A new release of the Ubuntu Cloud Images for stable Ubuntu release 18.04 LTS (Bionic Beaver) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with:
   'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'.

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 * isc-dhcp: 4.3.5-3ubuntu7.1 => 4.3.5-3ubuntu7.2 
 * linux-meta: 4.15.0.139.126 => 4.15.0.140.127 
 * linux-signed: 4.15.0-139.143 => 4.15.0-140.144 
 * openssl: 1.1.1-1ubuntu2.1~18.04.8 => 1.1.1-1ubuntu2.1~18.04.9 


The following is a complete changelog for this image.
new: {'linux-headers-4.15.0-140-generic': '4.15.0-140.144', 'linux-modules-4.15.0-140-generic': '4.15.0-140.144', 'linux-headers-4.15.0-140': '4.15.0-140.144'}
removed: {'linux-headers-4.15.0-139': '4.15.0-139.143', 'linux-headers-4.15.0-139-generic': '4.15.0-139.143', 'linux-modules-4.15.0-139-generic': '4.15.0-139.143'}
changed: ['isc-dhcp-client', 'isc-dhcp-common', 'libssl1.1:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-4.15.0-140-generic', 'linux-image-virtual', 'linux-virtual', 'openssl']
new snaps: {}
removed snaps: {}
changed snaps: []
==== isc-dhcp: 4.3.5-3ubuntu7.1 => 4.3.5-3ubuntu7.2 ====
====     isc-dhcp-client isc-dhcp-common
  * Fix env variable for INTERFACES (LP: #1894172)
    - d/isc-dhcp-server.isc-dhcp-server{,6}.service: Replace $INTERFACES
      variable with $INTERFACEv4 and $INTERFACESv6, respectively, for
      respective services file.
==== linux-meta: 4.15.0.139.126 => 4.15.0.140.127 ====
====     linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual
  * Bump ABI 4.15.0-140
==== linux-signed: 4.15.0-139.143 => 4.15.0-140.144 ====
====     linux-image-4.15.0-140-generic
  * Master version: 4.15.0-140.144
==== openssl: 1.1.1-1ubuntu2.1~18.04.8 => 1.1.1-1ubuntu2.1~18.04.9 ====
====     libssl1.1:amd64 openssl
  * SECURITY UPDATE: NULL pointer deref in signature_algorithms processing
    - debian/patches/CVE-2021-3449-1.patch: fix NULL pointer dereference in
      ssl/statem/extensions.c.
    - debian/patches/CVE-2021-3449-2.patch: teach TLSProxy how to encrypt
      <= TLSv1.2 ETM records in util/perl/TLSProxy/Message.pm.
    - debian/patches/CVE-2021-3449-3.patch: add a test to
      test/recipes/70-test_renegotiation.t.
    - debian/patches/CVE-2021-3449-4.patch: ensure buffer/length pairs are
      always in sync in ssl/s3_lib.c, ssl/ssl_lib.c,
      ssl/statem/extensions.c, ssl/statem/extensions_clnt.c,
      ssl/statem/statem_clnt.c, ssl/statem/statem_srvr.c.
    - CVE-2021-3449

--
[1] http://cloud-images.ubuntu.com/releases/bionic/release-20210325/
[2] http://cloud-images.ubuntu.com/releases/bionic/release-20210319/