From dc8bf1717c30b80d0f59b87645dc5c44cb477a47 Mon Sep 17 00:00:00 2001 From: Andrey Smirnov Date: Tue, 13 Sep 2022 16:01:33 +0400 Subject: [PATCH] release(v1.2.2): prepare release This is the official v1.2.2 release. Signed-off-by: Andrey Smirnov --- CHANGELOG.md | 65 +++++++++++++++++++++++++++ go.mod | 2 +- hack/release.toml | 8 +++- pkg/machinery/gendata/data/tag | 2 +- website/content/v1.2/reference/cli.md | 2 +- 5 files changed, 74 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e05cd4ad6e..9c30ed6029 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,68 @@ +## [Talos 1.2.2](https://github.com/siderolabs/talos/releases/tag/v1.2.2) (2022-09-13) + +Welcome to the v1.2.2 release of Talos! + + + +Please try out the release binaries and report any issues at +https://github.com/siderolabs/talos/issues. + +### CVE-2022-36103 + +This releases fixes [CVE-2022-36103](https://github.com/siderolabs/talos/security/advisories/GHSA-7hgc-php5-77qq). + + +### Component Updates + +* Linux: 5.15.67 + +Talos is built with Go 1.19.1. + + +### Contributors + +* Andrey Smirnov +* Noel Georgi +* Dmitriy Matrenichev + +### Changes +
8 commits +

+ +* [`9369283f5`](https://github.com/siderolabs/talos/commit/9369283f576589b19692e2f33d4b0c5359cbb759) release(v1.2.2): prepare release +* [`6ba6b91ae`](https://github.com/siderolabs/talos/commit/6ba6b91aedf96b0c401e475962bf099f438c44b0) test: fix api controller test +* [`b644fbde2`](https://github.com/siderolabs/talos/commit/b644fbde251e5432f07b72062a7afd0f8aa83fc8) fix: stop worker nodes from acting as apid routers +* [`d0a0341f6`](https://github.com/siderolabs/talos/commit/d0a0341f6bcfab9e2401b83ac6b8404314709d90) fix: never sign client certificate requests in trustd +* [`39c68b625`](https://github.com/siderolabs/talos/commit/39c68b625ba49d871adc7321918300bca44802d3) fix: include all node addresses into etcd cert SANs +* [`09140a855`](https://github.com/siderolabs/talos/commit/09140a8555c29f0046502fa936e5cbdc16fe8c6a) fix: list COSI APIs for the apid authenticator +* [`015c6d438`](https://github.com/siderolabs/talos/commit/015c6d4381325837c15f7f28333e0c61178c05f8) fix: pass a pointer to specs.Mount into protoenc.Marshal +* [`577ff4fb8`](https://github.com/siderolabs/talos/commit/577ff4fb8cbd51d21cac75cb5f0bf347cf3a7f75) chore: bump kernel to 5.15.67 +

+
+ +### Changes from siderolabs/pkgs +
1 commit +

+ +* [`0f4351f`](https://github.com/siderolabs/pkgs/commit/0f4351fced61a7854258cd584515e41fc7d903b5) chore: bump kernel to 5.15.67 +

+
+ +### Changes from talos-systems/crypto +
1 commit +

+ +* [`f60380e`](https://github.com/talos-systems/crypto/commit/f60380e39a22bf3a2eabd5ee533b1562416efd6b) feat: allow CSR template subject field to be overridden +

+
+ +### Dependency Changes + +* **github.com/siderolabs/pkgs** v1.2.0-9-gb264dc2 -> v1.2.0-10-g0f4351f +* **github.com/talos-systems/crypto** v0.3.6 -> v0.3.7 + +Previous release can be found at [v1.2.1](https://github.com/siderolabs/talos/releases/tag/v1.2.1) + ## [Talos 1.2.1](https://github.com/siderolabs/talos/releases/tag/v1.2.1) (2022-09-07) Welcome to the v1.2.1 release of Talos! diff --git a/go.mod b/go.mod index f3ce6c6b3d..df2d113a54 100644 --- a/go.mod +++ b/go.mod @@ -106,7 +106,7 @@ require ( github.com/talos-systems/grpc-proxy v0.3.1 github.com/talos-systems/net v0.3.2 github.com/talos-systems/siderolink v0.1.2 - github.com/talos-systems/talos/pkg/machinery v1.2.1 + github.com/talos-systems/talos/pkg/machinery v1.2.2 github.com/u-root/u-root v0.9.0 github.com/vishvananda/netlink v1.2.1-beta.2 github.com/vmware-tanzu/sonobuoy v0.56.9 diff --git a/hack/release.toml b/hack/release.toml index 346299c02d..ad1064fc64 100644 --- a/hack/release.toml +++ b/hack/release.toml @@ -6,7 +6,7 @@ github_repo = "siderolabs/talos" match_deps = "^github.com/((talos-systems|siderolabs)/[a-zA-Z0-9-]+)$" # previous release -previous = "v1.2.0" +previous = "v1.2.1" pre_release = false @@ -18,12 +18,16 @@ preface = """\ [notes.updates] title = "Component Updates" description="""\ -* Flannel: v0.19.2 * Linux: 5.15.67 Talos is built with Go 1.19.1. """ + [notes.security] + title = "CVE-2022-36103" + description="""\ +This releases fixes [CVE-2022-36103](https://github.com/siderolabs/talos/security/advisories/GHSA-7hgc-php5-77qq). +""" [make_deps] diff --git a/pkg/machinery/gendata/data/tag b/pkg/machinery/gendata/data/tag index 24e56e03c0..06043b8e35 100644 --- a/pkg/machinery/gendata/data/tag +++ b/pkg/machinery/gendata/data/tag @@ -1 +1 @@ -v1.2.1 \ No newline at end of file +v1.2.2 \ No newline at end of file diff --git a/website/content/v1.2/reference/cli.md b/website/content/v1.2/reference/cli.md index b8d49b9b29..3d7640d9e8 100644 --- a/website/content/v1.2/reference/cli.md +++ b/website/content/v1.2/reference/cli.md @@ -96,7 +96,7 @@ talosctl cluster create [flags] --bad-rtc launch VM with bad RTC state (QEMU only) --cidr string CIDR of the cluster network (IPv4, ULA network for IPv6 is derived in automated way) (default "10.5.0.0/24") --cni-bin-path strings search path for CNI binaries (VM only) (default [/home/user/.talos/cni/bin]) - --cni-bundle-url string URL to download CNI bundle from (VM only) (default "https://github.com/siderolabs/talos/releases/download/v1.2.1/talosctl-cni-bundle-${ARCH}.tar.gz") + --cni-bundle-url string URL to download CNI bundle from (VM only) (default "https://github.com/siderolabs/talos/releases/download/v1.2.2/talosctl-cni-bundle-${ARCH}.tar.gz") --cni-cache-dir string CNI cache directory path (VM only) (default "/home/user/.talos/cni/cache") --cni-conf-dir string CNI config directory path (VM only) (default "/home/user/.talos/cni/conf.d") --config-patch stringArray patch generated machineconfigs (applied to all node types), use @file to read a patch from file