A new release of the Ubuntu Cloud Images for stable Ubuntu release 18.04 LTS (Bionic Beaver) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * apport: 2.20.9-0ubuntu7.15 => 2.20.9-0ubuntu7.16 * base-files: 10.1ubuntu2.8 => 10.1ubuntu2.9 * grub2: 2.02-2ubuntu8.16 => 2.02-2ubuntu8.17 * grub2-signed: 1.93.18+2.02-2ubuntu8.16 => 1.93.19+2.02-2ubuntu8.17 * iproute2: 4.15.0-2ubuntu1.1 => 4.15.0-2ubuntu1.2 * kmod: 24-1ubuntu3.4 => 24-1ubuntu3.5 * shim-signed: 1.37~18.04.3+15+1533136590.3beb971-0ubuntu1 => 1.37~18.04.6+15+1533136590.3beb971-0ubuntu1 * systemd: 237-3ubuntu10.41 => 237-3ubuntu10.42 The following is a complete changelog for this image. new: {} removed: {} changed: ['apport', 'base-files', 'grub-common', 'grub-efi-amd64', 'grub-efi-amd64-bin', 'grub-efi-amd64-signed', 'grub-pc', 'grub-pc-bin', 'grub2-common', 'iproute2', 'kmod', 'libkmod2:amd64', 'libnss-systemd:amd64', 'libpam-systemd:amd64', 'libsystemd0:amd64', 'libudev1:amd64', 'python3-apport', 'python3-problem-report', 'shim-signed', 'systemd', 'systemd-sysv', 'udev'] new snaps: {} removed snaps: {} changed snaps: [] ==== apport: 2.20.9-0ubuntu7.15 => 2.20.9-0ubuntu7.16 ==== ==== apport python3-apport python3-problem-report * SECURITY UPDATE: information disclosure issue (LP: #1885633) - data/apport: also drop gid when checking if user session is closing. - CVE-2020-11936 * SECURITY UPDATE: crash via malformed ignore file (LP: #1877023) - apport/report.py: don't crash on malformed mtime values. - CVE-2020-15701 * SECURITY UPDATE: TOCTOU in core file location - data/apport: make sure the process hasn't been replaced after Apport has started. - CVE-2020-15702 * apport/ui.py, test/test_ui.py: make sure a PID is specified when using --hanging (LP: #1876659) ==== base-files: 10.1ubuntu2.8 => 10.1ubuntu2.9 ==== ==== base-files * /etc/issue, /etc/issue.net, /etc/lsb-release, /etc/os-release: Bump version number to 18.04.5 in preparation of the next point release. ==== grub2: 2.02-2ubuntu8.16 => 2.02-2ubuntu8.17 ==== ==== grub-common grub-efi-amd64 grub-efi-amd64-bin grub-pc grub-pc-bin grub2-common * debian/postinst.in: Avoid calling grub-install on upgrade of the grub-pc package, since we cannot be certain that it will install to the correct disk and a grub-install failure will render the system unbootable. LP: #1889556. ==== grub2-signed: 1.93.18+2.02-2ubuntu8.16 => 1.93.19+2.02-2ubuntu8.17 ==== ==== grub-efi-amd64-signed ==== iproute2: 4.15.0-2ubuntu1.1 => 4.15.0-2ubuntu1.2 ==== ==== iproute2 * tc filter show tcp_flags wrong mask value (LP: #1873961) - d/p/lp1873961-tc-fix-bugs-for-tcp_flags-and-ip_attr-hex-output.patch ==== kmod: 24-1ubuntu3.4 => 24-1ubuntu3.5 ==== ==== kmod libkmod2:amd64 * Re-introduce --add-udeb=libkmod2-udeb to dh_makeshlibs. Fixes d-i FTBFS due to udev-udeb depending on libkmod2 instead of libkmod2-udeb. (LP: #1889297) ==== shim-signed: 1.37~18.04.3+15+1533136590.3beb971-0ubuntu1 => 1.37~18.04.6+15+1533136590.3beb971-0ubuntu1 ==== ==== shim-signed ==== systemd: 237-3ubuntu10.41 => 237-3ubuntu10.42 ==== ==== libnss-systemd:amd64 libpam-systemd:amd64 libsystemd0:amd64 libudev1:amd64 systemd systemd-sysv udev [ Dan Streetman ] * d/p/lp1860926/0001-networkd-Allow-to-retain-configs-even-if-carrier-is-.patch, d/p/lp1860926/0002-network-Change-IgnoreCarrierLoss-default-to-value-of.patch, d/p/lp1860926/0003-network-always-drop-configs-when-corresponding-netwo.patch: - Add IgnoreCarrierLoss and default to value of ConfigureWithoutCarrier (LP: #1860926) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=9a12a31a62f1a50cd3a67a164ee34c546809815e https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=3cc3870fde47982a4dda53f820e18065e5488e7e * d/e/rules-ubuntu/40-vm-hotadd.rules: - Hotadd only offline memory and CPUs (LP: #1876018) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ba305d7ad00e80bc1a03f93e6986eef7cbbb18fc * d/p/lp1881972-network-strdup-iif-and-oif-when-creating-RoutingPoli.patch: - Avoid double-free by strdup'ing iif/oif strings for new policy rules (LP: #1881972) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=874056f0d429aaa2cc872c3b35ec33cd3b740483 * d/p/lp1886197-seccomp-more-comprehensive-protection-against-libsec.patch - Fix FTBFS on arm64 due to libseccomp changes (LP: #1886197) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=c284a72ca2e3d87bfe1c20afb2fcfb379cda544f * d/p/lp1832754/0001-umount-Try-unmounting-even-if-remounting-read-only-f.patch, d/p/lp1832754/0002-umount-Don-t-bother-remounting-api-and-ro-filesystem.patch: - Try unmounting even if ro-remount fails, and don't bother remounting api/ro fs (LP: #1832754) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a518baa673aeaaf42000a3a01b7e03347652b216 [ Alex Murray, Jamie Strandboge ] * d/p/lp1886115-pid1-fix-free-of-uninitialized-pointer-in-unit_fail_.patch: - Fix free of uninitialized pointer (LP: #1886115) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=491c76fd0f2fba0007a9b54d63a50f21add643c8 -- [1] http://cloud-images.ubuntu.com/releases/bionic/release-20200807/ [2] http://cloud-images.ubuntu.com/releases/bionic/release-20200729/