System Module and Component Updates in VEOS 8.10

Updated Modules

  • Nginx: updated from version 1.20.1 to 1.22.1.
  • Node.js: updated from version 18.x to 20.x.

Updated Components

  • CMake: updated from version 3.20.2 to 3.26.5.
  • Git: updated from version 2.31.1 to 2.39.3.
  • Ruby: updated from version 3.1.2 to 3.1.4.
  • PHP: updated from version 8.0.27 to 8.0.30.
  • MariaDB: updated from version 10.5.16 to 10.5.22.

Compiler Updates

  • GCC Toolset 13 added.
  • Go Toolset: updated from version 1.18.9 to 1.20.1.

Performance Monitoring Tool Updates

  • PCP: updated from version 5.3.7-7 to 5.3.7-18.
  • Grafana: updated from version 7.5.15 to 9.2.10.

Graphics Subsystem

  • Mesa: updated from version 22.3.0 to 23.1.4.

Security Updates

  • Kernel update:
    • Kernel updated from version 4.18.0-477.13.1 to 4.18.0-513.11.1.
    • Security vulnerabilities fixed: CVE-2023-3609, CVE-2023-3611, CVE-2023-3776, CVE-2023-4128, CVE-2023-30456 (KVM subsystem), CVE-2022-4744 (tun driver).
    • Improved memory management stability and security.
    • Added support for CONFIG_INET_DIAG_DESTROY for network diagnostics.
    • Fixed use-after-free bugs and reference counter leaks in network schedulers.
    • Updated the SCSI (lpfc) driver: improved RSCN event handling and device recovery.
    • Improved userfaultfd behavior during THP migration and the fork() process.
  • Libreswan:
    • Updated from version 4.5 to 4.12.
    • Fixed vulnerabilities CVE-2023-38710, CVE-2023-38711, and CVE-2023-38712.
    • Improved stability and security when using IKEv1 in Aggressive Mode (CVE-2023-30570, rhbz#2187179).
  • firewalld:
    • Updated from version 0.9.3 to 0.9.11, including a number of stability and security improvements.

Package Changes

Added

  • gcc-toolset-13: Modern GCC 13 toolset with support for multiple development tools.
  • gcc-toolset-13-annobin: Binary annotation tool for security analysis.
  • gcc-toolset-13-binutils: Utilities for working with object files and linking.
  • gcc-toolset-13-dwz: Tool for compressing DWARF debugging information.
  • gcc-toolset-13-gcc: GCC 13 compiler (C, C++, and others).
  • gcc-toolset-13-gdb: GDB debugger compatible with GCC 13.
  • inkscape1: SVG vector graphics editor.
  • jakarta-activation2: Jakarta Activation API for working with data types.
  • java-21-openjdk: Open-source implementation of the Java SE 21 platform.
  • jaxb: Java Architecture for XML Binding — XML ↔ Java conversion.
  • jaxb-api4: API interfaces for JAXB.
  • jaxb-dtd-parser: DTD parser for JAXB.
  • jaxb-istack-commons: Common libraries used by JAX.
  • jaxb-stax-ex: StAX extensions for JAXB.
  • libtracefs: Access library for the tracefs filesystem (debugging and profiling).
  • libwpe: WPE library for embedded web rendering.
  • mpdecimal: Library for precise decimal arithmetic (IEEE 754 compliant).
  • opencsd: CoreSight trace decoder (ARM architecture).
  • perl-Mail-AuthenticationResults: Perl module for processing and generating Authentication-Results headers.
  • python-tomli: Read-only TOML parser for Python.

Removed

  • insights-client: Diagnostic data collection utility, deprecated and no longer used in VEOS.
  • maven-shared: Component for Maven plugins, no longer used in the current build infrastructure.
  • relaxngcc: Java class generator from RELAX NG schemas, removed as an obsolete tool.
  • scala: JVM programming language, removed because current VEOS packages no longer depend on Scala.

Was this information helpful?