. * Updated openssl to 1.0.2q. This resolves CVE-2018-0734.
cos-stable-72-11316-136-0
Date: Feb 14, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.4 Docker: v18.06.1 Changelog (vs 72-11316-134-0): * Promoted to stable channel.
cos-dev-73-11647-29-0
Date: Feb 11, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.3 Docker: v18.09.1 Changelog (vs 73-11647-18-0): * Enabled kernel crash dump Alpha feature in COS. * Updated the built-in kubelet to 1.13.3. * Enabled auto update when using Shielded VMs that have never booted in Secure Boot mode. Shielded VMs that have booted in Secure Boot mode at least once will still have auto update disabled. This change does not impact images in cos-cloud.
cos-beta-72-11316-134-0
Date: Feb 11, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.4 Docker: v18.06.1 Changelog (vs 72-11316-115-0): * Backported fix for Linux kernel CVE-2018-16884.
cos-dev-73-11647-18-0
Date: Feb 04, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.2 Docker: v18.09.1 Changelog (vs 73-11636-0-0): * Updated docker to v18.09.1. * Updated containerd to v1.2.2. * Logs additional debug info on serial console during boot.
cos-beta-72-11316-115-0
Date: Feb 04, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.4 Docker: v18.06.1 Changelog (vs 72-11316-99-0): * Minor changes.
cos-dev-73-11636-0-0
Date: Jan 24, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.2 Docker: v18.09.0 Changelog (vs 73-11553-0-0): * Made containerd run as a standalone systemd service. * Updated the built-in kubelet to 1.13.2. * Reenabled kernel.softlockup_all_cpu_backtrace sysctl. * Disabled the CONFIG_DEVMEM configuration option in the kernel. * Enabled kernel module signing. * Installed a new package keyutils. * Updated mdadm to 4.1.
cos-beta-72-11316-99-0
Date: Jan 24, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.4 Docker: v18.06.1 Changelog (vs 72-11316-72-0): * Updated the built-in kubelet to 1.12.4.
cos-69-10895-138-0
Date: Jan 24, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-123-0): * Backported the fix for a deadlock issue in kernel panic. * Merged Linux Stable Kernel 'v4.14.91'.
cos-dev-73-11553-0-0
Date: Jan 10, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.0 Docker: v18.09.0 Changelog (vs 73-11517-0-0): * Upgraded docker to v18.09.0. * Cherry-pick Ext4 commits that address FS inconsistencies caused by disruptions during NFS CREATE operation under certain conditions.
cos-beta-72-11316-72-0
Date: Jan 10, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.3 Docker: v18.06.1 Changelog (vs 72-11316-56-0): * Set CONFIG_BLK_WBT_MQ=y to improve performance isolation on persistent disks. This fixes a bug where writes on a SSD persistent disk can affect performance on the Standard persistent boot disk.
cos-69-10895-123-0
Date: Jan 10, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-102-0): * Set CONFIG_BLK_WBT_MQ=y to improve performance isolation on persistent disks. This fixes a bug where writes on a SSD persistent disk can affect performance on the Standard persistent boot disk. * Cherry-pick Ext4 commits that address FS inconsistencies caused by disruptions during NFS CREATE operation under certain conditions. * Merge Linux Stable Kernel 'v4.14.89'
cos-dev-73-11517-0-0
Date: Jan 03, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.0 Docker: v18.06.1 Changelog (vs 73-11438-0-0): * Set CONFIG_BLK_WBT_MQ=y to improve performance isolation on persistent disks. This fixes a bug where writes on a SSD persistent disk can affect performance on the Standard persistent boot disk. * Merged Linux stable version v4.14.89 into the kernel.
cos-beta-72-11316-56-0
Date: Jan 03, 2019 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.3 Docker: v18.06.1 Changelog (vs 72-11316-34-0): * Minor changes.
cos-dev-73-11438-0-0
Date: Dec 20, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.0 Docker: v18.06.1 Changelog (vs 73-11391-0-0): * Upgraded runc to version 1.0.0-rc6. Fixes an issue observed in Kubernetes liveness probes (https://github.com/opencontainers/runc/issues/1884).
cos-beta-72-11316-34-0
Date: Dec 20, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.3 Docker: v18.06.1 Changelog (vs 72-11316-21-0): * Enabled the "metadata_csum" ext4 feature on the stateful partition. This also improves performance of boot-disk resize operation.
cos-stable-71-11151-71-0
Date: Dec 20, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.5 Docker: v18.06.1 Changelog (vs 71-11151-60-0): * Enabled the "metadata_csum" ext4 feature on the stateful partition. This also improves performance of boot-disk resize operation. * Apply IMA Policy only when cloud-audit-setup.service is explicitly run.
cos-69-10895-102-0
Date: Dec 20, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-93-0): * Disabled auto update on shielded images. Images in cos-cloud are not impacted by this change. * Enabled the "metadata_csum" ext4 feature on the stateful partition. This also improves performance of boot-disk resize operation. * Apply IMA Policy only when cloud-audit-setup.service is explicitly run.
cos-dev-73-11391-0-0
Date: Dec 14, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.13.0 Docker: v18.06.1 Changelog (vs 72-11316-6-0): * New milestone: M73. * Increase default fs.inotify.max_user_instances to 1024. * Enabled the "metadata_csum" ext4 feature on the stateful partition. * Updated built-in kubelet to 1.13.0. * Apply IMA Policy only when cloud-audit-setup.service is explicitly run.
cos-beta-72-11316-21-0
Date: Dec 14, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.3 Docker: v18.06.1 Changelog (vs 72-11316-6-0): * Promoted to beta channel. * Apply IMA Policy only when cloud-audit-setup.service is explicitly run.
cos-stable-71-11151-60-0
Date: Dec 14, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.5 Docker: v18.06.1 Changelog (vs 71-11151-53-0): * Promoted to stable channel. * Updated built-in Kubelet to 1.11.5. * Disabled auto update on Shielded VM enabled images. Images in 'cos-cloud' project are not impacted by this change.
cos-dev-72-11316-6-0
Date: Dec 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.3 Docker: v18.06.1 Changelog (vs 72-11315-0-0): * Minor changes.
cos-beta-71-11151-53-0
Date: Dec 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.4 Docker: v18.06.1 Changelog (vs 71-11151-47-0): * Minor changes.
cos-stable-70-11021-99-0
Date: Dec 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 70-11021-67-0): * Backported fix for Linux kernel CVE-2018-17182. * Backported fix for Linux kernel CVE-2018-18281.
cos-dev-72-11315-0-0
Date: Nov 30, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.12.3 Docker: v18.06.1 Changelog (vs 72-11264-0-0): * Disabled auto update on Shielded VM enabled images. Images in 'cos-cloud' project are not impacted by this change. * Updated Kubernetes to v1.12.3.
cos-beta-71-11151-47-0
Date: Nov 30, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.4 Docker: v18.06.1 Changelog (vs 71-11151-32-0): * Minor changes.
cos-69-10895-93-0
Date: Nov 16, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-91-0): * Updated kernel to v4.14.79. * Fixed the bug that cloud-init can't write gzipped files.
cos-dev-72-11264-0-0
Date: Nov 15, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.4 Docker: v18.06.1 Changelog (vs 72-11229-0-0): * Set CONFIG_SCSI_MQ_DEFAULT=y to enable support for multiqueue SCSI for Local SSD devices. * Enable a few kernel configs for IPv6. * Upgraded built-in kubelet to v1.11.4 * Switching back to using gcc to compile the kernel from using clang.
cos-beta-71-11151-32-0
Date: Nov 15, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.4 Docker: v18.06.1 Changelog (vs 71-11151-21-0): * Upgraded built-in kubelet to v1.11.4
cos-dev-72-11229-0-0
Date: Nov 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 72-11190-0-0): * Upgrade glibc version to v2.27. * Use clang compiler to build the Linux kernel.
cos-beta-71-11151-21-0
Date: Nov 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 71-11151-16-0): * Minor changes.
cos-stable-70-11021-67-0
Date: Nov 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 70-11021-62-0): * Minor changes.
cos-dev-72-11190-0-0
Date: Oct 29, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 72-11172-0-0): * Minor changes.
cos-beta-71-11151-16-0
Date: Oct 29, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 71-11151-5-0): * Fixed an issue where an interaction between IMA and NFS could cause deadlock.
cos-stable-70-11021-62-0
Date: Oct 29, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 70-11021-51-0): * Fixed an issue where an interaction between IMA and NFS could cause deadlock.
cos-69-10895-91-0
Date: Oct 29, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-85-0): * Fixed an issue where an interaction between IMA and NFS could cause deadlock. * Fixed a `stackdriver-logging.service` issue observed in Containers on Compute Engine. * PCID is now enabled by default when supported by the CPU platform.
cos-dev-72-11172-0-0
Date: Oct 19, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 71-11147-0-0): * New milestone: 72. * Fixed an issue where an interaction between IMA and NFS could cause deadlock. * PCID is now enabled by default when supported by the CPU platform. * Fixed a `stackdriver-logging.service` issue observed in Containers on Compute Engine.
cos-beta-71-11151-5-0
Date: Oct 19, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 71-11147-0-0): * Promoted to beta channel. * PCID is now enabled by default when supported by the CPU platform. * Fixed a `stackdriver-logging.service` issue observed in Containers on Compute Engine.
cos-stable-70-11021-51-0
Date: Oct 19, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 70-11021-45-0): * Fixed the bug that cloud-init can't write gzipped files. * PCID is now enabled by default when supported by the CPU platform. * Fixed a `stackdriver-logging.service` issue observed in Containers on Compute Engine.
cos-dev-71-11147-0-0
Date: Oct 11, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 71-11128-0-0): * Fixed bug preventing cloud-init from writing gzipped files. * Enabled CONFIG_NET_ACT_MIRRED and CONFIG_NET_ACT_PEDIT.
cos-beta-70-11021-45-0
Date: Oct 11, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 70-11021-39-0): * Reset softlockup_all_cpu_backtrace to '0' to avoid kernel deadlock on high CPU machines under certain circumstances.
cos-stable-69-10895-85-0
Date: Oct 11, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-71-0): * Reset softlockup_all_cpu_backtrace to '0' to avoid kernel deadlock on high CPU machines under certain circumstances.
cos-dev-71-11128-0-0
Date: Oct 05, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 71-11104-0-0): * Reset softlockup_all_cpu_backtrace to '0' to avoid kernel deadlock on high-CPU machines under certain circumstances.
cos-beta-70-11021-39-0
Date: Oct 05, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 70-11021-29-0): * Minor changes.
cos-dev-71-11104-0-0
Date: Sep 27, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 71-11074-0-0): * Updated toolbox docker container tag '20180918-00' * Installed pigz for faster docker image downloads. * Update Kubernetes to v1.11.3
cos-beta-70-11021-29-0
Date: Sep 27, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.3 Docker: v18.06.1 Changelog (vs 70-11021-18-0): * Updated toolbox docker container tag '20180918-00' * Update Kubernetes to v1.11.3
cos-stable-69-10895-71-0
Date: Sep 27, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-62-0): * Removed userspace headers from kernel header artifact.
cos-stable-69-10895-62-0
Date: Sep 18, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-52-0): * Minor changes.
cos-dev-71-11074-0-0
Date: Sep 17, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v18.06.1 Changelog (vs 70-11021-11-0): * Minor changes.
cos-beta-70-11021-18-0
Date: Sep 17, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v18.06.1 Changelog (vs 70-11021-11-0): * Minor changes. * Promoted to beta channel.
cos-stable-69-10895-52-0
Date: Sep 17, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-52-0): * Promoted to stable channel.
cos-stable-68-10718-106-0
Date: Sep 13, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-102-0): * Backported a fix to ensure that scsi contributes to randomness when running rotational device (https://chromium-review.googlesource.com/1212547). This addresses an issue where docker is slow to start because of low entropy on standard PDs since v4.14.63 merge.
cos-dev-70-11021-11-0
Date: Sep 10, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v18.06.1 Changelog (vs 70-11021-0-0): * Backported a fix to ensure that scsi contributes to randomness when running rotational device (https://chromium-review.googlesource.com/1212545). This addresses an issue where docker is slow to start because of low entropy on standard PDs since v4.14.63 merge.
cos-beta-69-10895-52-0
Date: Sep 10, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-42-0): * Backported a fix to ensure that scsi contributes to randomness when running rotational device (https://chromium-review.googlesource.com/1212546). This addresses an issue where docker is slow to start because of low entropy on standard PDs since v4.14.63 merge.
cos-stable-65-10323-104-0
Date: Sep 10, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-99-0): * Merge Linux stable kernel 'v4.4.153'.
cos-dev-70-11021-0-0
Date: Aug 31, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v18.06.1 Changelog (vs 69-10895-27-0): * Turn on virtio_net.napi_tx. * Enabled CONFIG_RANDOM_TRUST_CPU to address entropy starvation on PD-SSD boot disks. * Upgraded docker to 18.06.1 * Upgraded OpenSSL to 1.0.2p * Upgraded the ca-certificates package to version 20180409.3.37
cos-beta-69-10895-42-0
Date: Aug 31, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-27-0): * Enabled CONFIG_RANDOM_TRUST_CPU to address entropy starvation on PD-SSD boot disks. * Upgraded OpenSSL to 1.0.2p * Merged Linux stable version v4.14.65 into the kernel.
cos-stable-68-10718-102-0
Date: Aug 31, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-86-0): * Fixed a softlockup issue that occurred on single VCPU VMs when using FUSE filesystems. * Enabled CONFIG_RANDOM_TRUST_CPU to address entropy starvation on PD-SSD boot disks. * Merged Linux stable version v4.14.65 into the kernel.
cos-stable-67-10575-67-0
Date: Aug 24, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-66-0): * Backported the fix for a cloud-init bug that write_files can't deal with non-asci content (https://bugs.launchpad.net/bugs/1487877).
cos-dev-69-10895-27-0
Date: Aug 17, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-23-0): * Backported the fix for a cloud-init bug that write_files can't deal with non-asci content (https://bugs.launchpad.net/bugs/1487877).
cos-beta-69-10895-27-0
Date: Aug 17, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-23-0): * Promoted to beta channel. * Backported the fix for a cloud-init bug that write_files can't deal with non-asci content (https://bugs.launchpad.net/bugs/1487877).
cos-stable-68-10718-86-0
Date: Aug 17, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-81-0): * Promoted to stable channel. * Backported the fix for a cloud-init bug that write_files can't deal with non-asci content (https://bugs.launchpad.net/bugs/1487877).
cos-stable-65-10323-99-0
Date: Aug 14, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-98-0): * Fix for Linux Kernel CVE-2018-12232 * Backported fixes for L1 Terminal Fault (L1TF) issue (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646).
cos-dev-69-10895-23-0
Date: Aug 14, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-16-0): * Backported fix for a kernel warning "WARNING: fs/overlayfs/readdir.c:393 ovl_iterate+0x25c/0x260 WARN_ON(!cache->refcount)" * Fix for Linux Kernel CVE-2018-12232 * Backported fixes for L1 Terminal Fault (L1TF) issue (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646).
cos-beta-68-10718-81-0
Date: Aug 14, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-76-0): * Fix for Linux Kernel CVE-2018-12232 * Backported fixes for L1 Terminal Fault (L1TF) issue (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646).
cos-stable-67-10575-66-0
Date: Aug 14, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-65-0): * Fix for Linux Kernel CVE-2018-12232 * Backported fixes for L1 Terminal Fault (L1TF) issue (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646).
cos-stable-66-10452-110-0
Date: Aug 14, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-109-0): * Fix for Linux Kernel CVE-2018-12232 * Backported fixes for L1 Terminal Fault (L1TF) issue (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646).
cos-dev-69-10895-16-0
Date: Aug 07, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.1 Docker: v17.03.2 Changelog (vs 69-10895-10-0): * Fixes for CVE-2018-5391. * Fixed a softlockup issue that occurred on single VCPU VMs when using FUSE filesystems. * Updated Kubernetes to v1.11.1
cos-beta-68-10718-76-0
Date: Aug 07, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-70-0): * Fixes for CVE-2018-5391.
cos-stable-67-10575-65-0
Date: Aug 07, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-64-0): * Fixes for CVE-2018-5391.
cos-stable-66-10452-109-0
Date: Aug 07, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-108-0): * Fixes for CVE-2018-5391.
cos-stable-65-10323-98-0
Date: Aug 04, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-97-0): * Fixes for CVE-2018-5391.
cos-dev-69-10895-10-0
Date: Jul 31, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.0 Docker: v17.03.2 Changelog (vs 69-10895-0-0): * Fixes for CVE-2018-5390.
cos-beta-68-10718-70-0
Date: Jul 31, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-63-0): * Fixes for CVE-2018-5390.
cos-stable-67-10575-64-0
Date: Jul 31, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-62-0): * Fixes for CVE-2018-5390.
cos-stable-66-10452-108-0
Date: Jul 31, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-107-0): * Fixes for CVE-2018-5390.
cos-stable-65-10323-97-0
Date: Jul 31, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-94-0): * Fixes for CVE-2018-5390.
cos-dev-69-10895-0-0
Date: Jul 25, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.0 Docker: v17.03.2 Changelog (vs 69-10884-0-0): * Minor changes.
cos-beta-68-10718-63-0
Date: Jul 25, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-59-0): * Minor changes.
cos-dev-69-10884-0-0
Date: Jul 20, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.0 Docker: v17.03.2 Changelog (vs 69-10873-0-0): * Increase default kernel.pid_max to 2^22.
cos-beta-68-10718-59-0
Date: Jul 20, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-52-0): * Minor changes.
cos-dev-69-10873-0-0
Date: Jul 13, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.0 Docker: v17.03.2 Changelog (vs 69-10850-0-0): * Rebased Kernel to 4.14.54.
cos-beta-68-10718-52-0
Date: Jul 13, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-41-0): * Removed SCSI CD-ROM support. This resolves CVE-2018-11506. * Updated curl to 7.60.0. This resolves CVE-2018-1000300 and CVE-2018-1000301.
cos-stable-67-10575-62-0
Date: Jul 16, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-57-0): * Removed SCSI CD-ROM support. This resolves CVE-2018-11506. * Updated curl to 7.60.0. This resolves CVE-2018-1000300 and CVE-2018-1000301.
cos-stable-66-10452-107-0
Date: Jul 13, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-104-0): * Removed SCSI CD-ROM support. This resolves CVE-2018-11506. * Updated curl to 7.60.0. This resolves CVE-2018-1000300 and CVE-2018-1000301.
cos-stable-65-10323-94-0
Date: Jul 13, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-91-0): * Removed SCSI CD-ROM support. This resolves CVE-2018-11506. * Updated curl to 7.60.0. This resolves CVE-2018-1000300 and CVE-2018-1000301.
cos-dev-69-10850-0-0
Date: Jul 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.11.0 Docker: v17.03.2 Changelog (vs 69-10824-0-0): * Removed SCSI CD-ROM support. This resolves CVE-2018-11506. * Upgraded built-in kubelet to v1.11.0
cos-beta-68-10718-41-0
Date: Jul 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.5 Docker: v17.03.2 Changelog (vs 68-10718-36-0): * Upgraded built-in kubelet to v1.10.5
cos-dev-69-10824-0-0
Date: Jun 28, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.4 Docker: v17.03.2 Changelog (vs 69-10803-0-0): * Updated docker-credential-gcr to 1.5.0
cos-beta-68-10718-36-0
Date: Jun 28, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.2 Docker: v17.03.2 Changelog (vs 68-10718-29-0): * Minor changes.
cos-dev-69-10803-0-0
Date: Jun 22, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.4 Docker: v17.03.2 Changelog (vs 69-10783-0-0): * Updated BUG_REPORT_URL in /etc/os-release. * Enabled NFS debug configs in the kernel. * Enabled tcp_bbr kernel module for TCP congestion control. * Upgraded Git to version 2.16.4 to fix CVE 2018-11235.
cos-beta-68-10718-29-0
Date: Jun 22, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.2 Docker: v17.03.2 Changelog (vs 68-10718-23-0): * Upgraded Git to version 2.16.4 to fix CVE 2018-11235.
cos-stable-67-10575-57-0
Date: Jun 22, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-55-0): * Upgraded Git to version 2.16.4 to fix CVE 2018-11235.
cos-stable-66-10452-104-0
Date: Jun 22, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-101-0): * Upgraded Git to version 2.16.4 to fix CVE 2018-11235.
cos-stable-65-10323-91-0
Date: Jun 22, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-85-0): * Upgraded Git to version 2.16.4 to fix CVE 2018-11235.
cos-dev-69-10783-0-0
Date: Jun 15, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.4 Docker: v17.03.2 Changelog (vs 68-10718-15-0): * Set '--disable-legacy-registry' Docker config to true by default. * Updated Kubernetes to 1.10.4. * Updated sshd_config to drop cbc based Ciphers. * Updated root CA certificates to match Mozilla NSS 3.36.1. * Updated OpenSSL to 1.0.2o.
cos-beta-68-10718-23-0
Date: Jun 15, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.2 Docker: v17.03.2 Changelog (vs 68-10718-15-0): * Promoted to beta channel.
cos-stable-67-10575-55-0
Date: Jun 15, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-54-0): * Promoted to stable channel.
cos-dev-68-10718-15-0
Date: Jun 07, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.2 Docker: v17.03.2 Changelog (vs 68-10718-6-0): * Minor changes.
cos-beta-67-10575-54-0
Date: Jun 07, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-50-0): * Minor changes.
cos-dev-68-10718-6-0
Date: Jun 01, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.2 Docker: v17.03.2 Changelog (vs 68-10714-0-0): * Minor changes.
cos-beta-67-10575-50-0
Date: Jun 01, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-45-0): * Minor changes.
cos-stable-66-10452-101-0
Date: Jun 01, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-89-0): * Fixed an issue where invoking the `getsockopt` system call would sometimes cause the kernel to deadlock.
cos-dev-68-10714-0-0
Date: May 25, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.2 Docker: v17.03.2 Changelog (vs 68-10690-0-0): * Resolved CVE-2017-18258 by upgrading the libxml2 package.
cos-beta-67-10575-45-0
Date: May 25, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-41-0): * Resolved CVE-2017-18258 by upgrading the libxml2 package.
cos-dev-68-10690-0-0
Date: May 18, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.2 Docker: v17.03.2 Changelog (vs 68-10658-0-0): * Fixed a go-1.10 incompatibility issue in Docker by backporting https://github.com/moby/moby/commit/a422774. * Upgraded Kubernetes to v1.10.2.
cos-beta-67-10575-41-0
Date: May 18, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-32-0): * Fixed a go-1.10 incompatibility issue in Docker by backporting https://github.com/moby/moby/commit/a422774.
cos-dev-68-10658-0-0
Date: May 10, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.1 Docker: v17.03.2 Changelog (vs 68-10644-0-0): * Enabled EFI Variable filesystem. * Minor fixes.
cos-beta-67-10575-32-0
Date: May 10, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-27-0): * Fixes for CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1095. * Minor changes.
cos-stable-66-10452-89-0
Date: May 11, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-81-0): * Fixes for CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1095. * Minor changes.
cos-stable-65-10323-85-0
Date: May 10, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-83-0): * Disabled kernel memory accounting. * Backported fixes for CVE-2018-1092,CVE-2018-1093,CVE-2018-1094.
cos-dev-68-10644-0-0
Date: May 04, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.1 Docker: v17.03.2 Changelog (vs 68-10615-0-0): * Fixes to grub to remove unnecessary modules * Minor changes.
cos-beta-67-10575-27-0
Date: May 04, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-13-0): * Minor changes.
cos-stable-66-10452-81-0
Date: May 01, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-74-0): * Backported a fix for Linux kernel CVE-2018-1000199.
cos-stable-65-10323-83-0
Date: May 01, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-75-0): * Backported a fix for Linux kernel CVE-2018-1000199.
cos-dev-68-10615-0-0
Date: Apr 25, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.1 Docker: v17.03.2 Changelog (vs 67-10575-8-0): * Updated Kubernetes to v1.10.1. * Backported a fix for a Linux kernel race condition that was causing kernel panics.
cos-beta-67-10575-13-0
Date: Apr 25, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10575-8-0): * Promoted to beta channel. * Backported a fix for a Linux kernel race condition that was causing kernel panics.
cos-stable-66-10452-74-0
Date: Apr 25, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-68-0): * Promoted to stable channel. * Backported a fix for a Linux kernel race condition that was causing kernel panics.
cos-dev-67-10575-8-0
Date: Apr 20, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10574-0-0): * Minor changes.
cos-beta-66-10452-68-0
Date: Apr 20, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-53-0): * Backported a fix for Linux kernel CVE-2018-1068.
cos-stable-65-10323-75-0
Date: Apr 20, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-69-0): * Backported a fix for Linux kernel CVE-2018-1068.
cos-dev-67-10574-0-0
Date: Apr 13, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.10.0 Docker: v17.03.2 Changelog (vs 67-10550-0-0): * Updated kubernetes to v1.10.0
cos-beta-66-10452-53-0
Date: Apr 13, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-45-0): * Enabled the fix for a bug in containerd (https://github.com/containerd/containerd/pull/872 - Killing a container's shim process while having an exec attached to it will result in panic error).
cos-dev-67-10550-0-0
Date: Apr 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.6 Docker: v17.03.2 Changelog (vs 67-10527-0-0): * Minor changes.
cos-beta-66-10452-45-0
Date: Apr 06, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-28-0): * Backported a fix for a bug in containerd that killing a container's shim process while having an exec attached to it will result in panic error (https://github.com/containerd/containerd/pull/872).
cos-stable-65-10323-69-0
Date: Apr 06, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-64-0): * Backported a fix for a bug in containerd that killing a container's shim process while having an exec attached to it will result in panic error (https://github.com/containerd/containerd/pull/872).
cos-dev-67-10527-0-0
Date: Mar 29, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.6 Docker: v17.03.2 Changelog (vs 67-10505-0-0): * Updated kubernetes to v1.9.6. * Backported a fix for a bug in containerd that killing a container's shim process while having an exec attached to it will result in panic error (https://github.com/containerd/containerd/pull/872). * Updated e2fsprogs to 1.44.0.
cos-beta-66-10452-28-0
Date: Mar 29, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-21-0): * Minor changes.
cos-stable-65-10323-64-0
Date: Mar 29, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-62-0): * Backported fix for Linux kernel CVE-2018-1065.
cos-dev-67-10505-0-0
Date: Mar 22, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-13-0): * New milestone in dev channel. * Updated docker-credential-gcr to v1.4.3. * Enabled BPF JIT.
cos-beta-66-10452-21-0
Date: Mar 22, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-13-0): * Promoted to beta channel.
cos-stable-65-10323-62-0
Date: Mar 22, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-55-0): * Promoted to stable channel.
cos-dev-66-10452-13-0
Date: Mar 16, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10452-8-0): * Updated Toolbox container tag to '20180309-00'
cos-beta-65-10323-55-0
Date: Mar 16, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-51-0): * Minor bugfixes
cos-dev-66-10452-8-0
Date: Mar 12, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10428-0-0): * Enable BPF JIT. * Minor changes.
cos-beta-65-10323-51-0
Date: Mar 08, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-47-0): * Minor changes.
cos-beta-65-10323-47-0
Date: Mar 01, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-39-0): * Minor changes.
cos-dev-66-10428-0-0
Date: Feb 23, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.9.3 Docker: v17.03.2 Changelog (vs 66-10408-0-0): * Enabled IP Virtual Server support in kernel (CONFIG_IP_VS) * Updated Kubernetes to v1.9.3. * Avoid flooding console with iptables log messages * Upgraded bash to version 4.3_p48-r1, which includes a fix for CVE-2016-9401
cos-beta-65-10323-39-0
Date: Feb 23, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-33-0): * Avoid flooding console with iptables log messages * Upgraded curl to version 7.58.0, which includes a fix for CVE-2018-1000007
cos-dev-66-10408-0-0
Date: Feb 16, 2018 Kernel: ChromiumOS-4.14 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 66-10385-0-0): * Enable OS Login Guest Environment for Google Compute Engine * Updated Linux Kernel to 4.14.
cos-beta-65-10323-33-0
Date: Feb 15, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-23-0): * Minor changes.
cos-dev-66-10385-0-0
Date: Feb 08, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 66-10367-0-0): * Updated compute-image-packages to v20180129
cos-beta-65-10323-23-0
Date: Feb 08, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-12-0): * Backported a bugfix for netcat: https://sourceforge.net/p/nc110/code/25/
cos-dev-66-10367-0-0
Date: Feb 02, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-1-0): * New milestone in dev channel. * Updated Toolbox Docker image * Updated Kubernetes to v1.8.7
cos-beta-65-10323-12-0
Date: Feb 02, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 65-10323-1-0): * Promoted to beta channel. * Updated Toolbox Docker image * Updated Kubernetes to v1.8.7
cos-stable-64-10176-62-0
Date: Feb 02, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 64-10176-60-0): * Promoted to stable channel.
cos-dev-65-10323-1-0
Date: Jan 24, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.6 Docker: v17.03.2 Changelog (vs 65-10312-0-0): * Increased default kernel.hung_task_timeout_secs to 300 so that COS is more tolerant to occassional PD slowness. * Add retries to cloud-init when connecting to Google Compute Engine metadata server.
cos-beta-64-10176-60-0
Date: Jan 24, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.7 Docker: v17.03.2 Changelog (vs 64-10176-49-0): * Updated Kubernetes to v1.8.7
cos-stable-63-10032-88-0
Date: Jan 19, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-71-0): * Backported fixes for Linux kernel CVE-2017-16939
cos-dev-65-10312-0-0
Date: Jan 16, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.6 Docker: v17.03.2 Changelog (vs 65-10280-0-0): * Updated docker-credential-gcr to v1.4.2 * Fixed an issue in systemd that leaked inactive units when creating mounts on specific mountpoints.
cos-beta-64-10176-49-0
Date: Jan 16, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.2 Docker: v17.03.2 Changelog (vs 64-10176-39-0): * Fixed an issue in systemd that leaked inactive units when creating mounts on specific mountpoints.
cos-dev-65-10280-0-0
Date: Jan 05, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.6 Docker: v17.03.2 Changelog (vs 64-10176-7-0): * Recompiled kernel with RETPOLINE enabled GCC. * Updated Kubernetes to v1.8.6. * Updated openssl version to 1.0.2n that contains the fix for CVE-2017-3737. * Updated rsync version to 3.1.2-r2 that contains the fixes for CVE-2017-17433 and CVE-2017-17434.
cos-beta-64-10176-39-0
Date: Jan 05, 2018 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.2 Docker: v17.03.2 Changelog (vs 64-10176-7-0): * Promoted to beta channel.
cos-stable-62-9901-80-0
Date: Dec 15, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 62-9901-79-0): * Backported fixes for CVE-2017-1000405. * Include performance fix for KPTI (previously called KAISER).
cos-stable-63-10032-71-0
Date: Dec 08, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-62-0): * Backported fixes for CVE-2017-1000405.
cos-beta-63-10032-71-0
Date: Dec 08, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-62-0): * Backported fixes for CVE-2017-1000405.
cos-stable-63-10032-62-0
Date: Dec 06, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-60-0): * Include performance fix for KPTI (previously called KAISER).
cos-beta-63-10032-62-0
Date: Dec 06, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-60-0): * Include performance fix for KPTI (previously called KAISER).
cos-dev-64-10176-7-0
Date: Dec 07, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.2 Docker: v17.03.2 Changelog (vs 64-10173-0-0): * Backported fixes for CVE-2017-1000405. * Include performance fix for KPTI (previously called KAISER).
cos-dev-64-10173-0-0
Date: Nov 30, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.2 Docker: v17.03.2 Changelog (vs 64-10151-0-0): * Backported fixes for CVE-2017-16548 and CVE-2017-16994.
cos-stable-63-10032-60-0
Date: Nov 30, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs cos-beta-63-10032-60-0): * Promoted to stable channel.
cos-beta-63-10032-60-0
Date: Nov 30, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-50-0): * Backported fixes for CVE-2017-16548 and CVE-2017-16994.
cos-dev-64-10151-0-0
Date: Nov 22, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.8.2 Docker: v17.03.2 Changelog (vs 64-10133-0-0): * Enabled KPTI (previously called KAISER) security feature in kernel * Mounted /tmp with noexec option. * Updated Kubernetes to v1.8.2 * Disabled unprivileged use of ebpf syscall.
cos-beta-63-10032-50-0
Date: Nov 22, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-40-0): * Enabled KPTI (previously called KAISER) security feature in kernel * Disabled unprivileged use of ebpf syscall.
cos-stable-62-9901-79-0
Date: Nov 22, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 62-9901-78-0): * Enabled KPTI (previously called KAISER) security feature in kernel
cos-stable-62-9901-78-0
Date: Nov 20, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 62-9901-75-0): * Backported fixes for CVE-2017-15951
cos-dev-64-10133-0-0
Date: Nov 16, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 64-10112-0-0): * Backported fixes for CVE-2017-1000254 * Move storage-driver option from docker.service to daemon.json
cos-beta-63-10032-40-0
Date: Nov 09, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-32-0): * Backported fixes for CVE-2017-1000254 * Move storage-driver option from docker.service to daemon.json * Move live-restore docker options form docker.service to /etc/docker/daemon.json
cos-stable-61-9765-89-0
Date: Nov 10, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.10 Docker: v17.03.2 Changelog (vs 61-9765-79-0): * Backported the fix for https://github.com/systemd/systemd/issues/4747 in systemd * Enabled kernel softlockup panic at runtime via sysctl instead of at kernel compile time * Backported fixes for Linux kernel CVE-2017-1000111 and CVE-2017-1000112
cos-dev-64-10112-0-0
Date: Nov 09, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 64-10083-0-0): * Enabled kernel softlockup panic at runtime via sysctl instead of at kernel compile time * Backported the fix for https://github.com/systemd/systemd/issues/4747 in systemd * Patched shadow to allow user names that match the gnu-regex '[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?', except fully numeric ones and pure dots * Updated compute-image-packages to v20171006 * Increased Docker log line max size from 16KB to 100kB * Backported fixes for Linux kernel CVE-2017-15299, CVE-2017-12192, and CVE-2017-15537 * Bugfix for Containers on Compute Engine (Alpha)
cos-beta-63-10032-32-0
Date: Nov 09, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-22-0): * Backported the fix for https://github.com/systemd/systemd/issues/4747 in systemd * Patched shadow to allow user names that match the gnu-regex '[a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?', except fully numeric ones and pure dots * Enabled kernel softlockup panic at runtime via sysctl instead of at kernel compile time * Backported fixes for Linux kernel CVE-2017-15299, CVE-2017-12192, and CVE-2017-15537 * Bugfix for Containers on Compute Engine (Alpha)
cos-stable-62-9901-75-0
Date: Nov 09, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 62-9901-59-0): * Backported the fix for https://github.com/systemd/systemd/issues/4747 in systemd * Enabled kernel softlockup panic at runtime via sysctl instead of at kernel compile time * Backported fixes for Linux kernel CVE-2017-1000111 and CVE-2017-1000112
cos-dev-64-10083-0-0
Date: Oct 31, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-4-0): * New milestone in dev channel * Reduce VM boot time by setting grub timeout to zero. * Upgrade Kubernetes to v1.7.8 * Move live-restore docker options from docker.service to /etc/docker/daemon.json
cos-beta-63-10032-22-0
Date: Oct 31, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.8 Docker: v17.03.2 Changelog (vs 63-10032-4-0): * Promoted to beta channel. * Upgrade Kubernetes to v1.7.8.
cos-stable-62-9901-59-0
Date: Oct 31, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 62-9901-50-0): * Promoted to stable channel. * Upgrade Curl to v7.55.1.
cos-dev-63-10032-4-0
Date: Oct 19, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 63-10022-0-0): * Minor changes
cos-beta-62-9901-50-0
Date: Oct 19, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 62-9901-45-0): * Minor changes
cos-beta-62-9901-45-0
Date: Oct 12, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 62-9901-37-0): * Upgraded Kubernetes to v1.7.7.
cos-dev-63-10022-0-0
Date: Oct 11, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 63-10004-0-0): * Upgraded e2fsprogs to v1.43.6
cos-stable-60-9592-100-0
Date: Oct 06, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-95-0): * Fix for Linux Kernel CVE-2017-12146
cos-stable-61-9765-79-0
Date: Oct 6, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.10 Docker: v17.03.2 Changelog (vs 61-9765-66-0): * Fix for Linux Kernel CVE-2017-12146
cos-beta-62-9901-37-0
Date: Oct 5, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.6 Docker: v17.03.2 Changelog (vs 62-9901-21-0): * Minor changes
cos-dev-63-10004-0-0
Date: Oct 5, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.7 Docker: v17.03.2 Changelog (vs 63-9975-0-0): * Upgraded Kubernetes to v1.7.7.
cos-dev-63-9975-0-0
Date: Sep 28, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.6 Docker: v17.03.2 Changelog (vs 63-9956-0-0): * Fix for Linux Kernel CVE-2017-11600
cos-dev-63-9956-0-0
Date: Sep 20, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.6 Docker: v17.03.2 Changelog (vs 62-9901-8-0): * Upgraded Kubernetes package to v1.7.6 * Enabled CONFIG_IFB as module * Enabled support for eBPF syscall
cos-beta-62-9901-21-0
Date: Sep 20, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.6 Docker: v17.03.2 Changelog (vs 62-9901-8-0): * Promoted to beta channel * Upgraded Kubernetes package to v1.7.6
cos-stable-61-9765-66-0
Date: Sep 18, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.10 Docker: v17.03.2 Changelog (vs 61-9765-50-0): * Mitigated a potential performance regression in Kubernetes by adding a temporary experimental flag to docker daemon that allows disabling docker healthchecks. This does not affect non-Kubernetes use cases. * Upgraded dev-vcs/git package to 2.13.5 in order to fix CVE-2017-1000117.
cos-stable-60-9592-95-0
Date: Sep 18, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-90-0): * Upgraded dev-vcs/git package to 2.13.5 in order to fix CVE-2017-1000117.
cos-beta-61-9765-58-0
Date: Sep 08, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.9 Docker: v17.03.2 Changelog (vs 61-9765-50-0): * Mitigated a potential performance regression in Kubernetes by adding a temporary experimental flag to docker daemon that allows disabling docker healthchecks. This does not affect non-Kubernetes use cases.
cos-dev-62-9901-8-0
Date: Sep 08, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.2 Docker: v17.03.2 Changelog (vs 62-9901-0-0): * Minor changes
cos-dev-62-9901-0-0
Date: Sep 01, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.2 Docker: v17.03.2 Changelog (vs 62-9874-0-0): * Mitigated a potential performance regression in Kubernetes by adding a temporary experimental flag to docker daemon that allows disabling docker healthchecks. This does not affect non-Kubernetes use cases. * Upgraded dev-python/prettytable to version 0.7.2. This fixes an issue seen in cloud-init
cos-beta-61-9765-50-0
Date: Sep 01, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.9 Docker: v17.03.2 Changelog (vs 61-9765-31-0): * Upgraded kubernetes to 1.6.9 * Backported https://golang.org/cl/53635 which resolved the incompatibility in tar files generated between Go 1.7 and Go 1.8 * Backported Linux kernel fix https://patchwork.kernel.org/patch/9882431/
cos-stable-60-9592-90-0
Date: Sep 01, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-84-0): * Fix for Linux Kernel CVE-2017-10661 * Backported https://golang.org/cl/53635 which resolved the incompatibility in tar files generated between Go 1.7 and Go 1.8
cos-dev-62-9874-0-0
Date: Aug 24, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.2 Docker: v17.03.2 Changelog (vs 62-9851-0-0): * Alpha support for Containers on Compute Engine.
cos-dev-62-9851-0-0
Date: Aug 17, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.2 Docker: v17.03.2 Changelog (vs 62-9831-0-0): * Cherrypicked upstream kernel change https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6e7bc478c9a006c701c14476ec9d389a484b4864 * Cherrypicked upstream Go language change https://go.googlesource.com/go/+/01e45c736882754ca785b5a802ec0866a6544f8b
cos-beta-61-9765-31-0
Date: Aug 17, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.7 Docker: v17.03.2 Changelog (vs 61-9765-24-0): * Fix for Linux Kernel CVE-2017-7533
cos-stable-60-9592-84-0
Date: Aug 17, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-82-0): * Fix for Linux Kernel CVE-2017-7533
cos-dev-62-9831-0-0
Date: Aug 11, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.7.2 Docker: v17.03.2 Changelog (vs cos-dev-62-9785-0-0): * Disabled HPN support in OpenSSH so that Compute Engine's SSH-from-browser feature is compatible with Container-Optimized OS instances. * Upgraded Kubernetes to v1.7.2 * Fixed systemd-resolved CVE-2017-9445 * Backported kernel fixes for CVE-2017-11473, CVE-2017-11472, CVE-2017-7542, and CVE-2017-7533.
cos-beta-61-9765-24-0
Date: Aug 11, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.7 Docker: v17.03.2 Changelog (vs cos-beta-61-9765-17-0): * Disabled HPN support in OpenSSH so that Compute Engine's SSH-from-browser feature is compatible with Container-Optimized OS instances. * Backported a few systemd-resolved fixes for alloc size calculation (fixes CVE-2017-9445)
cos-stable-60-9592-82-0
Date: Aug 11, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs cos-stable-60-9592-76-0): * Backported a few systemd-resolved fixes for alloc size calculation (fixes CVE-2017-9445)
cos-dev-62-9785-0-0
Date: Aug 04, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v17.03.2 Changelog (vs 61-9765-17-0): * New milestone in dev channel * Minor bugfixes
cos-beta-61-9765-17-0
Date: Aug 04, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.7 Docker: v17.03.2 Changelog (vs 61-9765-8-0): * Promoted to beta * Upgraded Kubernetes to v1.6.7
cos-stable-60-9592-76-0
Date: Aug 04, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-70-0): * Promoted to stable * Minor bugfixes
cos-dev-61-9765-8-0
Date: Jul 27, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v17.03.2 Changelog (vs 61-9759-0-0): * Fixed build issues with open source codebase
cos-beta-60-9592-70-0
Date: Jul 27, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-65-0): * Updated sys-apps/coreutils to 8.25. Greatly reduced number of syscalls `du` makes and improved kubelet performance
cos-beta-60-9592-65-0
Date: Jul 20, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-52-0): * Fix for Linux kernel CVE-2017-11176 * Fixed a bug in the `ip sets` command: sometimes valid entries in hash:* types of sets were evicted
cos-dev-61-9759-0-0
Date: Jul 20, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v17.03.2 Changelog (vs 61-9733-0-0): * Updated sys-apps/coreutils to 8.25. Greatly reduced number of syscalls `du` makes and improved kubelet performance * Updated dev-go/dbus to use upstream commit bd29ed602e2c * Fix for Linux kernel CVE-2017-11176
cos-stable-59-9460-73-0
Date: Jul 14, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.11.2 Changelog (vs 59-9460-64-0): * Fix for Linux kernel CVE-2017-1000364 * Fix for Linux kernel CVE-2017-1000365 * Fix for Linux kernel CVE-2017-1000370 * Fix for Linux kernel CVE-2017-1000371 * Fix for Linux kernel CVE-2017-1000379 * Fix for glibc CVE-2017-1000366
cos-dev-61-9733-0-0
Date: Jul 11, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v17.03.2 Changelog (vs 61-9715-0-0): * Upgraded Docker to v17.03.2 * Fixed a bug in the `ip sets` command: sometimes valid entries in hash:* types of sets were evicted * Fix for Linux kernel CVE-2017-1000364
cos-beta-60-9592-52-0
Date: Jul 11, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-31-0): * Fix for Linux kernel CVE-2017-1000364 * Fix for Linux kernel CVE-2017-1000365 * Fix for Linux kernel CVE-2017-1000370 * Fix for Linux kernel CVE-2017-1000371 * Fix for Linux kernel CVE-2017-1000379 * Fix for glibc CVE-2017-1000366
cos-dev-61-9715-0-0
Date: Jul 05, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v17.03.1 Changelog (vs 61-9696-0-0): * Fixed a regression in cos-dev builds starting with 61-9655-0-0 that caused the image size to grow beyond 10GB.
cos-dev-61-9696-0-0
Date: Jun 29, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v17.03.1 Changelog (vs 61-9678-0-0): * Switched to LLVM compiler * Fixed a bug that may lead to the kernel freezing with the following error message: "unregister_netdevice: waiting for lo to become free."
cos-dev-61-9678-0-0
Date: Jun 26, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v17.03.1 Changelog (vs 61-9655-0-0): * Upgraded Docker to v17.03.1 * Enabled live-restore and overlay2 for Docker by default * Updated default toolbox image tag to '20170615-00' * Fixed ext4 kernel panic caused by memory shortage in memory cgroup
cos-beta-60-9592-31-0
Date: Jun 26, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-23-0): * Fixed ext4 kernel panic caused by memory shortage in memory cgroup
cos-dev-61-9655-0-0
Date: Jun 16, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 61-9626-0-0): * Disabled the default IP Aliases setting in the Google IP Forwarding Daemon * Upgraded docker-credential-gcr to v1.4.1 * kernel: remove sysctl vm.disk_based_swap (default behavior is enabled) * Fix for Linux kernel CVE-2017-9075
cos-beta-60-9592-23-0
Date: Jun 16, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-11-0): * Disabled the default IP Aliases setting in the Google IP Forwarding Daemon * Fix for Linux kernel CVE-2017-9077 * Fix for Linux kernel CVE-2017-9242
cos-stable-59-9460-64-0
Date: Jun 16, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.11.2 Changelog (vs 59-9460-60-0): * Disabled the default IP Aliases setting in the Google IP Forwarding Daemon * Fix for Linux kernel CVE-2017-9077 * Fix for Linux kernel CVE-2017-9242
cos-dev-61-9626-0-0
Date: Jun 8, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-2-0): * New milestone in dev channel * Fixed /etc/resolv.conf in toolbox container * Upgraded Kubernetes to v1.6.4 * Support multiple network interfaces that are configured through DHCP * Updated to compute-image-packages-20170523 * Fix for Linux kernel CVE-2017-9077 * Fix for Linux kernel CVE-2017-9242
cos-beta-60-9592-11-0
Date: Jun 8, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.13.1 Changelog (vs 60-9592-2-0): * Fixed /etc/resolv.conf in toolbox container * Upgraded Kubernetes to v1.6.4 * Promoted to beta channel
cos-stable-59-9460-60-0
Date: Jun 8, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.4 Docker: v1.11.2 Changelog (vs 59-9460-57-0): * Upgraded Kubernetes to v1.6.4 * Promoted to stable channel
cos-dev-60-9592-2-0
Date: Jun 1, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.3 Docker: v1.13.1 Changelog (vs 60-9588-0-0): * Minor bugfixes
cos-beta-59-9460-57-0
Date: Jun 1, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.1 Docker: v1.11.2 Changelog (vs 59-9460-51-0): * Minor bugfixes
cos-dev-60-9588-0-0
Date: May 25, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.3 Docker: v1.13.1 Changelog (vs 60-9565-0-0): * Fix for Linux kernel CVE-2017-8890 * Fix a bug in CPU scheduler that may lead to kernel panic
cos-beta-59-9460-51-0
Date: May 25, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.1 Docker: v1.11.2 Changelog (vs 59-9460-43-0): * Fix for Linux kernel CVE-2017-8890
cos-stable-58-9334-74-0
Date: May 25, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.6 Docker: v1.11.2 Changelog (vs 58-9334-72-0): * Fix for Linux kernel CVE-2017-8890
cos-stable-57-9202-74-0
(gci-stable-57-9202-74-0 di project google-containers
)
Date: May 22, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 57-9202-64-0): * Fix for Linux kernel CVE-2017-7895
cos-dev-60-9565-0-0
Date: May 22, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.3 Docker: v1.13.1 Changelog (vs 60-9540-0-0): * Fix for Linux kernel CVE-2017-7895 * Upgraded Docker to v1.13.1 * Upgraded Kubernetes to v1.6.3 * /proc/config.gz available by default (without needed 'modprobe configs') * Added support for docker-credential-gcr (https://github.com/GoogleCloudPlatform/docker-credential-gcr) * Minor bugfix in audit subsystem
cos-stable-58-9334-72-0
Date: May 18, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.6 Docker: v1.11.2 Changelog (vs 58-9334-62-0): * Fix for Linux kernel CVE-2017-7895
cos-beta-59-9460-43-0
Date: May 18, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.1 Docker: v1.11.2 Changelog (vs 59-9460-20-0): * Fix for Linux kernel CVE-2017-7895
cos-dev-60-9540-0-0
Date: May 11, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.1 Docker: v1.11.2 Changelog (vs 60-9504-0-0): * Enabled kernel's static hugepage support * Enabled DM_THIN_PROVISIONING support * Enabled kernel address space layout randomization (KASLR) * Ensured cloud-init waits for user-data to become accessible * Added new gcr-online.target that can be used to launch tasks when Google Container Registry (GCR) becomes accessible on boot * Added support for DHCP option 119 (Domain Search List) in systemd
cos-dev-60-9504-0-0
Date: May 3, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.1 Docker: v1.11.2 Changelog (vs 59-9460-11-0): * Upgraded Kubernetes to version 1.6.1 * Upgraded systemd to version 232 * Upgraded D-Bus to version 1.10.12 * Promoted to dev channel
cos-beta-59-9460-20-0
Date: May 3, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.6.1 Docker: v1.11.2 Changelog (vs 59-9460-11-0): * Upgraded Kubernetes to version 1.6.1 * Promoted to beta channel
cos-stable-58-9334-62-0
Date: May 3, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.6 Docker: v1.11.2 Changelog (vs 58-9334-56-0): * No major changes since the last release * Promoted to stable channel
cos-dev-59-9460-11-0
Date: Apr 27, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 59-9460-4-0): * No major changes since the last release.
cos-beta-58-9334-56-0
Date: Apr 27, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.6 Docker: v1.11.2 Changelog (vs 58-9334-53-0): * Backported upstream kernel patch for error handling in encrypted ext4 filesystem
cos-beta-58-9334-53-0
Date: Apr 20, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.6 Docker: v1.11.2 Changelog (vs 58-9334-35-0): * Upgraded kubernetes to version 1.5.6
cos-dev-59-9460-4-0
Date: Apr 20, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 59-9452-0-0): * Fixed the incorrect kernel version shown in image description * Fixed the bug wherein journald doesn't persist logs across instance reboot * Changed compilation of runc, containerd and docker to dynamically-linked * Added support for journald as log driver for Docker containers * Run fsck for the stateful partition on every boot * Use new JSON file format for Docker configuration in dockercfg_update.sh
cos-dev-59-9452-0-0
Date: Apr 12, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 59-9436-0-0): * Minor internal implementation changes
cos-dev-59-9436-0-0
Date: Apr 6, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 59-9415-0-0): * Cherry-picked fixes for 'gcplogs' log-driver in Docker (https://github.com/docker/docker/issues/29344) * Enabled KPROBES kernel config so kprobes work
cos-beta-58-9334-35-0
Date: Apr 6, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 58-9334-28-0): * Cherry-picked fixes for 'gcplogs' log-driver in Docker (https://github.com/docker/docker/issues/29344)
cos-stable-57-9202-64-0
(gci-stable-57-9202-64-0 di project google-containers
)
Date: Apr 6, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Chaneglog (vs 57-9202-56-0): * Fixes for CVE-2017-7184, CVE-2017-7308 * Cherry-picked fixes for 'gcplogs' log-driver in Docker (https://github.com/docker/docker/issues/29344)
cos-stable-56-9000-104-0
(gci-stable-56-9000-104-0 di project google-containers
)
Date: Apr 6, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.9 Docker: v1.11.2 Changelog (vs 56-9000-103-0) * Fixes for CVE-2017-7184, CVE-2017-7308
cos-stable-56-9000-103-0
(gci-stable-56-9000-103-0 di project google-containers
)
Date: Apr 3, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.9 Docker: v1.11.2 Changelog (vs 56-9000-84-2) * Updated Kubernetes to v1.4.9
cos-beta-58-9334-28-0
Date: Mar 31, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 58-9334-19-0): * Fixes for CVE-2017-7184, CVE-2017-7308
cos-dev-59-9415-0-0
Date: Mar 31, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 59-9394-0-0): * Upgraded libseccomp to version 2.3.1 * Upgraded sys-kernel/linux-headers to version 4.4 * Fixes for CVE-2017-7184, CVE-2017-7308
Rollback cos-stable-57-9202-56-0
(rollback gci-stable-57-9202-56-0 di project google-containers
)
Date: Mar 30, 2017 Rollback Reason: * Identified an issue where using the Docker API from inside a Docker container breaks in certain cases.
cos-dev-59-9394-0-0
Date: Mar 24, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 58-9334-11-0): * Improved metadata polling in device_policy_manager for lower latency
cos-beta-58-9334-19-0
Date: Mar 24, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Changelog (vs 58-9334-11-0): * Upgraded kubernetes version to v1.5.4 * Promoted to beta channel
cos-stable-57-9202-56-0
(gci-stable-57-9202-56-0 di project google-containers
)
Date: Mar 24, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.4 Docker: v1.11.2 Chaneglog (vs 57-9202-51-0): * Upgraded kubernetes version to v1.5.4 * Promoted to stable channel
cos-beta-57-9202-51-0
(gci-beta-57-9202-51-0 di project google-containers
)
Date: Mar 15, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 57-9202-38-0) * Minor changes
cos-dev-58-9334-11-0
Date: Mar 15, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 58-9333-2-0) * Minor changes
cos-dev-58-9334-2-0
Date: Mar 8, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 58-9330-0-0) * Fixed double-logging of audit messages * Updated compute-image-packages to v20170227
cos-dev-58-9330-0-0
Date: Mar 3, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 58-9312-0-0) * Includes 3 network and 1 filesystem backports from upstream kernel
cos-dev-58-9312-0-0
Date: Feb 24, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 58-9289-0-0) * Fixed CVE-2017-5551, CVE-2017-5967, CVE-2017-5970. * Allowed environment variables EDITOR, LANG, LC_ALL, PAGER, and TZ to be set through ssh. * Backported a patch for compute-image-packages to fix high cpu usage.
cos-beta-57-9202-38-0
(gci-beta-57-9202-38-0 di project google-containers
)
Date: Feb 24, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 57-9202-38-0) * Minor changes.
cos-dev-58-9289-0-0
Date: Feb 17, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 57-9202-30-0) * device_policy_manager now supports full image name as the value for 'cos-update-strategy'. * device_policy_manager now performs channel switch when users try to update to a different channel. * Expanded bindmount@.service into .mount units. * Removed dependency on Upstart so that systemd is now the init process as PID 1. * Added a C.UTF-8 locale and made it default. * Moved all COS-specific system services under the cgroup slice '/system.slice/system-sysdaemons.slice/'. * Backported fixes for issues identified by KASAN.
cos-stable-56-9000-84-2
(gci-stable-56-9000-84-2 di project google-containers
)
Date: Fec 17, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.8 Docker: v1.11.2 Changelog (vs 56-9000-84-0) * Promoted to stable channel. * Backported upstream kernel patches to fix iptables-restore performance regression in 4.4 kernel. * Fixed a bug in google-accounts-daemon which causes it to misbehave when network/metadata service becomes unavailable.
cos-beta-57-9202-30-0
(project google-containers
gci-beta-57-9202-30-0)
Date: Feb 16, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 57-9202-26-0) * Fixed a bug in google-accounts-daemon which causes it to misbehave when network/metadata service becomes unavailable. * Improved handling of missing metadata keys in device_policy_manager.
cos-dev-57-9202-26-0
(project google-containers
gci-dev-57-9202-26-0)
Date: Feb 13, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 57-9202-20-0) * Backported upstream kernel patches to fix iptables-restore performance regression in 4.4 kernel
cos-dev-57-9202-20-0
(project google-containers
gci-dev-57-9202-20-0)
Date: Feb 09, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.5.2 Docker: v1.11.2 Changelog (vs 57-9196-0-0) * Backported the get_metadata_value script from compute-image-packages 1.3.3 * Changeed ID=gci to ID=cos in /etc/os-release * Added support metadata keys with 'cos-' prefix * Upgraded kubernetes to 1.5.2 * Fixed CVE-2016-9962 in runc * Backported a few upstream kernel patches that fixed xfstest failures for ext4.
cos-beta-56-9000-84-0
(gci-beta-56-9000-84-0 di project google-containers
)
Date: Fec 08, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.8 Docker: v1.11.2 Changelog (vs 56-9000-80-0) * Changed ID=gci to ID=cos in /etc/os-release
cos-stable-55-8872-79-0
(gci-stable-55-8872-79-0 di project google-containers
)
Date: Feb 03, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 55-8872-77-0) * Added support metadata keys with 'cos-' prefix * Changed ID=gci to ID=cos in /etc/os-release
cos-beta-56-9000-80-0
(gci-beta-56-9000-80-0 di project google-containers
)
Date: Jan 31, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.8 Docker: v1.11.2 Changelog (vs 56-9000-76-0) * Backported get_metadata_value script * Added support metadata keys with 'cos-' prefix
cos-stable-55-8872-77-0
(gci-stable-55-8872-77-0 di project google-containers
)
Date: Jan 27, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 55-8872-76-0) * Fixed CVE-2016-9962 in runc component of Docker
cos-beta-56-9000-76-0
(gci-beta-56-9000-76-0 di project google-containers
)
Date: Jan 26, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.8 Docker: v1.11.2 Changelog (vs 56-9000-66-0) * Updated Kubernetes to v1.4.8 * Fix issue where net.ipv4.conf.eth0.forwarding and net.ipv4.ip_forward could get reset to 0 on systemd-networkd and/or systemd-sysctl service restart * Fixed CVE-2016-9962 in runc component of Docker
cos-dev-57-9196-0-0
(project google-containers
gci-dev-57-9196-0-0)
Date: Jan 18, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 57-9102-0-0) * kernel: Use kernel default of net.ipv4.ip_forwarding * kernel: LSM: fix buffer over-read in printable_cmdline * kernel: Merge with stable kernel v4.4.35 * glibc: roll to 2.23
gci-beta-56-9000-66-0
Date: Jan 18, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 56-9000-36-0) * minor changes
gci-stable-55-8872-76-0
Date: Jan 18, 2017 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 55-8872-71-0) * minor changes
gci-dev-56-9000-36-0
Date: Dec 22, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 56-9000-21-0) * Fixed CVE-2016-7039, CVE-2016-8655, CVE-2016-9793
gci-dev-57-9102-0-0
Date: Dec 19, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 56-9000-21-0): * default.target now refers to multi-user.target instead of graphical.target in systemd * fixes a bug in systemd that could cause toolbox to terminate unexpectedly * Fixed CVE-2016-7039, CVE-2016-8655, CVE-2016-9793 * other bugfixes
gci-beta-56-9000-21-0
Date: Dec 15, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog: * Promoted to beta from #gci-dev-56-9000-21-0
gci-stable-55-8872-71-0
Date: Dec 14, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog: * Promoted to stable from #gci-beta-55-8872-71-0
gci-beta-55-8872-71-0
Date: Dec 14, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 55-8872-70-0) * Fixed CVE-2016-7039, CVE-2016-8655, CVE-2016-9793
gci-beta-55-8872-70-0
Date: Dec 09, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 55-8872-55-0) * Enabled BLK_DEV_THROTTLING and process stats accounting config options in kernel * Fixed CVE-2015-8964, CVE-2016-6828, CVE-2016-7042, CVE-2016-7097, CVE-2016-7917 and CVE-2016-8666
gci-dev-56-9000-21-0
Date: Dec 09, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 56-8977-0-0) * Updated Kubernetes to v1.4.6 * Added compute-image-packages (20160930 release) * Enabled BLK_DEV_THROTTLING, BLK_DEV_NVME and process stats accounting config options in kernel * Fixed Fixed CVE-2015-8964, CVE-2016-6828, CVE-2016-7042, CVE-2016-7097 and CVE-2016-7917
gci-stable-54-8743-89-0
Date: Dec 06, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.10 Docker: v1.11.2 Changelog (vs 54-8743-86-0) * Enabled BLK_DEV_THROTTLING kernel config * Enabled kernel configs related to process stats accounting * Fixed CVE-2015-8964, CVE-2016-6828, CVE-2016-7042, CVE-2016-7097, CVE-2016-7917 and CVE-2016-8666
gci-beta-55-8872-55-0
Date: Nov 17, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.6 Docker: v1.11.2 Changelog (vs 54-8872-47-0) * Updated Kubernetes to v1.4.6 * Change the product name to 'Container-Optimized OS' in /etc/os-release
gci-stable-54-8743-86-0
Date: Nov 17, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.10 Docker: v1.11.2 Changelog (vs 54-8743-76-0) * Updated Kubernetes to v1.3.10 * Change the product name to 'Container-Optimized OS' in /etc/os-release
gci-stable-53-8530-102-0
Date: Nov 17, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.9 Docker: v1.11.2 Changelog (vs 53-8530-100-0) * Change the product name to 'Container-Optimized OS' in /etc/os-release
gci-beta-55-8872-47-0
Date: Nov 11, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.5 Docker: v1.11.2 Changelog (vs 55-8872-40-0) * Cherry-pick runc PR#608: Eliminate redundant parsing of mountinfo
gci-dev-56-8977-0-0
Date: Nov 10, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.5 Docker: v1.11.2 Changelog (vs 56-8956-0-0) * Cherry-pick runc PR#608: Eliminate redundant parsing of mountinfo * Enabled various kernel modules needed for iptables and conntrack functionality to work correctly. * Updated Docker image used by `toolbox` and it now comes with several networking tools pre-installed. * Fixed CVE-2016-8666
gci-beta-55-8872-40-0
Date: Nov 04, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.5 Docker: v1.11.2 Changelog (vs 55-8872-26-0) * Updated kubernetes to v1.4.5
gci-dev-56-8956-0-0
Date: Nov 03, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.5 Docker: v1.11.2 Changelog (vs 56-8938-0-0) * Updated kubernetes to v1.4.5
gci-dev-56-8938-0-0
Date: Oct 27, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.4 Docker: v1.11.2 Changelog (vs 55-8872-18-0) * Updated kubernetes to v1.4.4 * Fixed a bug in e2fsprogs that caused mke2fs to take a very long time. Upstream fix: http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?h=next&id=d33e690fe7a6cbeb51349d9f2c7fb16a6ebec9c2
gci-beta-55-8872-26-0
Date: Oct 26, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.4 Docker: v1.11.2 Changelog (vs 55-8872-18-0) * Updated kubernetes to v1.4.4 * Fixed a bug in e2fsprogs that caused mke2fs to take a very long time. Upstream fix: http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?h=next&id=d33e690fe7a6cbeb51349d9f2c7fb16a6ebec9c2
gci-stable-54-8743-76-0
Date: Oct 26, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.9 Docker: v1.11.2 Changelog (vs 54-8743-71-0) * Fixed a bug in e2fsprogs that caused mke2fs to take a very long time. Upstream fix: http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?h=next&id=d33e690fe7a6cbeb51349d9f2c7fb16a6ebec9c2
gci-stable-54-8743-71-0
Date: Oct 21, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.9 Docker: v1.11.2 Changelog (vs 54-8743-69-0) * Fix for Linux Kernel CVE-2016-5195 (Dirty Cow) * Updated kubernetes to v1.3.9 * Disabled timeout in systemd-networkd-wait-online.service to better deal with network bringup latency observed in some cases
gci-stable-53-8530-100-0
Date: Oct 20, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.9 Docker: v1.11.2 Changelog (vs 53-8530-85-0) * Fix for Linux Kernel CVE-2016-5195 (Dirty Cow) * Updated kubernetes to v1.3.9
gci-dev-55-8872-18-0
Date: Oct 20, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.1 Docker: v1.11.2 Changelog (vs 55-8872-16-0) * Fix for Linux Kernel CVE-2016-5195 (Dirty Cow)
gci-beta-54-8743-69-0
Date: Oct 19, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.8 Docker: v1.11.2 Changelog (vs 54-8743-54-0) * Minor bugfixes
gci-dev-55-8872-16-0
Date: Oct 19, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.1 Docker: v1.11.2 Changelog (vs 55-8866-0-0) * Updated kubernetes to v1.4.1 * Toolbox started using gcr.io/google-containers/toolbox as base image * Enabled FSCACHE, CACHEFILES and NFS_FSCACHE kernel configurations for better NFS support
gci-dev-55-8866-0-0
Date: Oct 5, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.4.0 Docker: v1.11.2 Changelog (vs 55-8820-0-0) * Updated kubernetes to v1.4.0 * Enabled VXLAN and IP_SET config options in kernel to support some networking tools * Patched OpenSSL (CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2181, CVE-2016-2182, CVE-2016-6302, CVE-2016-6303)
gci-beta-54-8743-54-0
Date: Oct 4, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.8 Docker: v1.11.2 Changelog (vs 54-8743-42-0): * Updated Kubernetes to v1.3.8 * Backported OverlayFS fixes from v4.4.21 stable kernel
gci-stable-53-8530-94-0
Date: Sep 28, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.8 Docker: v1.11.2 Changelog (vs 53-8530-85-0): * Fixed performance regression in veth device driver in ChromiumOS kernel * Updated Kubernetes to v1.3.8
gci-dev-55-8820-0-0
Date: Sep 20, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.7 Docker: v1.11.2 Changelog: * Updated kubernetes to v1.3.7 * Added ebtables and ethtools * Changed the binaries runc, containerd and docker to be statically linked * Patched systemd to prevent being OOM-killed when running as PID other than 1 * Fixed performance regression in veth device driver in ChromiumOS kernel
gci-beta-54-8743-42-0
Date: Sep 27, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.7 Docker: v1.11.2 Changelog (vs 54-8743-25-0): * Updated Kubernetes to v1.3.7 * Fixed performance regression in veth device driver in ChromiumOS kernel * Patched OpenSSL (CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2181, CVE-2016-2182, CVE-2016-6302, CVE-2016-6303)
gci-beta-54-8743-25-0
Date: Sep 13, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.6 Docker: v1.11.2 Changelog: * Promoted release milestone 54 to beta
gci-stable-53-8530-85-0
Date: Sep 14, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.7 Docker: v1.11.2 Changelog (vs 53-8530-81-0): * Updated Kubernetes to v1.3.7 * Enable marketing name injection for model and name * CRAS: bt_device - Associate with adapter's object path
gci-stable-53-8530-81-0
Date: Sep 8, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.6 Docker: v1.11.2 Changelog (vs 53-8530-71-0): * docker: upgrade go-patricia to fix memory leak (Docker issue#24420) * overlayfs corruption fix (Kernel commit 45d11738969633ec07ca35d75d486bf2d8918df6)
gci-dev-54-8743-3-0
Date: Aug 29, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.6 Docker: v1.11.2 Changelog (vs 54-8711-0-0): * Updated Kubernetes to v1.3.6. * Docker: cherry-pick fix for memory leak in go-patricia (Docker commit 3d714b5ed58cfdfd5872ddd3654d171b09bb02d3) * Cloud-Init: execute users-groups before write-files * Kernel: make SHA256 the default hash for IMA
gci-beta-53-8530-71-0
Date: Aug 29, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.6 Docker: v1.11.2 Changelog (vs gci-beta-53-8530-57-0): * Updated Kubernetes to v1.3.6.
gci-stable-52-8350-75-0
Date: August 25, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.2.6 Docker: v1.9.1 Changelog (vs gci-stable-52-8350-60-0): * Fix for a ChromiumOS-specific memory leak in fs/namei.c
gci-dev-54-8711-0-0
Date: Aug 16, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.5 Docker: v1.11.2 Changelog (vs 54-8666-0-0): * Updated Kubernetes to v1.3.5. * Enable apparmor support by default * Enable GCR (Container Registry) mirror * Enable bcache as a module
gci-beta-53-8530-57-0
Date: Aug 15, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.5 Docker: v1.11.2 Changelog (vs gci-beta-53-8530-42-0): * Updated Kubernetes to v1.3.5. * Users creates by Google accounts manager daemon are automatically added to `docker` group * Fixed a filesystem-related memory leak in ChromiumOS kernel
gci-dev-54-8666-0-0
Date: Aug 3, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.4 Docker: v1.11.2 Changelog (vs gci-dev-53-8530-29-0): * Updated Kubernetes to v1.3.4. * Kernel: many unused features were disabled * Added apparmor support * Enabled seccomp support * Kernel updated to 4.4.14 * Updated 'toolbox' image to 'jessie-backports'
gci-beta-53-8530-42-0
Date: Aug 3, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.4 Docker: v1.11.2 Changelog: * Updated Kubernetes to v1.3.4.
gci-beta-53-8530-40-0
Date: Aug 2, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.3 Docker: v1.11.2 Changelog: * Promoted release milestone 53 to beta (no code changes vs gci-dev-53-8530-29-0)
gci-stable-52-8350-60-0
Date: July 28, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.2.6 Docker: v1.9.1 Changelog: * Promoted release milestone 52 to stable (no code changes)
gci-dev-53-8530-29-0
Date: July 25, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.3 Docker: v1.11.2 Changelog: * Updated Kubernetes to v1.3.3. * Minor bugfix in crash/metrics reporting code.
gci-beta-52-8350-60-0
Date: July 21, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.2.6 Docker: v1.9.1 Changelog: * Updated Kubernetes to v1.2.6.
gci-dev-53-8530-20-0
Date: July 18, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.2 Docker: v1.11.2 Changelog: * Updated Kubernetes to v1.3.2.
gci-dev-53-8530-14-0
Date: July 14, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.0 Docker: v1.11.2 Changelog: * Minor fixes.
gci-dev-53-8530-6-0
Date: July 07, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.0 Docker: v1.11.2 Changelog: * Updated Kubernetes to v1.3.0 * Fixed a typo in cloud-init's UID assignment code * Enabled NFS server and client support in the kernel * Enabled crash and metrics collection daemons (requires user opt-in, see Configuring a Container-VM instance)
gci-beta-52-8350-45-0
Date: June 28, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.2.5 Docker: v1.9.1 Changelog: * Updated Kubernetes to v1.2.5
gci-dev-53-8490-0-0
Date: June 23, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.3.0-beta2 Docker: v1.11.2 Changelog: * Updated Kubernetes to v1.3.0-beta2 * Added a systemd service `cloud-audit-setup` to log network connections and binary executions (disabled by default)
gci-beta-52-8350-39-0
Date: June 23, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.2.4 Docker: v1.9.1 Changelog: * Promoted release milestone 52 to beta * Started to audit every binary execution
gci-stable-51-8172-47-0
Date: June 9, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v.1.2.4 Docker: v1.9.1 Changelog: * Promoted release milestone 51 to stable (no code changes since `gci-beta-51-8172-38-0`)
gci-dev-52-8352-0-0
Date: May 23, 2016 Kernel: ChromiumOS-4.4 Kubernetes: v1.2.4 Docker: v1.9.1 Changelog: * Kernel upgraded to v4.4 * cloud-init: add patch to resolve metadata server locally * docker: backport fix for issue#18113 * docker: Add error checks in dockercfg_update.sh
gci-beta-51-8172-38-0
Date: May 18, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.2.4 Docker: v1.9.1 Changelog: * cloud-init: add patch to resolve metadata server locally * docker: backport fix for issue#18113 * docker: Add error checks in dockercfg_update.sh
gci-dev-52-8300-0-0
Date: May 09, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.2.4 Docker: v1.9.1 Changelog: * Updated Kubernetes to v1.2.4 * Fixed device policy file corruption * Fixed image license * Switched to using grub2 * Fixed manual rollback * Added /etc/os-release file
gci-beta-51-8172-26-0
Date: May 09, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.2.4 Docker: v1.9.1 Changelog: * Updated Kubernetes to v1.2.4
gci-stable-50-7978-71-0
Date: May 05, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.1.8 Docker: v1.9.1 Changelog: * Fixed image license * Internal cleanup changes
gci-beta-51-8172-23-0
Date: May 04, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.2.3 Docker: v1.9.1 Changelog: * Fixed image license * Fixed device-policy file corruption
gci-stable-50-7978-62-0
Date: Apr 26, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.1.8 Docker: v1.9.1 Changelog: * Promoted to Stable channel * Fix for CVE-2015-8785
gci-beta-51-8172-12-0
Date: Apr 26, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.2.3 Docker: v1.9.1 Changelog: * Promoted to Beta channel * Updated Kubernetes to 1.2.3 * Added kubelet systemd service * glibc: backport fix for CVE-2013-7423 * Fix for CVE-2015-8785
gci-dev-52-8244-0-0
Date: Apr 26, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.2.3 Docker: v1.9.1 Changelog: * Updated Kubernetes to 1.2.3 * Added kubelet systemd service * Fixed /etc/localtime symlink * Rixed mount options usage in gci_startup * Improved error checks in dockercfg_update.sh * Send audit messages to journald * glibc: backport fix for CVE-2013-7423 * Fix for CVE-2015-8785
gci-dev-51-8168-0-0
Date: Apr 21, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.2.2 Docker: v1.9.1 Changelog: * Bug fixes
gci-beta-50-7978-52-0
Date: Apr 11, 2016 Kernel: ChromiumOS-3.18 Kubernetes: v1.1.8 Docker: v1.9.1 Changelog: * Promoted to beta channel