A new release of the Ubuntu Cloud Images for stable Ubuntu release 18.04 LTS (Bionic Beaver) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * isc-dhcp: 4.3.5-3ubuntu7.1 => 4.3.5-3ubuntu7.2 * linux-meta: 4.15.0.139.126 => 4.15.0.140.127 * linux-signed: 4.15.0-139.143 => 4.15.0-140.144 * openssl: 1.1.1-1ubuntu2.1~18.04.8 => 1.1.1-1ubuntu2.1~18.04.9 The following is a complete changelog for this image. new: {'linux-headers-4.15.0-140-generic': '4.15.0-140.144', 'linux-modules-4.15.0-140-generic': '4.15.0-140.144', 'linux-headers-4.15.0-140': '4.15.0-140.144'} removed: {'linux-headers-4.15.0-139': '4.15.0-139.143', 'linux-headers-4.15.0-139-generic': '4.15.0-139.143', 'linux-modules-4.15.0-139-generic': '4.15.0-139.143'} changed: ['isc-dhcp-client', 'isc-dhcp-common', 'libssl1.1:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-4.15.0-140-generic', 'linux-image-virtual', 'linux-virtual', 'openssl'] new snaps: {} removed snaps: {} changed snaps: [] ==== isc-dhcp: 4.3.5-3ubuntu7.1 => 4.3.5-3ubuntu7.2 ==== ==== isc-dhcp-client isc-dhcp-common * Fix env variable for INTERFACES (LP: #1894172) - d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES variable with $INTERFACEv4 and $INTERFACESv6, respectively, for respective services file. ==== linux-meta: 4.15.0.139.126 => 4.15.0.140.127 ==== ==== linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual * Bump ABI 4.15.0-140 ==== linux-signed: 4.15.0-139.143 => 4.15.0-140.144 ==== ==== linux-image-4.15.0-140-generic * Master version: 4.15.0-140.144 ==== openssl: 1.1.1-1ubuntu2.1~18.04.8 => 1.1.1-1ubuntu2.1~18.04.9 ==== ==== libssl1.1:amd64 openssl * SECURITY UPDATE: NULL pointer deref in signature_algorithms processing - debian/patches/CVE-2021-3449-1.patch: fix NULL pointer dereference in ssl/statem/extensions.c. - debian/patches/CVE-2021-3449-2.patch: teach TLSProxy how to encrypt <= TLSv1.2 ETM records in util/perl/TLSProxy/Message.pm. - debian/patches/CVE-2021-3449-3.patch: add a test to test/recipes/70-test_renegotiation.t. - debian/patches/CVE-2021-3449-4.patch: ensure buffer/length pairs are always in sync in ssl/s3_lib.c, ssl/ssl_lib.c, ssl/statem/extensions.c, ssl/statem/extensions_clnt.c, ssl/statem/statem_clnt.c, ssl/statem/statem_srvr.c. - CVE-2021-3449 -- [1] http://cloud-images.ubuntu.com/releases/bionic/release-20210325/ [2] http://cloud-images.ubuntu.com/releases/bionic/release-20210319/