A new release of the Ubuntu Cloud Images for stable Ubuntu release 20.04 LTS (Focal Fossa) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * apport: 2.20.11-0ubuntu27.11 => 2.20.11-0ubuntu27.12 * efivar: 37-2ubuntu2 => 37-2ubuntu2.1 * krb5: 1.17-6ubuntu4 => 1.17-6ubuntu4.1 * libmaxminddb: 1.4.2-0ubuntu1 => 1.4.2-0ubuntu1.20.04.1 * linux-meta: 5.4.0.53.56 => 5.4.0.54.57 * linux-signed: 5.4.0-53.59 => 5.4.0-54.60 * openldap: 2.4.49+dfsg-2ubuntu1.4 => 2.4.49+dfsg-2ubuntu1.5 * software-properties: 0.98.9.2 => 0.98.9.3 The following is a complete changelog for this image. new: {'linux-headers-5.4.0-54-generic': '5.4.0-54.60', 'linux-modules-5.4.0-54-generic': '5.4.0-54.60', 'linux-headers-5.4.0-54': '5.4.0-54.60'} removed: {'linux-headers-5.4.0-53': '5.4.0-53.59', 'linux-headers-5.4.0-53-generic': '5.4.0-53.59', 'linux-modules-5.4.0-53-generic': '5.4.0-53.59'} changed: ['apport', 'krb5-locales', 'libefiboot1:amd64', 'libefivar1:amd64', 'libgssapi-krb5-2:amd64', 'libk5crypto3:amd64', 'libkrb5-3:amd64', 'libkrb5support0:amd64', 'libldap-2.4-2:amd64', 'libldap-common', 'libmaxminddb0:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-5.4.0-54-generic', 'linux-image-virtual', 'linux-virtual', 'python3-apport', 'python3-problem-report', 'python3-software-properties', 'software-properties-common'] new snaps: {} removed snaps: {} changed snaps: [] ==== apport: 2.20.11-0ubuntu27.11 => 2.20.11-0ubuntu27.12 ==== ==== apport python3-apport python3-problem-report * Various security hardening fixes (LP: #1903332) - apport/fileutils.py: drop privileges in the correct order, limit settings file size. - apport/apport/report.py: properly drop privileges, limit ignore file size. - data/apport: drop supplemental groups. ==== efivar: 37-2ubuntu2 => 37-2ubuntu2.1 ==== ==== libefiboot1:amd64 libefivar1:amd64 * Add support for nvme-fabrics and nvme-subsystem devices. LP: #1891718. ==== krb5: 1.17-6ubuntu4 => 1.17-6ubuntu4.1 ==== ==== krb5-locales libgssapi-krb5-2:amd64 libk5crypto3:amd64 libkrb5-3:amd64 libkrb5support0:amd64 * SECURITY UPDATE: Unbounded recursion - debian/patches/CVE-2020-28196.patch: adds recursion limit for ASN.1 indefinite lenghts in src/lib/krb5/asn.1/asn1_encode.c. - CVE-2020-28196 ==== libmaxminddb: 1.4.2-0ubuntu1 => 1.4.2-0ubuntu1.20.04.1 ==== ==== libmaxminddb0:amd64 * SECURITY UPDATE: heap overread in dump_entry_data_list - debian/patches/CVE-2020-28241.patch: replace most malloc uses with calloc in bin/mmdblookup.c, doc/libmaxminddb.md, src/maxminddb.c. - CVE-2020-28241 ==== linux-meta: 5.4.0.53.56 => 5.4.0.54.57 ==== ==== linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual * Bump ABI 5.4.0-54 * Packaging resync (LP: #1786013) - [Packaging] resync debian/dkms-versions from main package ==== linux-signed: 5.4.0-53.59 => 5.4.0-54.60 ==== ==== linux-image-5.4.0-54-generic * Master version: 5.4.0-54.60 ==== openldap: 2.4.49+dfsg-2ubuntu1.4 => 2.4.49+dfsg-2ubuntu1.5 ==== ==== libldap-2.4-2:amd64 libldap-common * SECURITY UPDATE: assertion failure in Certificate List syntax validation - debian/patches/CVE-2020-25709.patch: properly handle error in servers/slapd/schema_init.c. - CVE-2020-25709 * SECURITY UPDATE: assertion failure in CSN normalization with invalid input - debian/patches/CVE-2020-25710.patch: properly handle error in servers/slapd/schema_init.c. - CVE-2020-25710 ==== software-properties: 0.98.9.2 => 0.98.9.3 ==== ==== python3-software-properties software-properties-common * cloudarchive: Enable support for the Wallaby Ubuntu Cloud Archive on 20.04 (LP: #1902710). -- [1] http://cloud-images.ubuntu.com/releases/focal/release-20201117/ [2] http://cloud-images.ubuntu.com/releases/focal/release-20201111/