A new release of the Ubuntu Cloud Images for stable Ubuntu release 18.04 LTS (Bionic Beaver) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * bind9: 1:9.11.3+dfsg-1ubuntu1.14 => 1:9.11.3+dfsg-1ubuntu1.15 * cloud-init: 21.1-19-gbad84ad4-0ubuntu1~18.04.1 => 21.1-19-gbad84ad4-0ubuntu1~18.04.2 * distro-info-data: 0.37ubuntu0.9 => 0.37ubuntu0.10 * ubuntu-release-upgrader: 1:18.04.42 => 1:18.04.44 * update-notifier: 3.192.1.9 => 3.192.1.10 The following is a complete changelog for this image. new: {} removed: {} changed: ['bind9-host', 'cloud-init', 'distro-info-data', 'dnsutils', 'libbind9-160:amd64', 'libdns-export1100', 'libdns1100:amd64', 'libirs160:amd64', 'libisc-export169:amd64', 'libisc169:amd64', 'libisccc160:amd64', 'libisccfg160:amd64', 'liblwres160:amd64', 'python3-distupgrade', 'ubuntu-release-upgrader-core', 'update-notifier-common'] new snaps: {} removed snaps: {} changed snaps: [] ==== bind9: 1:9.11.3+dfsg-1ubuntu1.14 => 1:9.11.3+dfsg-1ubuntu1.15 ==== ==== bind9-host dnsutils libbind9-160:amd64 libdns-export1100 libdns1100:amd64 libirs160:amd64 libisc-export169:amd64 libisc169:amd64 libisccc160:amd64 libisccfg160:amd64 liblwres160:amd64 * SECURITY UPDATE: DoS via broken inbound incremental zone update (IXFR) - debian/patches/CVE-2021-25214.patch: immediately reject the entire transfer for certain RR in lib/dns/xfrin.c. - CVE-2021-25214 * SECURITY UPDATE: assert via answering certain queries for DNAME records - debian/patches/CVE-2021-25215.patch: fix assert checks in lib/ns/query.c. - CVE-2021-25215 * SECURITY UPDATE: overflow in BIND's GSSAPI security policy negotiation - debian/rules: build with --disable-isc-spnego to disable internal SPNEGO and use the one from the kerberos libraries. - debian/libdns1100.symbols: removed internal SPNEGO symbols. - CVE-2021-25216 ==== cloud-init: 21.1-19-gbad84ad4-0ubuntu1~18.04.1 => 21.1-19-gbad84ad4-0ubuntu1~18.04.2 ==== ==== cloud-init * cherry-pick 83f6bbfb: Fix unpickle for source paths missing run_dir (#863) (LP: #1899299) * cherry-pick d132356c: fix error on upgrade caused by new vendordata2 attributes (LP: #1922739) ==== distro-info-data: 0.37ubuntu0.9 => 0.37ubuntu0.10 ==== ==== distro-info-data * Add Ubuntu 21.10, Impish Indri (LP: #1925484) ==== ubuntu-release-upgrader: 1:18.04.42 => 1:18.04.44 ==== ==== python3-distupgrade ubuntu-release-upgrader-core * DistUpgrade/DistUpgradeQuirks.py: Ensure that when installing snaps both gnome-3 and the gtk-common-themes snapped are installed first such that they will be tracking the latest/stable/ubuntu-18.04 channel. (LP: #1922297) * DistUpgrade/DistUpgradeQuirks.py: Backport the latest version of the quirk which replaces Debian packages with snaps so that a system upgraded from 16.04 to 18.04 will have snaps installed. Additionally, this includes changes to the quirk which upgrade preseeded snaps to latest/stable/ubuntu-$version for their new release. (LP: #1922297) * tests/test_quirks.py: update the snap tests for the above changes. * Run pre-build.sh. ==== update-notifier: 3.192.1.9 => 3.192.1.10 ==== ==== update-notifier-common * data/apt_check.py: - Add support to handle packages from ESM Apps in addition to ESM Infra and only display alerts if the distro is ESM. (LP: #1924766) - Do not display a count of ESM packages if the system does not have ESM enabled. (LP: #1883315) - Make distinction between standard security updates and ESM updates when performing package counts. (LP: #1926208) - use 'applied' instead of 'installed', redact 0 of these updates are security updates, and correct singular messages * debian/control: Add a dependency on python3-distro-info. -- [1] http://cloud-images.ubuntu.com/releases/bionic/release-20210501/ [2] http://cloud-images.ubuntu.com/releases/bionic/release-20210415/