A new release of the Ubuntu Cloud Images for stable Ubuntu release 18.04 LTS (Bionic Beaver) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with:
   'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'.

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 * apt: 1.6.12ubuntu0.2 => 1.6.13 
 * curl: 7.58.0-2ubuntu3.12 => 7.58.0-2ubuntu3.13 
 * linux-meta: 4.15.0.140.127 => 4.15.0.141.128 
 * linux-signed: 4.15.0-140.144 => 4.15.0-141.145 
 * sbsigntool: 0.6-3.2ubuntu2 => 0.9.2-2ubuntu1~18.04.1 
 * ubuntu-keyring: 2018.09.18.1~18.04.0 => 2018.09.18.1~18.04.2 


The following is a complete changelog for this image.
new: {'linux-modules-4.15.0-141-generic': '4.15.0-141.145', 'linux-headers-4.15.0-141': '4.15.0-141.145', 'linux-headers-4.15.0-141-generic': '4.15.0-141.145'}
removed: {'linux-headers-4.15.0-140-generic': '4.15.0-140.144', 'linux-modules-4.15.0-140-generic': '4.15.0-140.144', 'linux-headers-4.15.0-140': '4.15.0-140.144'}
changed: ['apt', 'apt-utils', 'curl', 'libapt-inst2.0:amd64', 'libapt-pkg5.0:amd64', 'libcurl3-gnutls:amd64', 'libcurl4:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-4.15.0-141-generic', 'linux-image-virtual', 'linux-virtual', 'sbsigntool', 'ubuntu-keyring']
new snaps: {}
removed snaps: {}
changed snaps: []
==== apt: 1.6.12ubuntu0.2 => 1.6.13 ====
====     apt apt-utils libapt-inst2.0:amd64 libapt-pkg5.0:amd64
  [ David Kalnischkies ]
  * Fix incorrect base64 encoding due to int promotion (LP: #1916050)
  * Harden test for no new acquires after transaction abort (Closes: #984966)
    (LP: #1918920)
  [ Julian Andres Klode ]
  * Implement update --error-on=any (Closes: #594813) (LP: #1693900)
  * Include all translations when building the cache (LP: #1907850)
  * Add basic support for the Protected field
  * Do not require force-loopbreak on Important packages
    (Closes: #983014) (LP: #1916725)
  * Protect currently running kernel at run-time (LP: #1615381)
  * Make ADDARG{,C}() macros expand to single statements
  * Improve immediate configuration handling (LP: #1871268)
    - Do not immediately configure m-a: same packages in lockstep
    - Ignore failures from immediate configuration. This does not change the
      actual installation ordering - we never passed the return code to the
      caller and installation went underway anyway if it could be ordered at a
      later stage, this just removes spurious after-the-fact errors.
      (Closes: #973305, #188161, #211075, #649588)
  * Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566)
    (LP: #1918907)
  [ Balint Reczey ]
  * Set LC_ALL=C.UTF-8 for unattended-upgrades environment when parsing its --help
    (LP: #1806076)
==== curl: 7.58.0-2ubuntu3.12 => 7.58.0-2ubuntu3.13 ====
====     curl libcurl3-gnutls:amd64 libcurl4:amd64
  * SECURITY UPDATE: data leak via referer header field
    - debian/patches/urlapi.patch: backport url api support in
      include/curl/Makefile.am, include/curl/curl.h, include/curl/urlapi.h,
      lib/Makefile.inc, lib/urlapi-int.h, lib/urlapi.c,
      lib/curl_setup_once.h, lib/url.c, lib/url.h, lib/escape.c,
      lib/escape.h, docs/libcurl/symbols-in-versions.
    - debian/libcurl*.symbols: added new symbols.
    - debian/patches/CVE-2021-22876.patch: strip credentials from the
      auto-referer header field in lib/transfer.c.
    - CVE-2021-22876
==== linux-meta: 4.15.0.140.127 => 4.15.0.141.128 ====
====     linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual
  * Bump ABI 4.15.0-141
  * Packaging resync (LP: #1786013)
    - [Packaging] resync debian/dkms-versions from main package
==== linux-signed: 4.15.0-140.144 => 4.15.0-141.145 ====
====     linux-image-4.15.0-141-generic
  * Master version: 4.15.0-141.145
==== sbsigntool: 0.6-3.2ubuntu2 => 0.9.2-2ubuntu1~18.04.1 ====
====     sbsigntool
  * No-change backport to bionic:
    - fix alignment of binaries and thus correct hash calculation LP:
    #1921387
  * Merge from Debian unstable.  Remaining changes:
    - d/p/ubuntu-kernel-module-signing.patch and
      d/p/ubuntu-kernel-module-signing-fixes.patch: add the kernel module
      signing tool to the package.
    - d/p/ubuntu-clear-image-before-use.patch: avoid use of uninitialised
      data causing a startup crash.
  * Dropped changes, included upstream:
    - d/p/ubuntu-handle-odd-buffer-lengths-in-checksum.patch: correctly
      handle odd byte length buffers.
  * Dropped changes, obsoleted upstream:
    - d/p/ubuntu-tests-disable-pie.patch: disable PIE
  * Change Maintainer to be the EFI team, with Pierre and me as Uploaders
  * Remove the old alignment patch, looks to be un-needed now
  * Fix PE/COFF checksum calculation - only count the cert_table
    struct once when performing the calculation and counting buffer
    sizes.
  * Add watch file
  * New upstream version 0.9.2 (Closes: #920013, #828696)
  * Remove test file after clean
  * Refreshed quilt patches, and removed all that were merged
  * Use priority optional
==== ubuntu-keyring: 2018.09.18.1~18.04.0 => 2018.09.18.1~18.04.2 ====
====     ubuntu-keyring
  * Remove expiry of the ddebs.ubuntu.com key. LP: #1920640
  * Update expiry of the ddebs.ubuntu.com key by one year. LP: #1920640

--
[1] http://cloud-images.ubuntu.com/releases/bionic/release-20210412/
[2] http://cloud-images.ubuntu.com/releases/bionic/release-20210325/