A new release of the Ubuntu Cloud Images for stable Ubuntu release 16.04 LTS (Xenial Xerus) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * apport: 2.20.1-0ubuntu2.23 => 2.20.1-0ubuntu2.24 * base-files: 9.4ubuntu4.11 => 9.4ubuntu4.12 * grub2: 2.02~beta2-36ubuntu3.26 => 2.02~beta2-36ubuntu3.27 * grub2-signed: 1.66.26+2.02~beta2-36ubuntu3.26 => 1.66.27+2.02~beta2-36ubuntu3.27 The following is a complete changelog for this image. new: {} removed: {} changed: ['apport', 'base-files', 'grub-common', 'grub-efi-amd64', 'grub-efi-amd64-bin', 'grub-efi-amd64-signed', 'grub-pc', 'grub-pc-bin', 'grub2-common', 'python3-apport', 'python3-problem-report'] new snaps: {} removed snaps: {} changed snaps: [] ==== apport: 2.20.1-0ubuntu2.23 => 2.20.1-0ubuntu2.24 ==== ==== apport python3-apport python3-problem-report * SECURITY UPDATE: information disclosure issue (LP: #1885633) - data/apport: also drop gid when checking if user session is closing. - CVE-2020-11936 * SECURITY UPDATE: crash via malformed ignore file (LP: #1877023) - apport/report.py: don't crash on malformed mtime values. - CVE-2020-15701 * SECURITY UPDATE: TOCTOU in core file location - data/apport: make sure the process hasn't been replaced after Apport has started. - CVE-2020-15702 * apport/ui.py, test/test_ui.py: make sure a PID is specified when using --hanging (LP: #1876659) ==== base-files: 9.4ubuntu4.11 => 9.4ubuntu4.12 ==== ==== base-files * /etc/issue, /etc/issue.net, /etc/lsb-release, /etc/os-release: Bump version number to 16.04.7 in preparation for the extra point release. ==== grub2: 2.02~beta2-36ubuntu3.26 => 2.02~beta2-36ubuntu3.27 ==== ==== grub-common grub-efi-amd64 grub-efi-amd64-bin grub-pc grub-pc-bin grub2-common * debian/postinst.in: Avoid calling grub-install on upgrade of the grub-pc package, since we cannot be certain that it will install to the correct disk and a grub-install failure will render the system unbootable. LP: #1889556. ==== grub2-signed: 1.66.26+2.02~beta2-36ubuntu3.26 => 1.66.27+2.02~beta2-36ubuntu3.27 ==== ==== grub-efi-amd64-signed -- [1] http://cloud-images.ubuntu.com/releases/xenial/release-20200807/ [2] http://cloud-images.ubuntu.com/releases/xenial/release-20200729/