---
upgrade:
  - |
    The kernel.dmesg_restrict is now set to 1 to prevent exposure of sensitive
    kernel address information with unprivileged access. Deployments that set
    or depend on values other than 1 for kernel.dmesg_restrict may be affected
    by upgrading.
security:
  - |
    Kernel syslog contains sensitive kernel address information, setting
    kernel.dmesg_restrict to avoid unprivileged access to this information.