Cobbler 3.2.2 Released

Posted by Enno on Tuesday, September 21, 2021

This is a security only release.

The Django webinterface is removed with V3.3.0 but is included in V3.2.2!

We have

Milestone: https://github.com/cobbler/cobbler/milestone/17

Diff to last release: https://github.com/cobbler/cobbler/compare/v3.2.1...v3.2.2

Breaking Changes: None

Announcements:

  • Important Security Bugfixes #2797
    • Arbitrary Read was possible through generate_script()
    • Arbitrary Write was possible through upload_log_data()
    • Log poisoning with Remote-Code-Execution was possible through any XMLRPC method which logs to the logfile.

New:

  • AlmaLinux & RockyLinux are now supported #2705

Changes: None

Bugfixes: None

Other:

  • Release preparations #2798

comments powered by Disqus

Related posts in 2021 Sep

Cobbler 3.3.0 Released
Posted on September 21, 2021
Read more
Cobbler 3.2.2 Released
Posted on September 21, 2021
Read more