You can see the latest product updates for all of Google Cloud on the Google Cloud page, browse and filter all release notes in the Google Cloud console, or programmatically access release notes in BigQuery.
To get the latest product updates delivered to you, add the URL of this page to your
feed
reader, or add the feed URL directly: https://cloud.google.com/feeds/cos-109-release-notes.xml
April 15, 2024
cos-109-17800-147-60
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.9 | v1.7.13 | v535.161.08(default),v550.54.15(latest),v470.239.06(R470 for compatibility with K80 GPUs) |
Updated NVIDIA GPU drivers to v550.54.15. Fixed a potential corruption when launching kernels on H100 GPUs, which is more likely to occur when the GPU is shared between multiple processes.
Updated NVIDIA GPU drivers to v535.161.08. Fixed a potential corruption when launching kernels on H100 GPUs.
April 01, 2024
cos-109-17800-147-54
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.9 | v1.7.13 | v535.161.07(default),v550.54.14(latest),v470.239.06(R470 for compatibility with K80 GPUs) |
Updated app-containers/nvidia-container-toolkit to v1.14.6.
Upgraded localtoast to v1.1.7 and opted out of logging-service-running benchmark by default for cis-level2.
Upgraded sys-apps/makedumpfile to v1.7.4.
Upgraded app-admin/fluent-bit to v1.9.10.
Upgraded app-admin/node-problem-detector to v0.8.17.
Upgraded net-misc/chrony to v4.5.
Added NVIDIA GPU drivers R550 branch and update latest to 550.54.14.
Fixed a bug in google-guest-agent service enablement.
Fixed CVE-2024-26584 in the Linux kernel.
Fixed CVE-2024-26585 in the Linux kernel.
March 27, 2024
cos-109-17800-147-41
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.9 | v1.7.13 | v535.161.07(default, latest),v470.239.06(R470 for compatibility with K80 GPUs) |
Fixed CVE-2023-52434 in the Linux kernel.
Fixed CVE-2024-26583 in the Linux kernel.
Fixed CVE-2024-26582 in the Linux kernel.
Fixed CVE-2023-52435 in the Linux kernel.
March 20, 2024
cos-109-17800-147-38
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.9 | v1.7.13 | v535.161.07(default, latest),v470.239.06(R470 for compatibility with K80 GPUs) |
Added support for iSCSI targets and RAM block devices.
Updated app-editors/vim to 9.0.2167. This fixed CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706, CVE-2024-22667.
March 11, 2024
cos-109-17800-147-33
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.9 | v1.7.13 | v535.161.07(default, latest),v470.239.06(R470 for compatibility with K80 GPUs) |
Updated cos-gpu-installer to v2.2.1. Fixed cached driver installation error with network disabled. Added force-fallback flag, major version specification for GPU driver installation and fixed ordering of kernel module loading for nvidia-modeset and nvidia-drm
Updated NVIDIA GPU drivers to v470.239.06 and v535.161.07. This fixes CVE‑2024‑0074, CVE-2024-0075 and CVE-2022-42265.
March 06, 2024
cos-109-17800-147-28
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.9 | v1.7.13 | v535.154.05 (default),v535.154.05(latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Fixed CVE-2024-23851 in the Linux kernel.
February 27, 2024
cos-109-17800-147-22
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.9 | v1.7.13 | v535.154.05 (default),v535.154.05(latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Upgraded Docker to v24.0.9. This fixes CVE-2024-24557.
Fixed CVE-2024-0684 in sys-apps/coreutils.
Fixed CVE-2024-26581 in the Linux kernel.
February 20, 2024
cos-109-17800-147-15
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.5 | v1.7.13 | v535.154.05 (default),v535.154.05(latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Updated app-containers/containerd to v1.7.13.
Upgraded net-misc/curl to v8.6.0. This fixes CVE-2024-0853.
Updated dev-libs/libxml2 to v2.11.7. This fixes CVE-2024-25062.
February 12, 2024
cos-109-17800-147-9
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.75 | v24.0.5 | v1.7.10 | v535.154.05 (default),v535.154.05(latest),v470.223.02(R470 for compatibility with K80 GPUs) |
This is an LTS Refresh Release.
Update default NVIDIA GPU drivers to 535.154.05.
Updated cos-gpu-installer to v2.1.10.
Backported support for TCP RTO configuration in networkd.
Fixed CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550 and CVE-2023-40551 in sys-boot/shim.
Updated dev-libs/openssl to v3.0.13. This resolves CVE-2024-0727 and CVE-2023-6129.
Fixed CVE-2024-1086 in the linux kernel.
Runtime sysctl changes:
- Added: net.ipv4.tcp_backlog_ack_defer: 1
- Added: net.ipv4.tcp_shrink_window: 0
- Changed: fs.file-max: 812608 -> 812605
- Changed: net.core.optmem_max: 20480 -> 131072
- Changed: net.ipv6.route.max_size: 4096 -> 2147483647
- Changed: vm.lowmem_reserve_ratio: 256 256 32 0 -> 256 256 32 0 0
Fragmented nvidia-drivers and nvidia-drivers-open pkg into separate packages per major version.
February 05, 2024
cos-109-17800-66-81
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.10 | v535.129.03(default),v535.154.05(latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Update latest NVIDIA GPU driver to v535.154.05.
Fixed CVE-2023-6531 in the Linux kernel.
Fixed CVE-2024-0607 in the Linux kernel.
January 31, 2024
cos-109-17800-66-78
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.10 | v535.129.03(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Added kernel compatibility with iptables-nft.
Upgraded dev-python/jinja to v3.1.3. This resolves CVE-2024-22195.
Fixed CVE-2024-21626 in app-containers/runc.
Fixed CVE-2024-0646 in the Linux kernel.
Fixed CVE-2023-6915 in the Linux kernel.
Fixed CVE-2024-0565 in the Linux kernel.
Fixed CVE-2024-0193 in the Linux kernel.
Runtime sysctl changes:
- Added: net.netfilter.nf_flowtable_tcp_timeout: 30
- Added: net.netfilter.nf_flowtable_udp_timeout: 30
January 22, 2024
cos-109-17800-66-65
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.10 | v535.129.03(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Fixed a performance issue observed in Postgres databases.
January 16, 2024
cos-109-17800-66-58
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.10 | v535.129.03(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Upgraded dev-db/sqlite to v3.44.2-r2. This fixes CVE-2023-7104.
January 08, 2024
cos-109-17800-66-57
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.10 | v535.129.03(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Updated net-misc/openssh to v9.6_p1-r1.
Upgraded dev-go/crypto to v0.17.0. This fixes CVE-2023-48795.
Upgraded sys-apps/dbus to v1.12.28. This fixes CVE-2023-34969.
January 02, 2024
cos-109-17800-66-54
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.10 | v535.129.03(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Updated docker-credential-gcr to v2.1.21.
Fixed a performance issue that was observed in Postgres databases.
Updated dev-lang/go to v1.21.5. This resolves CVE-2023-45285 and CVE-2023-39326.
Updated net-misc/curl to v8.5.0. This resolves CVE-2023-46218.
Fixed CVE-2023-6817 in the Linux kernel.
Fixed CVE-2023-6931 in the Linux kernel.
Fixed CVE-2023-6932 in the Linux kernel.
December 19, 2023
cos-109-17800-66-43
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.10 | v535.129.03(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Updated app-containers/containerd to 1.7.10.
Fixed a container performance issue that occurred after
running systemctl start cloud-audit-setup.
Fixed a kernel crash that occurred when running Postgres databases.
Fixed CVE-2023-49083 in package dev-python/cryptography.
Fixed CVE-2023-6622 in the Linux kernel.
December 11, 2023
cos-109-17800-66-33
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.7 | v535.129.03(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Fixed CVE-2023-6111 in the Linux kernel.
November 29, 2023
cos-109-17800-66-32
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.7 | v535.129.03(default, latest),v470.223.02(R470 for compatibility with K80 GPUs) |
Updated NVIDIA GPU drivers. This resolves CVE-2023-31022.
Updated dev-libs/openssl to v3.0.12. This resolves CVE-2023-5363 and CVE-2023-5678.
Updated dev-libs/libxml2 to v2.11.5. This resolves CVE-2023-45322.
Fixed CVE-2023-5090 in the linux kernel.
November 15, 2023
cos-109-17800-66-27
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.7 | v535.104.12(default, latest),v470.199.02(R470 for compatibility with K80 GPUs) |
Updated dev-lang/go to v1.21.3. This resolves CVE-2023-44487 and CVE-2023-39325.
Updated dev-go/net to v0.17.0. This fixes CVE-2023-44487 and CVE-2023-39325.
Updated app-editors/vim,app-editors/vim-core to v9.0.2092. This resolves CVE-2023-4733, CVE-2023-4734, CVE-2023-4735, CVE-2023-4736, CVE-2023-4738, CVE-2023-4750, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535.
Updated net-libs/nghttp2 to v1.57.0. This resolves CVE-2023-44487 and CVE-2023-35945.
Fixed CVE-2023-46813 in the Linux kernel.
Fixed CVE-2023-46862 in the Linux kernel.
November 14, 2023
cos-109-17800-66-27
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.7 | v535.104.12(default, latest),v470.199.02(R470 for compatibility with K80 GPUs) |
Update dev-lang/go to 1.21.3. This resolves CVE-2023-44487 and CVE-2023-39325.
Updated dev-go/net to v0.17.0. This fixes CVE-2023-44487 and CVE-2023-39325.
Updated app-editors/vim,app-editors/vim-core to v9.0.2092. This resolves CVE-2023-4733, CVE-2023-4734, CVE-2023-4735, CVE-2023-4736, CVE-2023-4738, CVE-2023-4750, CVE-2023-4752, CVE-2023-4781, CVE-2023-5344, CVE-2023-5441, CVE-2023-5535.
Updated net-libs/nghttp2 to v1.57.0. This resolves CVE-2023-44487 and CVE-2023-35945.
Fixed CVE-2023-46813 in the Linux kernel.
Fixed CVE-2023-46862 in the Linux kernel.
November 07, 2023
cos-109-17800-66-19
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.7 | v535.104.12(default, latest),v470.199.02(R470 for compatibility with K80 GPUs) |
Updated google-guest-configs to 20230929.00.
Fixed CVE-2023-5717 in the Linux kernel.
October 30, 2023
cos-109-17800-66-15
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.58 | v24.0.5 | v1.7.7 | v535.104.12(default, latest),v470.199.02(R470 for compatibility with K80 GPUs) |
This is an LTS Refresh Release
Updated the Linux kernel to v6.1.58.
Updated app-containers/containerd to v1.7.7.
Updated default and latest NVIDIA GPU drivers to v535.104.12.
Updated dev-lang/go to v1.21.2. This resolves CVE-2023-39323.
Upgraded net-misc/curl to v8.4.0. This resolves CVE-2023-38545.
Fixed CVE-2023-4244 in the Linux kernel.
Enable portmapper registration reporting for lsof. This also fixes an issue where lsof is missing from SOS reports.
Restore systemd-logind restart behavior when dbus restarts.
Runtime sysctl changes:
- Added: net.ipv6.conf.all.accept_ra_min_lft: 0
- Added: net.ipv6.conf.default.accept_ra_min_lft: 0
- Added: net.ipv6.conf.docker0.accept_ra_min_lft: 0
- Added: net.ipv6.conf.eth0.accept_ra_min_lft: 0
- Added: net.ipv6.conf.lo.accept_ra_min_lft: 0
- Changed: fs.file-max: 812619 -> 812608
- Changed: kernel.threads-max: 63519 -> 63520
- Changed: net.netfilter.nf_conntrack_sctp_timeout_shutdown_recd: 0 -> 3
- Changed: net.netfilter.nf_conntrack_sctp_timeout_shutdown_sent: 0 -> 3
- Changed: user.max_cgroup_namespaces: 31759 -> 31760
- Changed: user.max_ipc_namespaces: 31759 -> 31760
- Changed: user.max_mnt_namespaces: 31759 -> 31760
- Changed: user.max_net_namespaces: 31759 -> 31760
- Changed: user.max_pid_namespaces: 31759 -> 31760
- Changed: user.max_time_namespaces: 31759 -> 31760
- Changed: user.max_user_namespaces: 31759 -> 31760
- Changed: user.max_uts_namespaces: 31759 -> 31760
October 11, 2023
cos-109-17800-0-51
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.42 | v24.0.5 | v1.7.2 | v535.104.05(default, latest),v470.199.02(R470 for compatibility with K80 GPUs) |
Fixed CVE-2023-38039 in net-misc/curl.
Fixed CVE-2023-5197 in the Linux kernel.
October 03, 2023
cos-109-17800-0-47
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.42 | v24.0.5 | v1.7.2 | v535.104.05(default),v470.199.02(R470) |
Updated cos-gpu-installer to v2.1.9.
Fixed CVE-2023-42753 in the Linux kernel.
September 27, 2023
cos-109-17800-0-45
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.42 | v24.0.5 | v1.7.2 | v535.104.05(default, latest),v470.199.02(R470 for K80 compatibility) |
Promoted to stable.
September 26, 2023
cos-beta-109-17800-0-45
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.42 | v24.0.5 | v1.7.2 | v535.104.05(default),v470.199.02(R470) |
Fixed an issue where IPv6 networking would fail under high CPU load.
Fixed CVE-2023-40217 in the dev-lang/python package.
Updated dev-lang/go to 1.21.1. This fixes CVE-2023-39318 and CVE-2023-39319.
Fixed CVE-2023-4921 in the Linux kernel.
Fixed CVE-2023-4569 in the Linux kernel.
September 18, 2023
cos-beta-109-17800-0-37
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.42 | v24.0.5 | v1.7.2 | v535.104.05(default),v470.199.02(R470) |
Updated cos-gpu-installer to v2.1.8.
Fixed an issue where symlinks could not be moved.
Fixed an issue with NFS reconnects on GKE.
Fixed CVE-2023-4015, CVE-2023-4622, CVE-2023-4623 in the kernel.
September 11, 2023
cos-beta-109-17800-0-32
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.42 | v24.0.5 | v1.7.2 | v535.104.05(default),v470.199.02(R470) |
Updated latest GPU driver to v535.104.05.
September 07, 2023
cos-beta-109-17800-0-31
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.42 | v24.0.5 | v1.7.2 | v535.54.03(default),v470.199.02(R470) |
Updated dev-go/go-tools to v0.11.1_p20230712.
Updated dev-lang/go to v1.21.0.
The get_metadata_value script will now retry if it experiences a connection error.
Enabled persistence mode with Nvidia GPU driver installation.
Fixed an issue in ip6tables where the -C option did not
work correctly.
Upgraded sys-fs/mdadm to v4.2. This resolves CVE-2023-28938 and CVE-2023-28736.
Fixed CVE-2023-4016 in sys-process/procps.
Fixed CVE-2022-40896 in pygments package.
Fixed CVE-2023-33953 in the Linux kernel.
Runtime sysctl changes:
- Added: kernel.io_uring_disabled: 0
August 21, 2023
cos-beta-109-17800-0-13
| Kernel | Docker | Containerd | GPU Drivers |
| COS-6.1.42 | v24.0.5 | v1.7.2 | v535.54.03(default),v470.199.02(R470) |
Updated app-containers/docker-cli to 24.0.5.
Updated app-containers/docker to 24.0.5.
Updated dev-go/yaml to v3.0.1. This resolves CVE-2022-28948.
Updated dev-libs/openssl to v3.0.10. This resolves CVE-2023-3817.
Fixed CVE-2023-4147 in the Linux kernel.
Fixed CVE-2023-4194 in the Linux kernel.
August 14, 2023
cos-beta-109-17800-0-8
| Date | Kernel | Docker | Containerd | GPU Drivers |
| Aug 14, 2023 | COS-6.1.42 | v24.0.4 | v1.7.2 | v535.54.03(default),v470.199.02(R470) |
Updates to Major Packages:
Updated cos-gpu-installer to v2.1.4. Some key features of this update include:
- Support for gsp_tu10x.bin and gsp_ad10x.bin gsp firmware files and removes the container dependency on python2.
- Simplifies GPU driver installation by remounting driver installation path as executable from cos-extensions.
- Support for L4 GPU in cos-gpu-installer and fixed cached driver installation for prebuilt driver modules.
- Fallback to installing compatible drivers when installer is invoked for certain GPU devices and incompatible drivers.
- Switch precompiled driver and signature location to COS build artifacts.
-
Added flag
--no-verifyto preload GPU drivers with no GPU attached. - Added support for NVIDIA R535 drivers by preparing gsp_ga10x.bin firmware file.
-
Added flag
--module-argto specify kernel module parameters. -
Switch generic NVIDIA driver installer download url in cos-gpu-installer from us.downloads.nvidia to gs://nvidia-drivers-
-public. - Fix permission issue in GPU driver install directory with OSS drivers.
Updated default and latest drivers to v535.54.03 (NVIDIA LTSB).
This also resolves: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198,
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194,
CVE-2023-0195, CVE-2023-0191. CVE-2023-25515 and
CVE-2023-25516.
Also updated R470 drivers to 470.199.02. This also resolves:
CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
Updated systemd to v253.3.
Updated Docker and docker-cli to v24.0.4.
Updated kubernetes to v1.27.3.
Updated containerd to 1.7.2. This also resolves CVE-2023-25173 and CVE-2023-25153.
Updated runc to 1.1.7. This also resolves CVE-2023-25809 and CVE-2023-27561.
Updated docker-credential-gcr to v2.1.10.
Updated cloud-init to v23.1.2.
Updated oslogin to v20230531.00.
Updated google-osconfig-agent to v20230706.02.
Updated google-guest-agent to v20230628.00.
Updated google-guest-configs to v20230526.00.
Upgraded localtoast from v1.1.5.1 to v1.1.6.
Updated sosreport to v4.5.4.
Updated toolbox to v20230714.
New Features and Changes in the Linux Kernel:
Updated the Linux kernel to v6.1.40.
Disabled CONFIG_DEBUG_CREDENTIALS in the kernel due to its performance impact on some container workloads.
Add MAX_SKB_FRAGS configuration in the Linux kernel.
Updated the gvnic driver in the Linux kernel.
Enabled support for MGLRU in the Linux kernel.
Enabled vrf, ip_gre, and ip6_gre modules.
Enabled TDX Guest support in the Linux Kernel.
Added kernel support for nftables.
Enabled the following kernel configs: CONFIG_AMD_IOMMU,
CONFIG_AMD_IOMMU_V2 and INET_DIAG_DESTROY.
Added kernel modules for SquashFS, RAID1, and DM RAID.
New Features and Changes in the Image:
Installed fluent-bit for stackdriver logging in x86 images. See this page for more details.
Added nvidia-container-toolkit v1.13.5.
Retry starting systemd-networkd permanently in case of failure instead of default limit of 5.
Enabled fluent-bit to use customized configuration.
Enabled KVM-based nested virtualization for the x86 architecture.
Add noexec, nodev, nosuid to /etc/resolv.conf bind mount. Fixes
EPERM errors when running a pod in UserNS in COS.
Increase /dev/stateful wait timeout with protected stateful partition.
Allowed preloading GPU driver dependencies through cos-extensions.
Toolbox is now compatible with both Artifact Registry (AR) and Google Container Registry (GCR).
Use the Fluent-bit logging agent when the google-logging-use-fluentbit
metadata key is true and logging is enabled.
Fixed an issue where chronyd does not restart after failure, resulting in the system time being out of sync.
Fixed an issue where pstore is not cleaned at boot time if COS metrics are disabled.
Fixed containers losing access to GPUs with error "Failed to initialize NVML: Unknown error".
Removed support for Rust symbol demangling in google-breakpad.
CVE/Security Fixes:
Upgraded net-misc/curl to v8.1.2. This resolves CVE-2022-43552.
Upgraded net-misc/openssh package to v9.3. This resolves CVE-2023-28531 and CVE-2023-25136.
Updated dev-libs/openssl to v3.0.9. This resolves CVE-2023-2650, CVE-2022-4450, CVE-2023-0215, CVE-2022-4304, CVE-2023-0286, CVE-2023-0464, CVE-2023-1255, CVE-2023-0465 and CVE-2023-0466.
Fixed CVE-2023-24329, CVE-2015-20107, CVE-2020-10735, CVE-2021-28861, and CVE-2022-45061 in dev-lang/python.
Fixed ncurses upgrade to 6.4p20220423. This resolves CVE-2023-29491.
Updated the dev-libs/libxml2 package to 2.10.4. This resolves CVE-2023-28484.
Updated app-editors/vim, app-editors/vim-core to v9.0.1562. This resolves CVE-2023-2609, CVE-2023-2610, CVE-2023-2426, CVE-2023-0512, CVE-2023-1127, CVE-2023-1175, CVE-2023-1170, CVE-2023-1355 and CVE-2023-1264.
Updated to pick up CVE-2023-0394 patch for ipv6 raw.
Updated to pick up CVE-2023-0386 and CVE-2023-1281 patches for net-sched in the kernel.
Updated to pick up CVE-2023-0179 patch for netfilter in kernel.
Upgraded dev-libs/confuse to v3.3 and fixed CVE-2022-40320.
Upgraded dev-python/cryptography to v39.0.1. This resolves CVE-2023-23931.
Fixed CVE-2022-48303 in app-arch/tar.
Fixed CVE-2022-2928 and CVE-2022-2929 in net-misc/dhcp.
Upgraded sys-fs/cryptsetup from 2.3.4 to 2.4.3. This resolves CVE-2021-4122.
Updated net-fs/cifs-utils to v6.15. This resolves CVE-2022-29869, CVE-2021-20208, and CVE-2022-27239.
Fixed CVE-2021-27291 and CVE-2021-20270 in dev-python/pygments.
Updated binutils-libs to v2.40. This resolves CVE-2022-4285.
Updated dev-lang/go to v1.20.5 and dev-go/net to v0.7.0. This resolves CVE-2023-29403, CVE-2023-29404, CVE-2023-29402, CVE-2023-29405, CVE-2023-24532, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538, CVE-2023-24539, CVE-2023-24540, CVE-2023-29400, CVE-2022-41723 and CVE-2022-41725.
Upgraded sys-apps/less to v633-r1. This resolves CVE-2022-46663.
Update open-vm-tools to v12.2.5. This resolves CVE-2023-20867.
Updated open-iscsi to v2.1.8. This resolves CVE-2020-17437.
Updates for Minor packages:
Upgraded sys-apps/coreutils to v9.3.
Upgraded sys-fs/e2fsprogs to v1.47.0-r2.
Upgraded app-misc/ca-certificates to v20230311.3.90.
Upgraded app-misc/mime-types to v2.1.54.
Upgraded sys-apps/diffutils to v3.10.
Upgraded net-dns/c-ares to v1.19.1.
Upgraded sys-apps/grep to v3.11.
Upgraded sys-apps/ethtool to v6.3.
Upgraded net-misc/wget to v1.21.4.
Upgraded sys-libs/libcap to v2.69.
Upgraded sys-apps/coreutils to v9.3-r1.
Upgraded app-admin/sudo to v1.9.13_p3-r1.
Upgraded app-arch/xz-utils to v5.4.3.
Upgraded sys-apps/acl to v2.3.1-r2.
Updated iproute2 to v6.2.0.
Upgraded app-misc/jq to v1.7_pre20201109-r1.
Upgraded sys-fs/lvm2 to v2-2.03.20.
Upgraded net-libs/libnetfilter_conntrack to v1.0.9-r1.
Upgraded net-firewall/iptables to v1.8.9.
Upgraded sys-apps/dmidecode to v3.5-r2.
Upgraded sys-libs/libcap to v2.68.
Upgraded net-misc/wget to v1.21.3-r1.
Upgraded sys-apps/file to v5.44-r3.
Upgraded sys-fs/xfsprogs to v6.2.0.
Upgraded net-libs/libnfnetlink to v1.0.2.
Upgraded net-misc/rsync to v3.2.7-r2.
Upgraded sys-process/lsof to v4.98.0.
Upgraded sys-libs/libcap-ng to v0.8.3.
Upgraded sys-libs/timezone-data to v2023c.
Upgraded sys-apps/net-tools to v2.10.
Upgraded sys-apps/kexec-tools to v2.0.24.
Upgraded sys-apps/gentoo-functions to v0.19.
Upgraded sys-apps/ethtool to v6.2.
Upgraded sys-apps/attr to v2.5.1-r2.
Upgraded sys-apps/acl to v2.3.1-r1.
Upgraded net-nds/rpcbind to v1.2.6.
Upgraded net-misc/bridge-utils to v1.7.1-r1.
Upgraded net-libs/libnetfilter_queue to v1.0.5.
Upgraded net-libs/libnetfilter_cttimeout to v1.0.1.
Upgraded net-libs/libnetfilter_cthelper to v1.0.1-r1.
Upgraded net-libs/libmnl to v1.0.5.
Upgraded net-libs/gnutls to v3.8.0.
Upgraded net-fs/autofs to v5.1.8-r1.
Upgraded net-dns/libidn2 to v2-2.3.4.
Upgraded net-dns/c-ares to v1.19.0.
Upgraded net-analyzer/netcat to v110.20180111-r2.
Upgraded dev-libs/userspace-rcu to v0.13.2.
Upgraded dev-libs/re2 to v2-0.2022.12.01.
Upgraded dev-libs/popt to v1.19.
Upgraded dev-libs/libzip to v1.9.2.
Upgraded dev-libs/nettle to v3.8.1.
Upgraded dev-libs/nspr to v4.35-r1.
Upgraded dev-libs/libyaml to v0.2.5.
Upgraded dev-libs/libverto to v0.3.2.
Upgraded dev-libs/libpcre2 to v2-10.42-r1.
Upgraded dev-libs/libpcre to v8.45-r1.
Upgraded dev-libs/libgpg-error to v1.46-r1.
Upgraded dev-libs/libgcrypt to v1.10.1-r3.
Upgraded dev-libs/libevent to v2.1.12-r1.
Upgraded dev-libs/gmp to v6.2.1-r5.
Upgraded dev-libs/expat to v2.5.0.
Upgraded dev-libs/elfutils to v0.189.
Upgraded dev-libs/dbus-glib to v0.112.
Upgraded dev-db/sqlite to v3.41.0.
Upgraded app-shells/dash to v0.5.12.
Upgraded app-arch/pigz to v2.7-r1.
Upgraded app-admin/logrotate to v3.21.0.
Updated dev-go/go-sys to v0.5.0.
Updated dev-go/go-tools to 070db2996ebe3aa00667288f8e5749e867deeb39.
Upgraded bind-tools to v9.16.37.