Bottlerocket Versions Save

An operating system designed for hosting containers

v1.19.4

1 month ago

OS Changes

  • Update kernel to 5.10.213, 5.15.152, 6.1.82 (#3865)
  • Update containerd to 1.6.31 (#3869)

v1.19.3

1 month ago

OS Changes

  • Update kernel to 5.10.210, 5.15.149, 6.1.79 (#3853)
  • Update third party packages (#3793, #3832)
  • Update host containers (#3837)
  • Support auditctl in bootstrap containers (#3831)

Orchestrator Changes

Kubernetes

  • Add latest instance types to eni-max-pods mapping (#3824)

ECS

Build Changes

  • Update Rust dependencies (#3830)
  • Update Go dependencies (#3830)
  • twoliter updated to v0.0.7 (#3839)

v1.19.2

2 months ago

OS Changes

  • Update third party packages (#3789)
  • Update kernel to 5.10.209, 5.15.148, 6.1.77 (#3797)
  • Add AWS settings extension (#3738, #3770)
  • Allow CSI helpers in the SELinux policy (#3779)
  • Update to latest NVIDIA drivers (#3798)

Orchestrator Changes

Kubernetes

  • Enable NVIDIA GPU isolation using volume mounts (#3718 thanks @chiragjn , #3790)
  • Clean up CNI results cache on boot (#3792)

ECS

  • Add settings.ecs.enable-container-metadata (#3782)

Build Changes

  • Adjust certdog to utilize a configuration file instead of the API server (#3706, #3778, #3787)
  • Don't use parallel make for shim package (#3771)
  • Renumber unit files in release package (#3769)
  • Ignore EKS patches for k8s-1.23 in Git (#3774)

v1.19.1

3 months ago

OS Changes

  • Update kernel to 5.10.209, 5.15.148 (#3765)
  • Update host containers (#3763)

Orchestrator Changes

Kubernetes

  • Mark pause container image as "pinned" to prevent garbage collection (#3757)

ECS

  • Update Docker engine and Docker CLI to v25.0.2 (#3759)
  • Update ECS agent to 1.81.0 (#3759)
  • Update AWS SSM agent to 3.2.2222.0 (#3762)

v1.19.0

3 months ago

OS Changes

  • Adjust unit dependencies for systemd-sysusers (#3720)
  • Update third party packages (#3722, #3750)
  • Add kernel settings extension (#3727)
  • Update kernel to 5.10.205, 5.15.145, 6.1.72 (#3734)
  • Update runc to 1.1.12 and containerd to 1.6.28 (#3751)

Orchestrator Changes

Kubernetes

  • Add latest instance types to eni-max-pods mapping (#3741)
  • Drop Kubernetes 1.24 Metal and VMware variants (#3742)

ECS

  • Add additional ECS settings for ECS_BACKEND_HOST and ECS_AWSVPC_BLOCK_IMDS (#3749)

Build Changes

  • twoliter updated to v0.0.6 (#3744)

v1.18.0

4 months ago

OS Changes

  • Remove unused runc SELinux policy rule (#3673)
  • Update third party packages (#3692)
  • Fix creation of kprobes using unqualified names (#3699, #3708)
  • Update host containers (#3704)
  • Update kernel to 5.10.205, 5.15.145, 6.1.66 (#3686, #3708)
  • Add container-registry settings extension (#3674)
  • Add updates settings extension (#3689)

Orchestrator Changes

Kubernetes

  • Add Kubernetes 1.29 variants (#3628)
  • Update Kubernetes 1.23 to release 33 (#3692)
  • Add latest instance types to eni-max-pods mapping (#3695)

ECS

  • Update ecs-agent to 1.79.2 (#3692)

Build Changes

  • Export symbols for packages that include dynamically linked Go binaries (#3680)
  • Update to Bottlerocket SDK v0.37.0 (#3690)
    • Upgrades to Go 1.21.5

v1.17.0

5 months ago

OS Changes

  • Generate valid hostname when IPv6 reverse lookup fails (#3592)
  • Avoid mounting the EFI system partition at /boot (#3591)
  • Update kernel to 5.10.201, 5.15.139, 6.1.61 (#3611, #3643)
  • Switch to async tough (#3566 thanks @phu-cinemo)
  • Update host containers (#3646)
  • Move template migrations to schnauzer v2 (#3633)
  • Handle proxy credentials properly in pluto (#3639, #3667)
  • Update third party packages (#3612, #3642)

Orchestrator Changes

Kubernetes

  • Update nvidia-k8s-device-plugin to address CVEs (#3612)
  • Update to Kubernetes 1.28.4 (#3612)
  • Update to Kubernetes 1.27.8 (#3612)
  • Update to Kubernetes 1.26.11 (#3612)
  • Update to Kubernetes 1.25.16 (#3612)

ECS

  • Update ecs-agent to address CVEs (#3612)

Build Changes

  • Update to Bottlerocket SDK v0.36.1 (#3640, #3670)

v1.16.1

6 months ago

OS Changes

  • Update open-vm-tools to 12.3.5 to address CVE-2023-34058 and CVE-2023-34059 (#3553)
  • Update NVIDIA drivers to 470.223.02 and 535.129.03 to address CVE‑2023‑31022 and CVE‑2023‑31018 (#3561)
  • Improvements to Bottlerocket CIS benchmark checks (#3552 #3562 #3564)
  • Regenerate updog proxy configuration when settings.network.proxy gets updated (#3578)
  • kernel: Update to 5.10.198, 5.15.136, and 6.1.59 (#3572)

Orchestrator Changes

Kubernetes

  • Update Kubernetes versions to address HTTP v2 x/net CVE-2023-39325 (#3581)
  • Avoid specifying hostname-override kubelet option if cloud-provider is set to aws (#3582)

v1.16.0

6 months ago

OS Changes

  • Adjust netlink timeout to prevent interfaces from entering a failed state (#3520)
  • Update third-party packages (#3535)
  • Add XFS CLI utilities for managing XFS-formatted storage (#3444)
  • Add facilities to auto-load kernel modules (#3460)
  • Update to kernels 5.10.197, 5.15.134, and 6.1.55 (#3509 #3542)
  • Fix reporting for Bottlerocket CIS Benchmark 4.1.2 (#3547)
  • Update systemd to 252.18 (#3533)
  • Allow fanotify permission events for trusted subjects in SELinux policy (#3540)

Orchestrator Changes

Kubernetes

  • Drop Kubernetes 1.23 Metal and VMware variants (#3531)

ECS

  • Update ecs-agent (#3535)

Build Changes

  • Update to Bottlerocket SDK v0.35.0 (#3528)

v1.15.1

7 months ago

OS Changes

  • Allow older ext4 snapshot volumes to be mounted in newer variants that default to xfs (#3499)
  • Update apiclient Rust dependencies (#3491)
  • Update pluto Rust dependencies (#3439)
  • Patch glibc to address CVE-2023-4806, CVE-2023-4911, and CVE-2023-5156 (#3501)
  • Update open-vm-tools to 12.3.0 to address CVE-2023-20900 (#3500)

Build Changes

  • Update twoliter to v0.0.4 (#3480)