A new release of the Ubuntu Cloud Images for stable Ubuntu release 16.04 LTS (Xenial Xerus) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * python3.5: 3.5.2-2ubuntu0~16.04.10 => 3.5.2-2ubuntu0~16.04.11 The following is a complete changelog for this image. new: {} removed: {} changed: ['libpython3.5-minimal:amd64', 'libpython3.5-stdlib:amd64', 'libpython3.5:amd64', 'python3.5', 'python3.5-minimal'] new snaps: {} removed snaps: {} changed snaps: [] ==== python3.5: 3.5.2-2ubuntu0~16.04.10 => 3.5.2-2ubuntu0~16.04.11 ==== ==== libpython3.5-minimal:amd64 libpython3.5-stdlib:amd64 libpython3.5:amd64 python3.5 python3.5-minimal * SECURITY UPDATE: Misleading information - debian/patches/CVE-2019-17514.patch: explain that the orderness of the of the result is system-dependant in Doc/library/glob.rst. - CVE-2019-17514 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-9674.patch: add pitfalls to zipfile module doc in Doc/library/zipfile.rst, Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst. - CVE-2019-9674 * SECURITY UPDATE: Infinite loop - debian/patches/CVE-2019-20907.patch: avoid infinite loop in the tarfile module in Lib/tarfile.py, Lib/test/test_tarfile.py and add Lib/test/recursion.tar binary for test. - CVE-2019-20907 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2020-14422.patch: Resolve hash collisions for IPv4Interface and IPv6Interface in Lib/ipaddress.py, Lib/test/test_ipaddress.py. - CVE-2020-14422 -- [1] http://cloud-images.ubuntu.com/releases/xenial/release-20200723/ [2] http://cloud-images.ubuntu.com/releases/xenial/release-20200721/