A new release of the Ubuntu Cloud Images for stable Ubuntu release 16.04 LTS (Xenial Xerus) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * p11-kit: 0.23.2-5~ubuntu16.04.1 => 0.23.2-5~ubuntu16.04.2 * update-notifier: 3.168.10 => 3.168.13 The following is a complete changelog for this image. new: {} removed: {} changed: ['libp11-kit0:amd64', 'update-notifier-common'] new snaps: {} removed snaps: {} changed snaps: [] ==== p11-kit: 0.23.2-5~ubuntu16.04.1 => 0.23.2-5~ubuntu16.04.2 ==== ==== libp11-kit0:amd64 * SECURITY UPDATE: multiple integer overflows - debian/patches/CVE-2020-29361-1.patch: check for arithmetic overflows before allocating in p11-kit/iter.c, p11-kit/lists.c, p11-kit/proxy.c, p11-kit/rpc-message.c, p11-kit/rpc-message.h, p11-kit/rpc-server.c, trust/index.c. - debian/patches/CVE-2020-29361-2.patch: add reallocarray and follow-up to arithmetic overflow fix in common/compat.c, common/compat.h, p11-kit/rpc-message.c. - CVE-2020-29361 * SECURITY UPDATE: heap over-read in the RPC protocol - debian/patches/CVE-2020-29362.patch: fix bounds check in p11-kit/rpc-message.c. - CVE-2020-29362 ==== update-notifier: 3.168.10 => 3.168.13 ==== ==== update-notifier-common * Fix pep8 autopkgtest failures in the right control file (LP: #1906436) - d/control: remove pep8 from Build-Depends as no tests run by override_dh_auto_test use pep8. - d/tests/control: add pep8 to Depends as it is only used by python-based autopkgtests via subprocess in test_motd.py. - d/tests/test_package-data-downloader.py: mock subprocess calls to apt-helper for expected failure tests to avoid emitting error messages to console * data/apt_check.py: Update UA Infra: ESM product name and doc url (LP: #1901627) - data/apt_check.py: Update name and URL - tests/test_motd.py: adapt unittests to match new behavior - po/*.po: translation files with intltool-update -r * Fix pep8 autopkgtest failures (LP: 1906436) - d/control: add expilicit pep8 build-requires dependency - data/apt_check.py: fix over-indent pep8 errors - data/apt_check & data/backend_helper: resolve underindent pep8 issues backport of 9e0f7ee50 [ Brian Murray ] - data/apt_check.py, data/package-data-downloader, tests/test_pep8.py: + update the code formating to be not hit W504 warnings, change to ignore W503 and be consistent with update-manager. [ Andrea Azzarone ] - INSTALL, data/hooks.py, tests/test_package-data-downloader.py: Fix E117 over-indented pep issues. [ Gianfranco Costamagna ] [ Julian Andres Klode ] * Handle missing cases of LP: #1822340, where we told people ESM is not enabled, but not how to enable it. * Fix multiple disabled ESM repositories being counted as enabled ones. [ Brian Murray ] * data/apt_check.py: modify wording and output regarding ESM support. (LP: #1842508) [ Andreas Hasenack ] * data/apt_check.py: Update ESM security pockets names (LP: #1881632) - the UbuntuESM pocket was renamed from -security to -infra-security - new origin UbuntuESMApps, with a corresponding pocket of -apps-security -- [1] http://cloud-images.ubuntu.com/releases/xenial/release-20210106/ [2] http://cloud-images.ubuntu.com/releases/xenial/release-20210105/