From 3062cc73fb5487b2a62a3fa794c2a9bfbeac7df0 Mon Sep 17 00:00:00 2001 From: Will Szumski Date: Fri, 29 Sep 2023 11:36:19 +0100 Subject: [PATCH] Bump Rocky 8 snapshots This brings in the CPU vulnerability fixes for: - Zenbleed - Downfall --- etc/kayobe/pulp-repo-versions.yml | 7 ++++++- etc/kayobe/pulp.yml | 4 ++-- .../bump-rocky8-snapshots-2023-09-29-e115427edd3334c7.yaml | 7 +++++++ 3 files changed, 15 insertions(+), 3 deletions(-) create mode 100644 releasenotes/notes/bump-rocky8-snapshots-2023-09-29-e115427edd3334c7.yaml diff --git a/etc/kayobe/pulp-repo-versions.yml b/etc/kayobe/pulp-repo-versions.yml index 46b8dbbb5..f2f8b6b25 100644 --- a/etc/kayobe/pulp-repo-versions.yml +++ b/etc/kayobe/pulp-repo-versions.yml @@ -22,7 +22,7 @@ stackhpc_pulp_repo_elasticsearch_logstash_kibana_7_x_version: 20230727T144020 stackhpc_pulp_repo_epel_9_version: 20230302T031902 stackhpc_pulp_repo_elrepo_9_version: 20230907T075311 stackhpc_pulp_repo_epel_modular_version: 20220913T043117 -stackhpc_pulp_repo_epel_version: 20230206T150339 +stackhpc_pulp_repo_epel_version: 20230929T005202 stackhpc_pulp_repo_grafana_version: 20230903T003752 stackhpc_pulp_repo_mariadb_10_6_centos8_version: 20230815T010124 stackhpc_pulp_repo_mlnx_ofed_5_7_1_0_2_0_rhel8_6_version: 20220920T151419 @@ -41,6 +41,11 @@ stackhpc_pulp_repo_rocky_8_7_baseos_version: 20221202T032715 stackhpc_pulp_repo_rocky_8_7_extras_version: 20221201T192704 stackhpc_pulp_repo_rocky_8_7_nfv_version: 20221202T032715 stackhpc_pulp_repo_rocky_8_7_powertools_version: 20221202T032715 +stackhpc_pulp_repo_rocky_8_8_appstream_version: 20230928T024829 +stackhpc_pulp_repo_rocky_8_8_baseos_version: 20230928T024829 +stackhpc_pulp_repo_rocky_8_8_extras_version: 20230928T024829 +stackhpc_pulp_repo_rocky_8_8_nfv_version: 20230922T023520 +stackhpc_pulp_repo_rocky_8_8_powertools_version: 20230928T024829 stackhpc_pulp_repo_rocky_9_1_appstream_version: 20230228T044432 stackhpc_pulp_repo_rocky_9_1_baseos_version: 20230228T044432 stackhpc_pulp_repo_rocky_9_1_crb_version: 20230228T044432 diff --git a/etc/kayobe/pulp.yml b/etc/kayobe/pulp.yml index 4ec4cfb82..35837c22f 100644 --- a/etc/kayobe/pulp.yml +++ b/etc/kayobe/pulp.yml @@ -217,8 +217,8 @@ stackhpc_pulp_sync_centos_stream8: "{{ os_distribution == 'centos' }}" # Whether to sync Rocky Linux 8 packages. stackhpc_pulp_sync_rocky_8: "{{ os_distribution == 'rocky' and os_release == '8' }}" -# Rocky 8 minor version number. Supported values: 6, 7 -stackhpc_pulp_repo_rocky_8_minor_version: 7 +# Rocky 8 minor version number. Supported values: 6, 7, 8 +stackhpc_pulp_repo_rocky_8_minor_version: 8 # Rocky 8 Snapshot versions. The defaults use the appropriate version from # pulp-repo-versions.yml for the selected minor release. stackhpc_pulp_repo_rocky_8_appstream_version: "{{ lookup('vars', 'stackhpc_pulp_repo_rocky_8_%s_appstream_version' % stackhpc_pulp_repo_rocky_8_minor_version) }}" diff --git a/releasenotes/notes/bump-rocky8-snapshots-2023-09-29-e115427edd3334c7.yaml b/releasenotes/notes/bump-rocky8-snapshots-2023-09-29-e115427edd3334c7.yaml new file mode 100644 index 000000000..f44c44d98 --- /dev/null +++ b/releasenotes/notes/bump-rocky8-snapshots-2023-09-29-e115427edd3334c7.yaml @@ -0,0 +1,7 @@ +--- +security: + - | + The Rocky 8 minor version has been bumped to 8.8 and new snapshots have + been created to include fixes for Zenbleed (CVE-2023-20593), Downfall + (CVE-2022-40982). It is recommended that you update your OS packages and + reboot into the kernel as soon as possible.