A new release of the Ubuntu Cloud Images for stable Ubuntu release 21.10 (Impish Indri) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * linux-meta: 5.13.0.27.37 => 5.13.0.28.38 * linux-signed: 5.13.0-27.29 => 5.13.0-28.31 * policykit-1: 0.105-31 => 0.105-31ubuntu0.1 * vim: 2:8.2.2434-3ubuntu3.1 => 2:8.2.2434-3ubuntu3.2 The following is a complete changelog for this image. new: {'linux-modules-5.13.0-28-generic': '5.13.0-28.31', 'linux-headers-5.13.0-28': '5.13.0-28.31', 'linux-headers-5.13.0-28-generic': '5.13.0-28.31'} removed: {'linux-headers-5.13.0-27': '5.13.0-27.29', 'linux-modules-5.13.0-27-generic': '5.13.0-27.29', 'linux-headers-5.13.0-27-generic': '5.13.0-27.29'} changed: ['libpolkit-agent-1-0:amd64', 'libpolkit-gobject-1-0:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-5.13.0-28-generic', 'linux-image-virtual', 'linux-virtual', 'policykit-1', 'vim', 'vim-common', 'vim-runtime', 'vim-tiny', 'xxd'] new snaps: {} removed snaps: {} changed snaps: ['core20', 'lxd', 'snapd'] ==== linux-meta: 5.13.0.27.37 => 5.13.0.28.38 ==== ==== linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual * Bump ABI 5.13.0-28 ==== linux-signed: 5.13.0-27.29 => 5.13.0-28.31 ==== ==== linux-image-5.13.0-28-generic * Master version: 5.13.0-28.31 * Master version: 5.13.0-28.30 ==== policykit-1: 0.105-31 => 0.105-31ubuntu0.1 ==== ==== libpolkit-agent-1-0:amd64 libpolkit-gobject-1-0:amd64 policykit-1 * SECURITY UPDATE: Local Privilege Escalation in pkexec - debian/patches/CVE-2021-4034.patch: properly handle command-line arguments in src/programs/pkcheck.c, src/programs/pkexec.c. - CVE-2021-4034 ==== vim: 2:8.2.2434-3ubuntu3.1 => 2:8.2.2434-3ubuntu3.2 ==== ==== vim vim-common vim-runtime vim-tiny xxd * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of service when using CTRL+w+f with an empty filename - debian/patches/CVE-2021-3973-1.patch: Ensure filename is checked for zero length in src/findfile.c, src/normal.c and src/testdir/test_visual.vim - debian/patches/CVE-2021-3973-2.patch: Fix for failing test in src/findfile.c - CVE-2021-3973 * SECURITY UPDATE: Use-after-free issue in regular expression engine when using a mark, could lead to a denial of service or code execution. - debian/patches/CVE-2021-3974.patch: Ensure check for free is made when processing mark in src/regexp_nfa.c, src/testdir/test_regexp_latin.vim - CVE-2021-3974 * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of service or possible code execution when C-indenting - debian/patches/CVE-2021-3984.patch: Fix memory access issue by correctly dereferencing cursor position in src/cindent.c and src/testdir/test_cindent.vim - CVE-2021-3984 * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of service when help functions are provided with long command strings - debian/patches/CVE-2021-4019.patch: Fix handling of strcpy to use safer vim_snprintf in src/help.c and src/testdir/test_help.vim - CVE-2021-4019 * SECURITY UPDATE: Use-after-free issue in open command can lead to a denial of service or possible code execution - debian/patches/CVE-2021-4069.patch: Fix issue making a copy of the current line and its address in src/ex_docmd.c and src/testdir/test_ex_mode.vim - CVE-2021-4069 -- [1] http://cloud-images.ubuntu.com/releases/impish/release-20220201/ [2] http://cloud-images.ubuntu.com/releases/impish/release-20220118/