A new release of the Ubuntu Cloud Images for stable Ubuntu release 16.04 LTS (Xenial Xerus) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with:
   'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'.

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 * apport: 2.20.1-0ubuntu2.23 => 2.20.1-0ubuntu2.24 
 * base-files: 9.4ubuntu4.11 => 9.4ubuntu4.12 
 * grub2: 2.02~beta2-36ubuntu3.26 => 2.02~beta2-36ubuntu3.27 
 * grub2-signed: 1.66.26+2.02~beta2-36ubuntu3.26 => 1.66.27+2.02~beta2-36ubuntu3.27 


The following is a complete changelog for this image.
new: {}
removed: {}
changed: ['apport', 'base-files', 'grub-common', 'grub-efi-amd64', 'grub-efi-amd64-bin', 'grub-efi-amd64-signed', 'grub-pc', 'grub-pc-bin', 'grub2-common', 'python3-apport', 'python3-problem-report']
new snaps: {}
removed snaps: {}
changed snaps: []
==== apport: 2.20.1-0ubuntu2.23 => 2.20.1-0ubuntu2.24 ====
====     apport python3-apport python3-problem-report
  * SECURITY UPDATE: information disclosure issue (LP: #1885633)
    - data/apport: also drop gid when checking if user session is closing.
    - CVE-2020-11936
  * SECURITY UPDATE: crash via malformed ignore file (LP: #1877023)
    - apport/report.py: don't crash on malformed mtime values.
    - CVE-2020-15701
  * SECURITY UPDATE: TOCTOU in core file location
    - data/apport: make sure the process hasn't been replaced after Apport
      has started.
    - CVE-2020-15702
  * apport/ui.py, test/test_ui.py: make sure a PID is specified when using
    --hanging (LP: #1876659)
==== base-files: 9.4ubuntu4.11 => 9.4ubuntu4.12 ====
====     base-files
  * /etc/issue, /etc/issue.net, /etc/lsb-release, /etc/os-release: Bump
    version number to 16.04.7 in preparation for the extra point release. 
==== grub2: 2.02~beta2-36ubuntu3.26 => 2.02~beta2-36ubuntu3.27 ====
====     grub-common grub-efi-amd64 grub-efi-amd64-bin grub-pc grub-pc-bin grub2-common
  * debian/postinst.in: Avoid calling grub-install on upgrade of the grub-pc
    package, since we cannot be certain that it will install to the correct
    disk and a grub-install failure will render the system unbootable.
    LP: #1889556.
==== grub2-signed: 1.66.26+2.02~beta2-36ubuntu3.26 => 1.66.27+2.02~beta2-36ubuntu3.27 ====
====     grub-efi-amd64-signed

--
[1] http://cloud-images.ubuntu.com/releases/xenial/release-20200807/
[2] http://cloud-images.ubuntu.com/releases/xenial/release-20200729/