A new release of the Ubuntu Cloud Images for stable Ubuntu release 22.04 (Jammy Jellyfish) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with:
   'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'.

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 * openldap: 2.5.11+dfsg-1~exp1ubuntu3.1 => 2.5.12+dfsg-0ubuntu0.22.04.1 
 * openssl: 3.0.2-0ubuntu1.2 => 3.0.2-0ubuntu1.5 


The following is a complete changelog for this image.
new: {}
removed: {}
changed: ['libldap-2.5-0:amd64', 'libldap-common', 'libssl3:amd64', 'openssl']
new snaps: {}
removed snaps: {}
changed snaps: []
==== openldap: 2.5.11+dfsg-1~exp1ubuntu3.1 => 2.5.12+dfsg-0ubuntu0.22.04.1 ====
====     libldap-2.5-0:amd64 libldap-common
  * New upstream version (LP: #1977627).
    - Fixed slapd syncrepl handling of new sessions (ITS#9584)
    - Fixed slapd-sql to properly escape filter value (ITS#9815)
      (CVE-2022-29155)
      [ Already included in 2.5.11+dfsg-1~exp1ubuntu3.1 ]
    - More details about this release can be found at:
      https://git.openldap.org/openldap/openldap/-/blob/2bda1fa98fbcedc6cd5995ea905427b8bef89f9d/CHANGES
  * d/p/CVE-2022-29155.patch: Dropped patch; included in this new upstream
    version.
==== openssl: 3.0.2-0ubuntu1.2 => 3.0.2-0ubuntu1.5 ====
====     libssl3:amd64 openssl
  * SECURITY UPDATE: c_rehash script allows command injection
    - debian/patches/CVE-2022-1292.patch: switch to upstream patch, and
      apply it before c_rehash-compat.patch.
    - debian/patches/CVE-2022-2068-1.patch: fix file operations in
      tools/c_rehash.in.
    - debian/patches/CVE-2022-2068-2.patch: drop the issuer_name_hash=
      prefix from the CRL hash in tools/c_rehash.in.
    - debian/patches/c_rehash-compat.patch: updated patch to apply after
      the security updates.
    - CVE-2022-2068
  * d/p/lp1978093/*: renew some expiring test certificates (LP: #1978093)
  * d/p/lp1974037/*: cherry-pick another patchset to fix regressions with the
    previous lp1974037 one (LP: #1974037)
  * d/p/Set-systemwide-default-settings-for-libssl-users: partially apply it on
    Ubuntu to make it easier for user to change security level (LP: #1972056)
  * d/p/lp1947588.patch: Cherry-picked as our patches make it very easy to
    trigger the underlying bug (LP: #1947588)

--
[1] http://cloud-images.ubuntu.com/releases/jammy/release-20220622/
[2] http://cloud-images.ubuntu.com/releases/jammy/release-20220616/