A new release of the Ubuntu Cloud Images for stable Ubuntu release 22.04 (Jammy Jellyfish) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * curl: 7.81.0-1ubuntu1.1 => 7.81.0-1ubuntu1.2 * libxml2: 2.9.13+dfsg-1build1 => 2.9.13+dfsg-1ubuntu0.1 * linux-meta: 5.15.0.27.30 => 5.15.0.30.33 * linux-signed: 5.15.0-27.28 => 5.15.0-30.31 * software-properties: 0.99.22 => 0.99.22.1 The following is a complete changelog for this image. new: {'linux-headers-5.15.0-30': '5.15.0-30.31', 'linux-headers-5.15.0-30-generic': '5.15.0-30.31', 'linux-modules-5.15.0-30-generic': '5.15.0-30.31'} removed: {'linux-headers-5.15.0-27-generic': '5.15.0-27.28', 'linux-headers-5.15.0-27': '5.15.0-27.28', 'linux-modules-5.15.0-27-generic': '5.15.0-27.28'} changed: ['curl', 'libcurl3-gnutls:amd64', 'libcurl4:amd64', 'libxml2:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-5.15.0-30-generic', 'linux-image-virtual', 'linux-virtual', 'python3-software-properties', 'software-properties-common'] new snaps: {} removed snaps: {} changed snaps: [] ==== curl: 7.81.0-1ubuntu1.1 => 7.81.0-1ubuntu1.2 ==== ==== curl libcurl3-gnutls:amd64 libcurl4:amd64 * SECURITY UPDATE: percent-encoded path separator in URL host - debian/patches/CVE-2022-27780.patch: reject percent-decoding host name into separator bytes in lib/urlapi.c. - CVE-2022-27780 * SECURITY UPDATE: CERTINFO never-ending busy-loop - debian/patches/CVE-2022-27781.patch: return error if seemingly stuck in a cert loop in lib/vtls/nss.c. - CVE-2022-27781 * SECURITY UPDATE: TLS and SSH connection too eager reuse - debian/patches/CVE-2022-27782.patch: check more TLS details for connection reuse in lib/setopt.c, lib/url.c, lib/urldata.h, lib/vtls/gtls.c, lib/vtls/openssl.c, lib/vtls/nss.c, lib/vtls/vtls.c, lib/vssh/ssh.h. - CVE-2022-27782 ==== libxml2: 2.9.13+dfsg-1build1 => 2.9.13+dfsg-1ubuntu0.1 ==== ==== libxml2:amd64 * SECURITY UPDATE: Integer overflows - debian/patches/CVE-2022-29824.patch: Fix integer overflows in xmlBuf and xmlBuffer in tree.c, buf.c. - CVE-2022-29824 ==== linux-meta: 5.15.0.27.30 => 5.15.0.30.33 ==== ==== linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual * Bump ABI 5.15.0-30 * Bump ABI 5.15.0-29 * Bump ABI 5.15.0-28 * Packaging resync (LP: #1786013) - [Packaging] resync debian/dkms-versions from main package ==== linux-signed: 5.15.0-27.28 => 5.15.0-30.31 ==== ==== linux-image-5.15.0-30-generic * Master version: 5.15.0-30.31 * Master version: 5.15.0-29.30 * Master version: 5.15.0-28.29 ==== software-properties: 0.99.22 => 0.99.22.1 ==== ==== python3-software-properties software-properties-common * cloudarchive: Enable support for the Zed Ubuntu Cloud Archive on 22.04 (LP: #1970244). -- [1] http://cloud-images.ubuntu.com/releases/jammy/release-20220517/ [2] http://cloud-images.ubuntu.com/releases/jammy/release-20220506/