A new release of the Ubuntu Cloud Images for stable Ubuntu release 20.10 (Groovy Gorilla) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * linux-meta: 5.8.0.34.39 => 5.8.0.36.40 * linux-signed: 5.8.0-34.37 => 5.8.0-36.40 * p11-kit: 0.23.21-2build1 => 0.23.21-2ubuntu0.1 * tzdata: 2020d-1ubuntu1 => 2020f-0ubuntu0.20.10 The following is a complete changelog for this image. new: {'linux-modules-5.8.0-36-generic': '5.8.0-36.40', 'linux-headers-5.8.0-36-generic': '5.8.0-36.40', 'linux-headers-5.8.0-36': '5.8.0-36.40'} removed: {'linux-modules-5.8.0-34-generic': '5.8.0-34.37', 'linux-headers-5.8.0-34': '5.8.0-34.37', 'linux-headers-5.8.0-34-generic': '5.8.0-34.37'} changed: ['libp11-kit0:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-5.8.0-36-generic', 'linux-image-virtual', 'linux-virtual', 'tzdata'] new snaps: {} removed snaps: {} changed snaps: ['snapd'] ==== linux-meta: 5.8.0.34.39 => 5.8.0.36.40 ==== ==== linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual * Bump ABI 5.8.0-36 * Packaging resync (LP: #1786013) - [Packaging] resync debian/dkms-versions from main package ==== linux-signed: 5.8.0-34.37 => 5.8.0-36.40 ==== ==== linux-image-5.8.0-36-generic * Master version: 5.8.0-36.40 ==== p11-kit: 0.23.21-2build1 => 0.23.21-2ubuntu0.1 ==== ==== libp11-kit0:amd64 * SECURITY UPDATE: multiple integer overflows - debian/patches/CVE-2020-29361-1.patch: check for arithmetic overflows before allocating in p11-kit/iter.c, p11-kit/lists.c, p11-kit/proxy.c, p11-kit/rpc-message.c, p11-kit/rpc-message.h, p11-kit/rpc-server.c, trust/index.c. - debian/patches/CVE-2020-29361-2.patch: follow-up to arithmetic overflow fix in common/compat.c, p11-kit/rpc-message.c. - CVE-2020-29361 * SECURITY UPDATE: heap over-read in the RPC protocol - debian/patches/CVE-2020-29362.patch: fix bounds check in p11-kit/rpc-message.c. - CVE-2020-29362 * SECURITY UPDATE: heap overflow in RPC protocol - debian/patches/CVE-2020-29363.patch: check attribute length against buffer size in p11-kit/rpc-message.c. - CVE-2020-29363 ==== tzdata: 2020d-1ubuntu1 => 2020f-0ubuntu0.20.10 ==== ==== tzdata * New upstream version (LP: #1909698), affecting the following timestamp: - Volgograd switches to Moscow time on 2020-12-27 at 02:00. * ICU timezone data files are still version 2020d as they have not yet been updated by upstream. -- [1] http://cloud-images.ubuntu.com/releases/groovy/release-20210108/ [2] http://cloud-images.ubuntu.com/releases/groovy/release-20210105/