Releases: microsoft/azurelinux
3.0.20260204
Generic Kernel version-release: kernel-6.6.121.1-1
Add Gen1 marketplace image with HWE kernel 6.12
Add llhttp to SPECS/SPECS-EXTENDED
Add option to require explicit gpg key verification for image builds
Add patches from fedora f40 to fix tests with new versions of openssl and python
Enable aarch64 HWE kernel configs for performance improvements
Enable CONFIG_FTRACE_SYSCALLS for kernel-mshv
Enable CONFIG_INET_DIAG_DESTROY for kernel
Enable CONFIG_SQUASHFS_ZSTD and CONFIG_FW_CFG_SYSFS for kernel
Enable xfrm_interface for kernel
Fix by adding useful debug message when files are missing from config
Fix containerd2 credential leak in CRI error logs
Fix crash-gcore by adding upstream set_context patch
Fix edk2 merge conflict and update changelog
Fix imager to avoid truncating arbitrary host files
Fix javacc build issue
Fix kexec-tools dependency selection
Fix OSGuard OS disk size to 30 GB
Fix podman install issue and add required dependent packages
Fix systemd network/tc stack overflow when dropping tclass or qdisc
Patch avahi for CVE-2025-68471, CVE-2025-68276, CVE-2025-68468, CVE-2026-24401
Patch bind for CVE-2025-13878
Patch cmake for CVE-2025-14017
Patch coredns for CVE-2025-68151
Patch curl for CVE-2025-14017
Patch edk2 for CVE-2025-2295, CVE-2026-22796, CVE-2025-69421, CVE-2025-69420, CVE-2025-69418, CVE-2025-68160
Patch expat for CVE-2026-24515, CVE-2026-25210
Patch fluent-bit for CVE-2025-62408
Patch glib for CVE-2025-14087, CVE-2025-14512, CVE-2026-1484
Patch glibc for CVE-2025-15281, CVE-2026-0861, CVE-2026-0915
Patch gnupg2 for CVE-2025-30258
Patch gnutls for CVE-2025-13151, CVE-2025-9820
Patch harfbuzz for CVE-2026-22693
Patch influxdb for CVE-2025-10543
Patch krb5 for CVE-2025-24528
Patch libarchive for CVE-2025-60753
Patch libpcap for CVE-2025-11961
Patch libpng for CVE-2026-22695, CVE-2026-22801
Patch libsndfile for CVE-2025-56226
Patch libtasn1 for CVE-2025-13151
Patch memcached for CVE-2026-24809
Patch mysql for CVE-2026-21948, CVE-2026-21968, CVE-2026-21941, CVE-2026-21964, CVE-2026-21936, CVE-2026-21937
Patch ntopng for CVE-2021-44964
Patch python3 for CVE-2025-13837, CVE-2025-12084, CVE-2025-13836, CVE-2026-0865, CVE-2025-11468, CVE-2026-0672
Patch python-filelock for CVE-2026-22701, CVE-2025-68146
Patch pytorch for CVE-2025-3001
Patch ruby for CVE-2025-61594
Patch telegraf for CVE-2025-10543
Patch util-linux for CVE-2025-14104
Upgrade apache-commons-compress to 1.26.1
Upgrade bcc to add subpackage libbpf-tools
Upgrade CDI to 1.62.0
Upgrade cloud-hypervisor to 48.0.246
Upgrade crash to 9.0.0
Upgrade golang to 1.25.6-1
Upgrade gnome-desktop-testing to 2021.1
Upgrade hdf5 to 1.14.6 and patch hdf5 for CVE-2025-2153, CVE-2025-2310, CVE-2025-2914, CVE-2025-2926, CVE-2025-6816, CVE-2025-2925, CVE-2025-2924, CVE-2025-44905, CVE-2025-6269, CVE-2025-6750, CVE-2025-6857, CVE-2025-7067, CVE-2025-7068, CVE-2025-6858, CVE_2025-2923, CVE-2025-2913, CVE-2025-6516, CVE-2025-6818, CVE-2025-6817, CVE-2025-6856, CVE-2025-7069
Upgrade highlight to 4.18
Upgrade ibus-libzhuyin to 1.10.4 and libpinyin to 2.10.3
Upgrade ibus-table to 1.17.16
Upgrade imagecustomizer to 1.1.0
Upgrade kernel to 6.6.119.3
Upgrade kernel to 6.6.121.1
Upgrade Kernel version-release to kernel-6.6.121.1-1
Upgrade kernel-uvm config to support extended attributes with CIFS
Upgrade Jtidy to 1.0.4
Upgrade KubeVirt to 1.6.3
Upgrade libreport to 2.17.15
Upgrade lasso to 2.9.0
Upgrade mod_auth_openidc with updated pcre2
Upgrade MOFED 24.10 to DOCA-OFED 25.07
Upgrade nginx to 1.28.1
Upgrade osgi-core to 8.0.0
Upgrade pacemaker to 3.0.1
Upgrade perl-Alien-pkgconf to 0.21; fix perl-FFI-CheckLib install issue
Upgrade perl-FFI-CheckLib to 0.31
Upgrade perl-Params-ValidationCompiler to 0.31
Upgrade perl-PkgConfig-LibPkgConf to 0.11-24
Upgrade perl-Return-MultiLevel to 0.08
Upgrade python-debtcollector to 3.0.0
Upgrade python-oslo-i18n to 6.7.1
Upgrade python-pytest-flake8 to 1.3.0
Upgrade python-zmq to 27.1.0
Upgrade rhino to 1.7.15.1
Upgrade satyr to 0.43
Upgrade suitesparse to 7.11.0
Upgrade trilead-ssh2 to 217.371.vc1d30dc5a_b_32
Upgrade rust to 1.90.0
Upgrade xbean to 4.24
Upgrade xmldb-api to 1.7.0
2.0.20260203
Generic Kernel version-release: kernel-5.15.186.1-1
Bump toolkit crypto and jwt packages
Patch avahi for CVE-2026-24401, CVE-2025-68471, CVE-2025-68468, CVE-2025-68276
Patch coredns for CVE-2025-68151
Patch cmake for CVE-2025-14017
Patch curl for CVE-2025-14017
Patch edk2 for CVE-2025-2295
Patch frr for CVE-2025-61099,CVE-2025-61100,CVE-2025-61101,CVE-2025-61102,CVE-2025-61103,CVE-2025-61104,CVE-2025-61106 & CVE-2025-61107
Patch glibc for CVE-2025-0395, CVE-2026-0915, CVE-2026-0861
Patch gnutls for CVE-2025-13151, CVE-2025-9820
Patch hvloader for CVE-2025-2295
Patch influxdb for CVE-2025-65637
Patch krb5 for CVE-2025-24528
Patch libarchive for CVE-2025-60753
Patch libpng for CVE-2026-22695, CVE-2026-22801
Patch libtasn1 for CVE-2025-13151
Patch libvirt for CVE-2025-12748
Patch libxml2 for CVE-2026-0992, CVE-2026-0990, CVE-2025-7425
Patch lua for CVE-2026-24827
Patch memcached for CVE-2026-24809
Patch nmap for CVE-2025-11961
Patch nodejs18 for CVE-2025-55131
Patch ntopng for CVE-2026-24809
Patch python3 for CVE-2026-1299, CVE-2026-0672
Patch python-urllib3 for CVE-2025-66418, CVE-2026-21441
Patch pytorch for CVE-2025-3001
Patch ruby for CVE-2025-61594
Patch rpm-ostree for CVE-2025-58160
Patch strongswan for CVE-2025-62291
Upgrade libsodium to 1.0.18-FINAL for CVE-2025-69277
Upgrade msft-golang to 1.24.12
Upgrade mysql to 8.0.45 for CVE-2026-21948, CVE-2026-21968, CVE-2026-21941, CVE-2026-21964, CVE-2026-21936, CVE-2026-21937
Upgrade toolkit crypto and jwt packages
3.0.20260107
Generic Kernel version-release: kernel-6.6.119.3
Add new subpackage libbpf-tools to the bcc package. Resulting binaries are placed in /usr/sbin/bpf-* and contain "bpf" as a prefix similar to other distros (Fedora, Alpine Linux)
Added llhttp package to SPECS-EXTENDED to build tang package
Build fix for pngcrush
Build fix for python-fixtures.
Fix for javacc build issue
Fix podman install issue and add required dependent packages
Fix Systemd network/tc stack overflow when dropping tclass or qdisc
Imagecustomizer: Fix when /boot is on an XFS filesystem (version to v1.1.0)
Make kexec-tools not depend on ethtool only, enable user to choose either ethtool or mlnx-ethtool during installation, default is ethtool.
Patch cni-plugins for CVE-2025-65637
Patch containerized-da ta-importer for CVE-2025-65637
Patch coredns for CVE- 2025-68156
Patch dcos-cli for CVE -2025-65637
patch edk2 for CVE-2025-2296 - bra nch 3.0-dev
Patch flannel for CVE- 2025-65637
Patch fluent-bit for CVE-2025-12977 [High ] and CVE-2025-12969
Patch fluent-bit for CVE-2025-62408
Patch glib for CVE-2025-14087, CVE-2025-14512 [MED IUM]
Patch gnupg2 for CVE-2025-30258
Patch grub2 for CVE-2025-61661, CVE-2025-61662 & CVE-2025-61 663
Patch influxdb for CVE-2025-10543 CVE-2025-65637
Patch keda for CVE-2025-68156 CVE-2025-68476
Patch kubernetes for CVE-2025-13281, CVE-2025-6563, CVE-2025-52881
Patch kubevirt for CVE-2025-6432 CVE-2025-64435
Patch libsoup for CVE-2025-12105
patch ntopng for CVE-2021-44964
Patch python-urllib3 for CVE-2025-66418, CVE-2025-66471
Patch python3 for CVE-2025-13837, CVE-2025-12084, CVE-2025-13836
Patch pytorch for CVE-2025-3001
Patch qtdeclarative for CVE-2025-12385
Patch telegraf for CVE-2025-10543
Patch util-linux for CVE-2025-14104
perl-Test-Simple removal from 3.0-dev.
Remove qt5-qtconnectivity and add qt6-qtconnectivity
Remove qt5-qtsensors and add qt6-qtsensors
Remove qt5-qtserialport and add qt6-qtserialport
Upgrade apache-commons-compress to 1.26.1 and address dependency buil d warnings
Upgrade booth to version 1.2
Upgrade CDI to v1.62.0
Upgrade crash to 9.0.0 and rework how vendored gdb patches are applied
Upgrade gnome-desktop-testing to version 2021.1
Upgrade gnupg2 to 2.4.9 for CV E-2025-68973
Upgrade hdf5 version to 1.14.6 and patch hdf5 for CVE-2025-2153, CVE-2025-2310, CVE-2025-2914, CVE-2025-2926, CVE-2025-6816, CVE-2025-2925, CVE-2025-2924, CVE-2025-44905,CVE-2025-6269, CVE-2025-6750, CVE-2025-6857, CVE-2025-7067, CVE-2025-7068, CVE-2025-6858, CVE_2025-2923, CVE-2025-2913, CVE-2025-6516, CVE-2025-6818, CVE-2025-6817, CVE-2025-6856, CVE-2025-7069
Upgrade highlight to version 4.18
Upgrade httpd to 2.4 .66 for CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200
Upgrade ibus-libzhuyin to version 1.10.4 and libpinyin to version 2.10.3
Upgrade ibus-table version to 1.17.16
Upgrade Jtidy to version 1.0.4
Upgrade kernel to 6.6.119.3
Upgrade KubeVirt to v1.6.3
Upgrade libpca` to 1.10.6 for CVE-2025-11961
Upgrade mariadb to 10.11.15 for CV E-2025-13699
Upgrade MOFED 24.10 to DOCA-OFED 25.07 and its dependencies
Upgrade net-snmp to 5.9.5.2 fo r CVE-2025-68615
Upgrade osgi-core to 8.0.0
upgrade pacemaker to version 3.0.1
Upgrade perl-Alien-pkgconf to version 0.21 and resolved perl-FFI-Chec kLib install failure
Upgrade perl-FFI-CheckLib to version 0.31
Upgrade perl-Params-ValidationCompiler to version 0.31.
Upgrade perl-PkgConfig-LibPkgConf to 0.11-24
Upgrade perl-Return-MultiLevel to version 0.08
Upgrade pgbouncer to 1.25.1 for CVE-2025-12819
Upgrade php to 8.3.2 9 for CVE-2025-14177, CVE-2025-14178, CVE-2025-14180
Upgrade python-filelock to 3.20.1 for CVE-2025-68146
Upgrade python-pytest-flake8 to version 1.3.0.
Upgrade python-zmq version to 27.1.0
Upgrade rhino to version 1.7.15.1
Upgrade satyr version to 0.43
Upgrade SymCrypt-OpenSSL to 1.9.4 bug fixes
Upgrade trilead-ssh2 version to 217.371.vc1d30dc5a_b_32
Upgrade tzdata to 2025c upgrade to version 2025c ( #15284)
Upgrade xbean to version 4.24
Upgrade xmldb-api to version 1.7.0
Upgraded Kernel to version: 6.6.119.3. This includes a patch for the
Added Cuda-Open-HWE driver support for AMD64
Upgraded Cuda-Open-HWE driver upgraded to 580.105.08
Upgraded MOFED 24.10 to DOCA-OFED 25.07
Fix for Systemd network/tc fix stack overflow when dropping tclass or qdisc
Fix for CPU soft lockups and iptable segfaults
2.0.20260102
Generic Kernel version-release: kernel-5.15.186.1-1
Patch cups for CVE-2025-58436, CVE-2025-61915
Patch cert-manager for CVE-2025-65637
Patch cf-cli for CVE-2025-65637
Patch cni-plugins for CVE-2025-65637
Patch containerized-data-importer for CVE-2025-65637
Patch cri-o for CVE-2025-65637
Patch dcos-cli for CVE-2025-65637
Patch flannel for CVE-2025-65637
Patch glib for CVE-2025-14512, CVE-2025-14087
Patch grub2 for CVE-2025-61661, CVE-2025-61662, CVE-2025-61663
Patch hdf5 for CVE-2025-2153, CVE-2025-2310, CVE-2025-2914, CVE-2025-2926, CVE-2025-6816, CVE-2025-2925, CVE-2025-2924, CVE-2025-44905, CVE-2025-6269, CVE-2025-6750, CVE-2025-6857, CVE-2025-7067, CVE-2025-7068, CVE-2025-6858
Patch hvloader for CVE-2025-2296
Patch influxdb for CVE-2025-10543
Patch jx for CVE-2025-65637
Patch kube-vip-cloud-provider for CVE-2025-65637
Patch kubernetes for CVE-2025-65637, CVE-2025-13281 CVE-2025-31133
Patch kubevirt for CVE-2025-65637,CVE-2025-64432, CVE-2025-64433, CVE-2025-64435, CVE-2025-64437
Patch local-path-provisioner for CVE-2025-65637
Patch libxslt for CVE-2025-7424
Patch moby-buildx for CVE-2025-65637
Patch moby-compose for CVE-2025-65637
Patch prometheus for CVE-2025-65637
Patch python-urllib3 for CVE-2025-66471, CVE-2025-66418
Patch qt5-qtbase for CVE-2025-66293
Patch reaper for CVE-2024-6485
Patch telegraf for CVE-2025-10543
Patch util-linux for CVE-2025-14104
Upgrade mariadb to 10.6.24 for CVE-2025-13699
Upgrade net-snmp to 5.9.5.2 for CVE-2025-68615
Upgrade pgbouncer to 1.25.1 for CVE-2025-12819
Upgrade php to 8.1.34 for CVE-2025-14177, CVE-2025-14178, CVE-2025-14180
Upgrade httpd to 2.4.66 for CVE-2025-55753, CVE-2025-58098, CVE-2025-59775, CVE-2025-65082, CVE-2025-66200
Upgrade tzdata to 2025c
3.0.20251206
Generic Kernel version-release: kernel-6.6.117.1-1
Added DigiCert root CAs to 'ca-certificates-base'
Enable dm-cache module
Enable kernel CONFIG_LWTUNNEL and CONFIG_SCHED_CORE
Enabled kata build on aarch64
Fix glibc ptest
Fix imagecustomizer golden container telemetry
Fix jakarta-taglibs-standard build
Fix javacc-bootstrap build
Fix jboss-interceptors build
Fix kata build on aarch64
Fix objectweb-anttask build issue
Fix python-uamqp build
Fix uw-imap build
Patch atop for CVE-2025-31160
Patch ceph for CVE-2024-47866
Patch containerd2 for CVE-2024-25621
Patch containerized-data-importer for CVE-2025-58183
Patch cups for CVE-2025-58436, CVE-2025-61915
Patch docker-buildx for CVE-2025-47913
Patch docker-compose for CVE-2025-47913
Patch fluent-bit for CVE-2025-12970
Patch gh for CVE-2025-58183
Patch glib for CVE-2025-13601
Patch haproxy for CVE-2025-11230
Patch kubernetes for CVE-2025-31133 and CVE-2025-52565
Patch libmicrohttpd for CVE-2025-59777
Patch libssh for CVE-2025-8114
Patch libtiff for CVE-2025-8961
Patch libvirt for CVE-2025-13193
Patch libxslt for CVE-2025-11731
Patch libxslt for CVE-2025-7424
Patch moby-containerd-cc for CVE-2025-64329, CVE-2024-25621
Patch moby-engine for CVE-2025-58183
Patch nodejs for CVE-2025-5222
Patch packer for CVE-2025-47913
Patch postgresql for CVE-2025-12817, CVE-2025-12818
Patch pytorch for CVE-2025-55552,CVE-2025-55560, CVE-2025-46152
Patch python3 for CVE-2025-6075
Patch qemu for CVE-2025-12464
Patch rsync for CVE-2025-10158
Patch skopeo for CVE-2025-58183
Patch unbound for CVE-2025-11411
Patch telegraf for CVE-2025-47913
Patch qemu for CVE-2025-12464
Upgrade apache-commons-collections4 to 4.4
Upgrade apache-commons-net to 3.11.0
Upgrade cups to 2.4.16 for CVE-2025-58436, CVE-2025-61915
Upgrade golang to 1.25.5 and 1.24.11
Upgrade gupnp to 1.6.9
Upgrade jdepend to 2.10
Upgrade kernel to 6.6.117.1
Upgrade kernel-hwe to 6.12.57.1
Upgrade kubevirt to 1.5.3 for CVE-2025-47913, CVE-2025-64437, CVE-2025-64433, CVE-2025-64434, CVE-2025-64432
Upgrade libpng to 1.6.52 for CVE-2025-66293, CVE-2025-64505, CVE-2025-64506, CVE-2025-65018, CVE-2025-64720
Upgrade libusbmuxd to 2.1.0, libimobiledevice to 1.3.0, libplist to 2.7.0 and usbmuxd to 1.1.1
Upgrade perl-Business-ISBN to 3.009
Upgrade perl-IO-Socket-INET6 to 2.73
Upgrade perl-Test2-Plugin-NoWarnings to 0.10
Upgrade postgresql to 16.11 for CVE-2025-12817, CVE-2025-12818
Upgrade pylint to 4.0.2 and python-astroid to 4.0.1
Upgrade python-gssapi to 1.10.0
Upgrade tzdata to 2025b
Upgrade xmlunit to 1.6
2.0.20251206
Generic Kernel version-release: kernel-5.15.186.1-1
Add DigiCert root CAs to ca-certificates-base
Fix check of unwrapped key size in openssl
Patch atop for CVE-2025-31160
Patch bind for CVE-2025-8677, CVE-2025-40778 and CVE-2025-40780
Patch ceph for CVE-2024-47866
Patch cmake for CVE-2025-5916, CVE-2025-5917, CVE-2025-5918
Patch containerized-data-importer for CVE-2025-58183
Patch cri-o for CVE-2025-58183
Patch dhcp for CVE-2024-11187
Patch fluent-bit for CVE-2025-12977 and CVE-2025-12969, CVE-2025-12970
Patch gcc for CVE-2021-32256
Patch glib for CVE-2025-13601
Patch haproxy for CVE-2025-11230
Patch kubevirt for CVE-2025-64324
Patch libssh for CVE-2025-8114, CVE-2025-8277
Patch libtiff for CVE-2025-8961
Patch libxslt for CVE-2025-11731
Patch moby-engine for CVE-2025-58183
Patch moby-containerd for CVE-2025-64329, CVE-2024-25621
Patch moby-compose for CVE-2025-47913
Patch moby-containerd-cc for CVE-2025-64329, CVE-2024-25621
Patch nodejs18 for CVE-2025-5222
Patch packer for CVE-2025-47913
Patch postgresql for CVE-2025-12817, CVE-2025-12818
Patch python3 for CVE-2025-6075
Patch pytorch for CVE-2025-55552, CVE-2025-55560
Patch qemu for CVE-2024-7409
Patch reaper for CVE-2018-19827, CVE-2018-19797, CVE-2025-12816, CVE-2025-66031 and CVE-2025-66030
Patch rsync for CVE-2025-10158
Patch skopeo for CVE-2025-58183
Patch unbound for CVE-2025-11411
Upgrade libpng to 1.6.52 for CVE-2025-64505, CVE-2025-64506, CVE-2025-65018, CVE-2025-64720, CVE-2025-66293
Upgrade msft-golang to 1.24.11
Upgrade postgresql to 14.20 for CVE-2025-12817, CVE-2025-12818
Upgrade runc to v1.2.8
Upgrade tzdata to 2025b
3.0.20251106
Generic Kernel version-release: kernel-6.6.112.1-2
Fix iperf3 for compatibility with openssl 3.3.5
Fix junitperf build issue
Fix libthai license path issue
Fix mlnx-ofa_kernel-hwe-modules conflict package name
Fix oro build error
Fix samba netlog
Patch binutils for CVE-2025-11414, CVE-2025-11412
Patch elfutils for CVE-2024-25260
Patch glibc for CVE-2025-8058
Patch libssh for CVE-2025-8277
Patch libxml2 for CVE-2025-49795
Patch lz4 for CVE-2025-62813
Patch mysql for 8 CVEs, CVE-2025-62813
Patch openssh for CVE-2025-61985, CVE-2025-61984
Patch rabbitmq-server for CVE-2025-50200
Patch python-pip for CVE-2025-50181
Patch rubygem-rexml for CVE-2025-58767
Patch qemu for CVE-2025-11234
Remove apache-commons-lang from SPECS-EXTENDED
Remove CGO_ENABLED flag from azl-otel-collector package since we have moved to go 1.25
Upgrade aspell-en to 2020.12.07
Upgrade gtk-vnc to 1.5.0
Upgrade kernel to 6.6.112.1
Upgrade kernel to enable block device writeback throttling support
Upgrade kernel version to kernel-6.6.112.1-2
Upgrade lensfun to 0.3.4
Upgrade libselinux to support SELinux policy tree at /usr/etc/selinux
Upgrade mysql to 8.0.44
Upgrade osgi-annotation to 8.1.0
Upgrade python-alsa to 1.2.14
2.0.20251106
Generic Kernel version-release: kernel-5.15.186.1-1
Enable vitess debuginfo package generation
Fix Libtiff missed release bump
Fix Samba-winbind netlogon issues
Patch binutils for CVE-2025-11082, CVE-2025-11083, CVE-2025-11412, CVE-2025-11414
Patch crash for CVE-2025-11082
Patch gdb for CVE-2021-32256, CVE-2025-11082, CVE-2025-11083, CVE-2025-5244, CVE-2025-11412, CVE-2025-11414
Patch jq for CVE-2025-9403
Patch libxml2 for CVE-2025-49795
Patch lz4 for CVE-2025-62813
Patch mysql for CVE-2025-62813
Patch openssh for CVE-2025-61985
Patch python3 for CVE-2025-8291
Patch qemu for CVE-2025-11234
Patch Rust for CVE-2025-53605
Set Kernel version: kernel-5.15.186.1-1
Upgrade Ca-certificates Msft cert change
Upgrade mysql to 8.0.44
3.0.20251030
Generic Kernel version-release: kernel-6.6.104.2-4
This release removes the self-signed, Microsoft TLS RSA Root G2 cert, from the ca-certificates-base package. The incorrect cert was added to ca-certificates-base-1:3.0.0-10. Earlier packages were not impacted. Upgrade to ca-certificates-base-1:3.0.0-13 or prebuilt-ca-certificates-base-1:3.0.0-13.
The following certificates were removed:
Microsoft TLS RSA Root G2 (self-signed, fingerprint: 21734D95A2473BE25CBFD12A84C6FBC5BC8E2414)
Microsoft TLS ECC Root G2 (self-signed, fingerprint: F82BB951BA6B8A85ADFA7515028560D1250E7237)
This release also includes a patch to fix an iperf3 regression. The regression was introduced when version 3.3.5 of OpenSSL was published
2.0.20251030
Generic Kernel version-release: kernel-5.15.186.1-1
This release solely removes the self-signed, Microsoft TLS RSA Root G2 cert, from the ca-certificates-base package. The incorrect cert was added to ca-certificates-base-2.0.0-22. Earlier packages were not impacted. Upgrade to ca-certificates-base-2.0.0-24 or prebuilt-ca-certificates-base-2.0.0-24.
The following certificates were removed:
Microsoft TLS RSA Root G2 (self-signed, fingerprint: 21734D95A2473BE25CBFD12A84C6FBC5BC8E2414)
Microsoft TLS ECC Root G2 (self-signed, fingerprint: F82BB951BA6B8A85ADFA7515028560D1250E7237)