A new release of the Ubuntu Cloud Images for stable Ubuntu release 20.10 (Groovy Gorilla) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with:
   'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'.

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 * linux-meta: 5.8.0.34.39 => 5.8.0.36.40 
 * linux-signed: 5.8.0-34.37 => 5.8.0-36.40 
 * p11-kit: 0.23.21-2build1 => 0.23.21-2ubuntu0.1 
 * tzdata: 2020d-1ubuntu1 => 2020f-0ubuntu0.20.10 


The following is a complete changelog for this image.
new: {'linux-modules-5.8.0-36-generic': '5.8.0-36.40', 'linux-headers-5.8.0-36-generic': '5.8.0-36.40', 'linux-headers-5.8.0-36': '5.8.0-36.40'}
removed: {'linux-modules-5.8.0-34-generic': '5.8.0-34.37', 'linux-headers-5.8.0-34': '5.8.0-34.37', 'linux-headers-5.8.0-34-generic': '5.8.0-34.37'}
changed: ['libp11-kit0:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-5.8.0-36-generic', 'linux-image-virtual', 'linux-virtual', 'tzdata']
new snaps: {}
removed snaps: {}
changed snaps: ['snapd']
==== linux-meta: 5.8.0.34.39 => 5.8.0.36.40 ====
====     linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual
  * Bump ABI 5.8.0-36
  * Packaging resync (LP: #1786013)
    - [Packaging] resync debian/dkms-versions from main package
==== linux-signed: 5.8.0-34.37 => 5.8.0-36.40 ====
====     linux-image-5.8.0-36-generic
  * Master version: 5.8.0-36.40
==== p11-kit: 0.23.21-2build1 => 0.23.21-2ubuntu0.1 ====
====     libp11-kit0:amd64
  * SECURITY UPDATE: multiple integer overflows
    - debian/patches/CVE-2020-29361-1.patch: check for arithmetic overflows
      before allocating in p11-kit/iter.c, p11-kit/lists.c,
      p11-kit/proxy.c, p11-kit/rpc-message.c, p11-kit/rpc-message.h,
      p11-kit/rpc-server.c, trust/index.c.
    - debian/patches/CVE-2020-29361-2.patch: follow-up to arithmetic
      overflow fix in common/compat.c, p11-kit/rpc-message.c.
    - CVE-2020-29361
  * SECURITY UPDATE: heap over-read in the RPC protocol
    - debian/patches/CVE-2020-29362.patch: fix bounds check in
      p11-kit/rpc-message.c.
    - CVE-2020-29362
  * SECURITY UPDATE: heap overflow in RPC protocol
    - debian/patches/CVE-2020-29363.patch: check attribute length against
      buffer size in p11-kit/rpc-message.c.
    - CVE-2020-29363
==== tzdata: 2020d-1ubuntu1 => 2020f-0ubuntu0.20.10 ====
====     tzdata
  * New upstream version (LP: #1909698), affecting the following timestamp:
    - Volgograd switches to Moscow time on 2020-12-27 at 02:00.
  * ICU timezone data files are still version 2020d as they have not yet been
    updated by upstream.

--
[1] http://cloud-images.ubuntu.com/releases/groovy/release-20210108/
[2] http://cloud-images.ubuntu.com/releases/groovy/release-20210105/