Releases: cobbler/cobbler
Releases · cobbler/cobbler
Cobbler V3.3.7
Cobbler 3.3.7 - 2024-11-17
This release is containing again some backports from main to make Cobbler more stable for the community.
The mean reason for this release is CVE-2024-47533
59 files changed, 9948 insertions(+), 499 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/24
Diff to last release: v3.3.6...v3.3.7
Fixed
- Security: Fix issue that allowed anyone to connect to the API as admin
#cve-2024-47533 - Modules: bind - Fix bug that prevents cname entries from being generated
successfully #3812 - Fix build on RHEL9 based distributions (fence-agents-all split)
#3836 - Update Docker openSUSE Leap images to 15.6 (devel and rpms)
#3838 - Fix for Windows systems
#3840 - Docs: Add missing dependencies for source installation
#3845 - Dependent systems are not synced when the profile is changed
#3849
Cobbler 3.2.3
Cobbler 3.2.3 - 2024-11-17
The mean reason for this release is CVE-2024-47533
71 files changed, 3162 insertions(+), 1287 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/20
Diff to last release: v3.2.3...v3.2.3
Fixed
TBD
Added
TBD
Cobbler V3.3.6
Cobbler 3.3.6 - 2024-07-16
This release is containing again a lot of backports from main to make Cobbler more stable for the community.
88 files changed, 2780 insertions(+), 1078 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/23
Diff to last release: v3.3.5...v3.3.6
Added
- EFI support for "cobbler buildiso"
#3744 - Increase application version to 3.3.6
#3748 - CI: Add repository filter condition for release workflow
#3769 - Settings: Allow definition of extra settings via "extra_settings_list"
#3771
Fixed
- Fix item rename with uppercase letters
#3745 - Fix DNS append line generation of "cobbler buildiso"
#3747 - Tests: Switch to tftpd for supervisorctl tests
#3749 - S390X: Add linebreaks for param files longer then 80 characters
#3750 - Skip wrong/inconsistent collections
#3751 - tftpgen: Always generate boot menus
#3753 - Network Interface: Allow empty str for interface type
#3774 - Settings: Correct multiple missing migration points for 3.3.0
#3776 - API: Fix issue where searching for a profile by arch wasn't possible
#3779
Cobbler V3.3.5
Cobbler 3.3.5 - 2024-07-01
This release is containing again a lot of backports from main to make Cobbler more stable for the community.
103 files changed, 7771 insertions(+), 1279 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/22
Diff to last release: v3.3.4...v3.3.5
Added
- Added lazy loading of collections during application startup
#3596 - DNS: Add support for cnames with dnsmasq module (Backport release33)
#3666 - Add compatibility with the file binary version below 5.37
#3680 - Add function Item.to_dict() caching
#3702 - Add collection indices for UUID's, MAC's, IP addresses and hostnames
#3725
Fixed
Cobbler V3.3.4
Cobbler 3.3.4 - 2024-02-26
This release is containing a lot of backports from main to make Cobbler more stable for the community.
We have 99 files changed, 5816 insertions(+), 920 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/21
Diff to last release: v3.3.3...v3.3.4
Added
- SPEC: Add "cobbler-tests-containers" subpackage
#3368 - Tests: Add integration tests for "cobbler-settings"
#3382 - SPEC: Add support for Cobbler running on Ubuntu 22.04
#3413 - Add build of debs for Debian 12 Bookworm
#3566 - Add various openSUSE, SLES and SLE Micro signatures
#3589 - Settings: Added settings migration for Cobbler 3.3.4
#3592
Changed
- Distros: Enhance error message when a kernel doesn't match our regex
requirements #3194 - CI: Use Fedora Rawhide for tests to stabalize reposync tests
#3468
Fixed
- XML-RPC API: Systems - Re-enable the modify_interface call
#2896 - XML-RPC API: Fix an issue where "get_item_resolved_value()" would return
unserializable types #3173 - "grab_tree" is not spamming the logfile anymore
#3176 - Systems: Don't create interface "default" when not needed
#3190 - Buildiso: The action doesn't fail anymore if a system is based on an image
#3238 - DHCP: The main config file doesn't contain "<>" anymore for the
filename option #3367 - Anamon: Fix uploading of logfiles from the installer
#3420 - SELinux: Fix daemon startup error caused by incorrect ownership of
/var/lib/cobbler/web.ss
#3446 - CLI: Fixed an error that mangled the types of certain flags for Cobbler items
#3450 - Docs: The documentation builds with Sphinx 7.x now
#3455 - Windows Support: Fixed issues that prevented Windows from being able to be
installed #3473 - Re-Added "tree" variable to "autoinstall_meta"
#3498 - Add EFI chainloader for Ubuntu to menu local
#3524 - Fix path to linux.c32 for symlink in mkloaders
#3580 - SPEC: Add guard for Fedora to ensure that an incorrect /etc/os-release
doesn't fail the build
#3584 - sync: Fix KeyError with enabled DNS management due to missing context in the
template lookup mapping data structure
#3588 - scm_track: Fix error that commits didn't work due to pathspec errors
#3591 - Fixed infinite recursion of bash completion
#3604 - Removed from Python 3.12 SafeConfigParser replaced with ConfigParser
#3606 - Settings: Clarify leftover settings and group them according to their
respective topics #3612 - scm_track: Pushing to remote repositories via the "scm_push_script" settings
works again #3621 - mkloaders: The default name for grub2-efi changed to grubx64.efi to match the
expected name in the DHCPv4 template.
#3623
Cobbler V3.3.3
This release is containing a lot of backports from main to make Cobbler ready to be shipped in Uyuni.
We have 129 files changed, 6254 insertions(+), 1877 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/19
Diff to last release: v3.3.2...v3.3.3
Announcements:
- None
New:
- Uyuni Proxies can now be set with the schema validation. #3061
- Cobbler should now build on AlmaLinux. #3064
- The initrd is not required anymore as it is an optional file. #3127
- XML-RPC: Added
dump_varsendpoint. This is intended to replaceget_blended_dataas of 3.4.0. #3131 - XML-RPC: Added
get_item_resolved_value(#3056) &set_item_resolved_value(#3134) endpoints.
Breaking Changes:
- The field
virt_file_sizeis now a float and the related settings as well. #3072
Changes:
- The error messages for duplicated objects now contains the name of the duplicated object. #3129
Bugfixes:
- Dictionaries had the wrong value set for
<<inherit>>#3128 - There were some cases in which the autoinstallation manager was handed the wrong object and then crashed. #3130
- The inheritance of the
ownersfield was fixed. #3131 - Serial Console options should not contain bogous
-1value anymore. #3105 - HTTP API should not throw permission errors anymore. #3046 #3080
- During build the log was not visible due to a custom logger without output. #3059
cobbler mkloadersnow also copies dependencies ofmenu.c32. #3058- We now generate the grub configuration for the architectures correct again. #3097
virt_file_sizenow is a float at all times. #3072- Cobbler should restart successfully now if you have attached an image to a system. #3044
- If you have a system named
defaultthe bootloader was not removed properly before. #3045 cobbler buildiso: Theisolinux.cfgwas not properly formatted. #3047- There were unharmful templating errors in the log related to
redhat_management_type. The parts depending on this were removed. #3048 - The DNS managers were non-functional before because of a not existing function call. #3049
cobbler buildisofailed with--tmpdirs that don't end inbuildiso. #3050cobbler buildisohad outdated docs and help messages for some parameters. #3051cobbler import: It was impossible to import Rocky Linux 8.5 successfully. #3052- Cobbler created duplicated settings files before. #3053
cobbler syncwas broken by refactoring toshell=Falsebefore. #3054
Other:
- CI: The system-test workflow now uses a prebuilt image. #3132
Cobbler V3.3.2
This release addresses mainly security issues and bugfixes.
We have 156 files changed, 3288 insertions(+), 1642 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/18
Diff to last release: v3.3.1...v3.3.2
Announcements:
- Important Security Bugfixes
- CVE-2022-0860: See GH advisory
New:
cobbler syncdoesn't have to be executed no more afterenable_ipxewas flipped #2689 #2944- Auth: Support for Global Secure Catalog via LDAP provider #2937
Breaking Changes:
- None
Changes:
- Reposync now deletes old metadata to prevent metadata merge conflicts #2942
- The automigration of the settings is now not enabled per default. #2881 #2966
- We removed
ppcfrom RedHat EL 7 as it is not supported #2964
Bugfixes:
Network interface is not subscriptableerrors were fixed #2856- The stacktraces related to the package and file pre & post triggers should no longer appear #2953
- You should be able to add multiple initrds if needed again #2870 #2931
- Debian: Fix regex for
SHIM_FILEwhich now provides a working reasonable default #2930
Other:
- Internal Refactorings:
- Docs
cobbler-settingsis now explained in the "Scripts" section #2966
- Tests:
- CI/container:
Cobbler V3.3.1
This release addresses mainly security issues and bugfixes.
We have 212 files changed, 2665 insertions(+), 125148 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/15
Diff to last release: v3.3.0...v3.3.1
Announcements:
- Important Security Bugfixes
- CVE-2021-45082: Incomplete template sanitation #2945
- CVE-2021-45083: Make configuration files only readable by root #2945
- Stabilize MongoDB serializer #2919
- Log file pollution: validate the data before logging it #2911
- Authentication: Remove testing module due to hardcoded well known
credentials #2908
New:
Breaking Changes:
cobbler mkgrubrenamed tocobbler mkloaders#2807
Bugfixes:
cobbler <item> renameshould work again now #2824- ldap_anonymous_bind #2831
- Wrong bind path for Debian #2927
- RHEL/Fedora arches in signatures #2895
- Auto migrate settings #2871
- System: Fix serial_device and serial_baud_rate #2923
- Cannot set property 'file' of image #2878
- Enums: Fix failure to convert
<<inherit>>#2920 cobbler mkloadersfor non-SUSE distros did not work #2851- Added
ipv6_prefixtopost_install_network_config#2928
Other:
-
Internal Refactorings:
- Add systemctl for systemd based systems #2841
- Enums: Create general str to enum converter #2901
- Systems: Re-enable the modify_interface call #2921
- Utils: Check if service is running before stopping it #2936
- Several check enhancements #2809
- Remove old Cobbler Web leftovers #2938
- Simplify remote_boot_file setters #2886
-
Docs
- Explain TFTP and internal database #2904
-
Tests:
-
CI/container:
Cobbler V3.3.0
This release got everything! Security, Features, Bugfixes, ...
We have 422 files changed, 25375 insertions(+), 34826 deletions(-)
Milestone: https://github.com/cobbler/cobbler/milestone/10
Diff to last release: v3.2.1...v3.3.0
Known Issues:
cobbler <item> renameis not working currentlycobbler <item> editmay have bugs due to the internal refactorings
Breaking Changes:
- The webinterface got removed #2434 #2434 #2700
- Please use the CLI in the meantime
- A new webinterface is under development at https://github.com/cobbler/cobbler-web
- The core code has priority at any time. There are third party tools available which provide a webinterface and use
Cobbler as a backend. A list of those tools can be found at the bottom of the following page: https://cobbler.github.io/users.html
- The Cobbler internal TFTP Demon got removed #2512
yabootsupport got removed as a bootloader for PowerPC #2723
Announcements:
- Important Security Bugfixes #2794 #2795
- Arbitrary Read was possible through
generate_script() - Arbitrary Write was possible through
upload_log_data() - Log poisoning with Remote-Code-Execution was possible through any XMLRPC method which logs to the logfile.
- Arbitrary Read was possible through
- There was an internal refactoring from runtime created Python attributes to Python Properties. This allows much
better data validation and thus better error handling but also introduced new bugs.
Related: #2433 #2666 #2677 #2753 #2699 #2692 #2684 #2707 2727 #2726 #2685 #2675 #2678 #2682 #2674 #2676 #2681 #2683 #2696 #2702 #2732 #2733 #2722 #2680 #2711 - This is the first release with the new avatar #2604
New:
- The
migrate-data-v2-to-v3.pyscript is now packages and can directly be used #2591 - The
mkgrub.shscript was converted to the commandcobbler mkgrub#2739 #2721 - We now have automigrations and validation for the application settings #2747 #2719 #2772 #2769
- New distros are now able to be imported:
cobbler syncnow supports syncing only specified systems #2601- You can now define your own boot menu structure #2575
- Cobbler is able to run on RockyLinux and import it #2627
- DHCPv6 is now natively supported #2539 #2511 #2647
Changes:
- Internal cache got fully removed with #2684 (related #2661)
cobbler get-loaderswas removed for security reasons #2572- Removed the
simplejsondependency as it is redundant now #2572 - Docs: Multiple enhancements #2599 #2788
- Logger: Changed to the default Python 3 logger (much more configurable) #2573
- Old bootloaders which were not shipped by default got removed #2641
- Windows autoinstallation was simplified #2767
- We are now using
os.urandominstead of/dev/urandom#2752 - We have reduced the usage of the generic
CXexception #2643 ipmilanplusis the default fence agent for power operations #2714- For nested GRUB menus we now show an indicator #2693 #2693
- Items can now be found even if the item type is not specified #2663
Bugfixes:
- Be compliant with CORS pre-flight requests #2594
cobbler reposync: SSL related problems were fixed #2759- Autoinstall templates directory was wrong per default. #2590
- We do not strip the last two characters anymore when rendering via an HTTP(S) Endpoint #2626
cobbler checkdoes not complain about the old name of the settingsfile anymore #2630- openSUSE Tumbleweed AutoYAST templating was fixed again 2629 #2628 #2632
cobbler hardlinknow works with non default web directories #2774- GRUB got a few Cobbler related fixes #2653 #2792 #2743
pxe_just_onceis working as expected now #2783 #2784- Anaconda installation process
ONBOOTis now able to be set with and without qotation marks 2775 - The Autoinstall Manager crashes correctly in case of an error #2791
cobbler distro deletenow doesn't leave repository configs behind #2729 #1370cobbler sync --dnsis now working as expected again #2710 #2712
Other:
- Internal Refactorings:
- Base class for all manager modules is used now #2610
- Cobbler litesync was moved into Cobbler sync #2615
field_info.pyfunctionality was removed since it was unused #2662- API is used instead of the collection manager #2652
- Settings are now held in the API instead of the collection manager #2664
- Directly use the UUID module where available #2650
- Don't clone an object during rename #2744
kopts_overwriteis more error resistent now #2651
- Docs:
- Tests: Multiple new testcases to improve stability and coverage #2656 #2740 #2745 #1492 #2645 [#2649](https://github.com/cobbler/cob...
Cobbler V3.2.2
This is a security only release.
The Django webinterface is removed with V3.3.0 but is included in V3.2.2!
We have
Milestone: https://github.com/cobbler/cobbler/milestone/17
Diff to last release: v3.2.1...v3.2.2
Breaking Changes: None
Announcements:
- Important Security Bugfixes #2797
- Arbitrary Read was possible through
generate_script() - Arbitrary Write was possible through
upload_log_data() - Log poisoning with Remote-Code-Execution was possible through any XMLRPC method which logs to the logfile.
- Arbitrary Read was possible through
New:
- AlmaLinux & RockyLinux are now supported #2705
Changes: None
Bugfixes: None
Other:
- Release preparations #2798