# Flatcar Container Linux Release - 25th June 2024
## Alpha 4012.0.0
- AMD64-usr
- Platforms succeeded: all
- Platforms failed: none
- Platforms not tested: qemu-uefi-secure
- ARM64-usr
- Platforms succeeded: all except equinix-metal due to resources
- Platforms failed: equinix-metal due to resources
- Platforms not tested: none
VERDICT: _GO_
## Beta 3975.1.0
- AMD64-usr
- Platforms succeeded: all
- Platforms failed: none
- Platforms not tested: qemu-uefi-secure
- ARM64-usr
- Platforms succeeded: all except equinix-metal due to resources
- Platforms failed: equinix-metal due to resources
- Platforms not tested: none
VERDICT: _GO_
## Stable 3815.2.4
- AMD64-usr
- Platforms succeeded: all
- Platforms failed: none
- Platforms not tested: qemu-uefi-secure
- ARM64-usr
- Platforms succeeded: all except equinix-metal due to resources
- Platforms failed: equinix-metal due to resources
- Platforms not tested: none
VERDICT: _GO_
## LTS 3510.3.4
- AMD64-usr
- Platforms succeeded: all
- Platforms failed: none
- Platforms not tested: qemu-uefi-secure
- ARM64-usr
- Platforms succeeded: all except equinix-metal due to resources
- Platforms failed: equinix-metal due to resources
- Platforms not tested: none
VERDICT: _GO_
## Communication
---
#### Guidelines / Things to Remember
- Release notes are used in a PR and will appear on https://www.flatcar.org/releases/
- [Announcement Message](#Announcement-Message) is posted in [Flatcar-Linux-user](https://groups.google.com/g/flatcar-linux-user). Make sure to post as βFlatcar Container Linux Userβ, not with your personal user (this can be selected when drafting the post).
- Make sure the the LTS is referred to as `LTS-2021`, and not `LTS-2605`
---
### Announcement Message
Subject: Announcing new releases Alpha 4012.0.0, Beta 3975.1.0, Stable 3815.2.4 and LTS 3510.3.4
Hello,
We are pleased to announce a new Flatcar Container Linux release for Alpha 4012.0.0, Beta 3975.1.0, Stable 3815.2.4 and LTS 3510.3.4.
#### Important Announcement: Move to Docker 25
We will begin moving to **Docker 25 (or newer)** in the near future. Among other changes, Docker 25 and above **remove the devicemapper** storage driver. While new provisionings should not be affected by the change, long-lived nodes which use this back-end will break after the update.
* We plan to introduce Docker 25 (or a newer release) in the **Alpha release late July 2024**.
* We expect the Docker upgrade to **hit Stable in October 2024 the earliest**.
Any nodes using the devicemapper storage driver will lose access to all docker state (local container images and stopped containers) after this update. Please *participate in Beta testing and run Beta canaries* if you suspect you might be affected.
If you are reading this after Docker 25 hits stable in late 2024 and want to keep using Docker 24 while still updating to the latest OS release, please consider masking Docker 25 altogether and using the Docker 24 sysext from our [sysext-bakery](https://github.com/flatcar/sysext-bakery?tab=readme-ov-file#systemd-sysext).
Please find a full, up-to-date list of deprecated and removed features across Docker versions here: [https://github.com/docker/cli/blob/master/docs/deprecated.md](https://github.com/docker/cli/blob/master/docs/deprecated.md)
We will also discuss the docker upgrade and provide status updates in our [Office Hours](https://github.com/flatcar/Flatcar/discussions/categories/flatcar-office-hours?discussions_q=category%3A%22Flatcar+Office+Hours%22+is%3Aopen) and [Developer Sync](https://github.com/flatcar/Flatcar/discussions/categories/flatcar-developer-sync%22+is%3Aopen) calls.
#### Alpha 4012.0.0
_Changes since **Alpha 3975.0.0**_
#### Bug fixes:
- Fixed issue file generation from `/etc/issue.d` ([scripts#2018](https://github.com/flatcar/scripts/pull/2018))
#### Changes:
- Added Akamai / Linode images ([flatcar/scripts#1806](https://github.com/flatcar/scripts/pull/1806))
- Provided a Python Flatcar extension as optional systemd-sysext image with the release. Write 'python' to `/etc/flatcar/enabled-sysext.conf` through Ignition and the sysext will be installed during provisioning ([scripts#1979](https://github.com/flatcar/scripts/pull/1979))
- OpenStack: Changed metadata hostname source order. The service first tries with the config drive then fallback on the metadata service. ([bootengine#96](https://github.com/flatcar/bootengine/pull/96))
- Removed unused grub executable duplicate files and removed grub modules that are already assembled in the grub executable ([scripts#1955](https://github.com/flatcar/scripts/pull/1955)).
- libcrypt is now provided by the libxcrypt library instead of glibc. Glibc libcrypt was deprecated long time ago.
#### Updates:
- Ignition ([2.19.0](https://coreos.github.io/ignition/release-notes/#ignition-2190-2024-06-05))
- Linux ([6.6.35](https://lwn.net/Articles/979262) (includes [6.6.34](https://lwn.net/Articles/978593), [6.6.33](https://lwn.net/Articles/978141), [6.6.32](https://lwn.net/Articles/975075) and [6.6.31](https://lwn.net/Articles/974072)))
- Linux Firmware ([20240610](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20240610))
- Rust ([1.79.0](https://github.com/rust-lang/rust/releases/tag/1.79.0) (includes [1.78.0](https://github.com/rust-lang/rust/releases/tag/1.78.0)))
- afterburn ([5.6.0](https://coreos.github.io/afterburn/release-notes/#afterburn-560))
- ca-certificates ([3.101](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_101.html))
- containerd ([1.7.18](https://github.com/containerd/containerd/releases/tag/v1.7.18))
#### Beta 3975.1.0
_Changes since **Beta 3941.1.0**_
#### Security fixes:
- expat ([CVE-2023-52425](https://nvd.nist.gov/vuln/detail/CVE-2023-52425), [CVE-2024-28757](https://nvd.nist.gov/vuln/detail/CVE-2024-28757))
- gnutls ([CVE-2024-28834](https://nvd.nist.gov/vuln/detail/CVE-2024-28834), [CVE-2024-28835](https://nvd.nist.gov/vuln/detail/CVE-2024-28835))
- intel-microcode ([CVE-2023-22655](https://nvd.nist.gov/vuln/detail/CVE-2023-22655), [CVE-2023-28746](https://nvd.nist.gov/vuln/detail/CVE-2023-28746), [CVE-2023-38575](https://nvd.nist.gov/vuln/detail/CVE-2023-38575), [CVE-2023-39368](https://nvd.nist.gov/vuln/detail/CVE-2023-39368), [CVE-2023-43490](https://nvd.nist.gov/vuln/detail/CVE-2023-43490))
- less ([CVE-2024-32487](https://nvd.nist.gov/vuln/detail/CVE-2024-32487))
- SDK: python ([CVE-2023-6597](https://nvd.nist.gov/vuln/detail/CVE-2023-6597), [CVE-2024-0450](https://nvd.nist.gov/vuln/detail/CVE-2024-0450), [gh-81194](https://github.com/python/cpython/issues/81194), [gh-113659](https://github.com/python/cpython/issues/113659), [gh-102388](https://github.com/python/cpython/issues/102388), [gh-114572](https://github.com/python/cpython/issues/114572), [gh-115243](https://github.com/python/cpython/issues/115243))
#### Bug fixes:
- Fixed issue file generation from `/etc/issue.d` ([scripts#2018](https://github.com/flatcar/scripts/pull/2018))
#### Changes:
- Added KubeVirt qcow2 image for amd64/arm64 ([flatcar/scripts#1962](https://github.com/flatcar/scripts/pull/1962))
- Added azure-nvme-utils to the image, which is used by udev to create symlinks for NVMe disks on Azure v6 instances under /dev/disk/azure/. ([scripts#1950](https://github.com/flatcar/scripts/pull/1950))
- Backported systemd-sysext mutable overlays functionality from yet-unreleased systemd v256. ([flatcar/scripts#1753](https://github.com/flatcar/scripts/pull/1753))
- Provided a Podman Flatcar extension as optional systemd-sysext image with the release. Write 'podman' to `/etc/flatcar/enabled-sysext.conf` through Ignition and the sysext will be installed during provisioning ([scripts#1964](https://github.com/flatcar/scripts/pull/1964))
- OpenStack: Changed metadata hostname source order. The service first tries with the config drive then fallback on the metadata service. ([bootengine#96](https://github.com/flatcar/bootengine/pull/96))
#### Updates:
- Linux ([6.6.35](https://lwn.net/Articles/979262) (includes [6.6.34](https://lwn.net/Articles/978593), [6.6.33](https://lwn.net/Articles/978141), [6.6.32](https://lwn.net/Articles/975075) and [6.6.31](https://lwn.net/Articles/974072)))
- Linux Firmware ([20240513](https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tag/?h=20240513))
- Rust ([1.77.2](https://github.com/rust-lang/rust/releases/tag/1.77.2))
- ca-certificates ([3.101](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_101.html))
- containerd ([1.7.17](https://github.com/containerd/containerd/releases/tag/v1.7.17) (includes [1.7.16](https://github.com/containerd/containerd/releases/tag/v1.7.16)))
- expat ([2.6.2](https://github.com/libexpat/libexpat/blob/R_2_6_2/expat/Changes) (includes [2.6.1](https://github.com/libexpat/libexpat/blob/R_2_6_1/expat/Changes) and [2.6.0](https://github.com/libexpat/libexpat/blob/R_2_6_0/expat/Changes)))
- gnutls ([3.8.5](https://lists.gnupg.org/pipermail/gnutls-help/2024-April/004846.html) (includes [3.8.4](https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html)))
- intel-microcode ([20240312](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240312))
- libunistring ([1.2](https://savannah.gnu.org/news/?id=10599))
- systemd ([255.4](https://github.com/systemd/systemd-stable/commits/v255.4/))
- SDK: python ([3.11.9](https://www.get-python.org/downloads/release/python-3119/))
_Changes since **Alpha 3975.0.0**_
#### Bug fixes:
- Fixed issue file generation from `/etc/issue.d` ([scripts#2018](https://github.com/flatcar/scripts/pull/2018))
#### Changes:
- OpenStack: Changed metadata hostname source order. The service first tries with the config drive then fallback on the metadata service. ([bootengine#96](https://github.com/flatcar/bootengine/pull/96))
#### Updates:
- Linux ([6.6.35](https://lwn.net/Articles/979262) (includes [6.6.34](https://lwn.net/Articles/978593), [6.6.33](https://lwn.net/Articles/978141), [6.6.32](https://lwn.net/Articles/975075) and [6.6.31](https://lwn.net/Articles/974072)))
- ca-certificates ([3.101](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_101.html))
#### Stable 3815.2.4
_Changes since **Stable 3815.2.3**_
#### Changes:
- Added azure-nvme-utils to the image, which is used by udev to create symlinks for NVMe disks on Azure v6 instances under /dev/disk/azure/. ([scripts#1950](https://github.com/flatcar/scripts/pull/1950))
#### Updates:
- Linux ([6.1.95](https://lwn.net/Articles/979261) (includes [6.1.94](https://lwn.net/Articles/978594), [6.1.93](https://lwn.net/Articles/978139), [6.1.92](https://lwn.net/Articles/975076) and [6.1.91](https://lwn.net/Articles/974074)))
- ca-certificates ([3.101](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_101.html))
#### LTS 3510.3.4
_Changes since **LTS 3510.3.3**_
#### Updates:
- Linux ([5.15.161](https://lwn.net/Articles/978595) (includes [5.15.160](https://lwn.net/Articles/975078), [5.15.159](https://lwn.net/Articles/974075), [5.15.158](https://lwn.net/Articles/972213), [5.15.157](https://lwn.net/Articles/971365), [5.15.156](https://lwn.net/Articles/970174) and [5.15.155](https://lwn.net/Articles/969736)))
- ca-certificates ([3.101](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_101.html) (includes [3.100](https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_100.html)))
Best,
The Flatcar Container Linux Maintainers
---
### Communication
#### Go/No-Go message for Matrix/Slack
Go/No-Go Meeting for Alpha 4012.0.0, Beta 3975.1.0, Stable 3815.2.4 and LTS 3510.3.4
Pre-view images are available in https://bincache.flatcar-linux.net/images/amd64/$VERSION/
Tracking issue: https://github.com/flatcar/Flatcar/issues/1479
The Go/No-Go document is in our HackMD @flatcar namespace
Link: https://hackmd.io/rrikOpZwQHCW6ga94m83BQ?view
Please give your Go/No-Go vote with π for Go, β for No-Go, and β for Wait.
Contributors & community feel free to put your suggestions, thoughts or comments on the document or here in the chat.
@MAINTAINER @MAINTAINER @MAINTAINER
#### Mastodon
_The toot (from [@flatcar](https://hachyderm.io/@flatcar)) goes out after the changelog update has been published; it includes a link to the web changelog._
New Flatcar releases for all channels are now available!
π Akamai support and Python sysext image on Alpha
π οΈ Systemd mutable sysext functionality comes to Beta
π CVE fixes & security patches: Linux, gnuTLS
π Release notes at the usual spot: https://www.flatcar.org/releases/
#### Kubernetes Slack
_This goes in the #flatcar channel_
Please welcome Flatcar releases of this month:
- Alpha 4012.0.0 (new major)
- Beta 3975.1.0 (major release)
- Stable 3815.2.4 (maintenance release)
- LTS-2023 3510.3.4 (maintenance release)
These releases include:
π Akamai support and Python sysext image on Alpha
π οΈ Systemd mutable sysext functionality comes to Beta
π¦ Many package updates: Linux, containerd
π CVE fixes & security patches: Linux, gnuTLS
π Release notes at the usual spot: https://www.flatcar.org/releases/
Sign in with Wallet
Connect another wallet