A new release of the Ubuntu Cloud Images for stable Ubuntu release 18.04 LTS (Bionic Beaver) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with:
   'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'.

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 * linux-meta: 4.15.0.154.143 => 4.15.0.156.145 
 * linux-signed: 4.15.0-154.161 => 4.15.0-156.163 
 * ntfs-3g: 1:2017.3.23-2ubuntu0.18.04.2 => 1:2017.3.23-2ubuntu0.18.04.3 
 * openssl1.0: 1.0.2n-1ubuntu5.6 => 1.0.2n-1ubuntu5.7 
 * shim-signed: 1.37~18.04.8+15+1552672080.a4a1fbe-0ubuntu2 => 1.37~18.04.10+15.4-0ubuntu7 
 * squashfs-tools: 1:4.3-6ubuntu0.18.04.2 => 1:4.3-6ubuntu0.18.04.3 


The following is a complete changelog for this image.
new: {'linux-headers-4.15.0-156': '4.15.0-156.163', 'linux-modules-4.15.0-156-generic': '4.15.0-156.163', 'linux-headers-4.15.0-156-generic': '4.15.0-156.163'}
removed: {'linux-headers-4.15.0-154': '4.15.0-154.161', 'linux-modules-4.15.0-154-generic': '4.15.0-154.161', 'linux-headers-4.15.0-154-generic': '4.15.0-154.161', 'shim': '15+1552672080.a4a1fbe-0ubuntu2'}
changed: ['libntfs-3g88', 'libssl1.0.0:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-4.15.0-156-generic', 'linux-image-virtual', 'linux-virtual', 'ntfs-3g', 'shim-signed', 'squashfs-tools']
new snaps: {}
removed snaps: {}
changed snaps: []
==== linux-meta: 4.15.0.154.143 => 4.15.0.156.145 ====
====     linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual
  * Bump ABI 4.15.0-156
  * Bump ABI 4.15.0-155
  * Packaging resync (LP: #1786013)
    - [Packaging] resync debian/dkms-versions from main package
==== linux-signed: 4.15.0-154.161 => 4.15.0-156.163 ====
====     linux-image-4.15.0-156-generic
  * Master version: 4.15.0-156.163
  * Master version: 4.15.0-155.162
==== ntfs-3g: 1:2017.3.23-2ubuntu0.18.04.2 => 1:2017.3.23-2ubuntu0.18.04.3 ====
====     libntfs-3g88 ntfs-3g
  * SECURITY UPDATE: multiple security issues
    - debian/patches/aug2021-security.patch: backport fixes from new
      upstream version.
    - No CVE number
==== openssl1.0: 1.0.2n-1ubuntu5.6 => 1.0.2n-1ubuntu5.7 ====
====     libssl1.0.0:amd64
  * SECURITY UPDATE: Read buffer overrun in X509_aux_print()
    - debian/patches/CVE-2021-3712.patch: fix a read buffer overrun in
      X509_CERT_AUX_print() in crypto/asn1/t_x509a.c.
    - debian/patches/CVE-2021-3712-2.patch: fix i2v_GENERAL_NAME to not
      assume NUL terminated strings in crypto/x509v3/v3_alt.c,
      crypto/x509v3/v3_utl.c, crypto/x509v3/x509v3.h.
    - debian/patches/CVE-2021-3712-3.patch: fix POLICYINFO printing to not
      assume NUL terminated strings in crypto/x509v3/v3_cpols.c.
    - debian/patches/CVE-2021-3712-4.patch: fix printing of
      PROXY_CERT_INFO_EXTENSION to not assume NUL terminated strings in
      crypto/x509v3/v3_pci.c.
    - debian/patches/CVE-2021-3712-5.patch: fix the name constraints code
      to not assume NUL terminated strings in crypto/x509v3/v3_ncons.c.
    - debian/patches/CVE-2021-3712-7.patch: fix append_ia5 function to not
      assume NUL terminated strings in crypto/x509v3/v3_utl.c.
    - debian/patches/CVE-2021-3712-8.patch: fix NETSCAPE_SPKI_print
      function to not assume NUL terminated strings in
      crypto/asn1/t_spki.c.
    - debian/patches/CVE-2021-3712-9.patch: fix
      EC_GROUP_new_from_ecparameters to check the base length in
      crypto/ec/ec_asn1.c.
    - debian/patches/CVE-2021-3712-11.patch: fix the error handling in
      i2v_AUTHORITY_KEYID in crypto/x509v3/v3_akey.c.
    - debian/patches/CVE-2021-3712-13.patch: fix the name constraints code
      to not assume NUL terminated strings in crypto/x509v3/v3_ncons.c.
    - debian/patches/CVE-2021-3712-14.patch: fix i2v_GENERAL_NAME to not
      assume NUL terminated strings in crypto/x509v3/v3_utl.c.
    - CVE-2021-3712
==== shim-signed: 1.37~18.04.8+15+1552672080.a4a1fbe-0ubuntu2 => 1.37~18.04.10+15.4-0ubuntu7 ====
====     shim-signed
==== squashfs-tools: 1:4.3-6ubuntu0.18.04.2 => 1:4.3-6ubuntu0.18.04.3 ====
====     squashfs-tools
  * SECURITY UPDATE: Directory traversal via relative paths in unsquashfs
    (LP: #1941790)
    - debian/patches/0013-CVE-2021-40153.patch:
      Treat squashfs images which contain files with names containing
      constructs like ../ as corrupted in unsquash-N.c
    - CVE-2021-40153

--
[1] http://cloud-images.ubuntu.com/releases/bionic/release-20210907/
[2] http://cloud-images.ubuntu.com/releases/bionic/release-20210825/