A new release of the Ubuntu Cloud Images for stable Ubuntu release 20.04 LTS (Focal Fossa) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * bind9: 1:9.16.1-0ubuntu2.10 => 1:9.16.1-0ubuntu2.11 * pcre2: 10.34-7 => 10.34-7ubuntu0.1 * sosreport: 4.3-1ubuntu0.20.04.1 => 4.3-1ubuntu0.20.04.2 * systemd: 245.4-4ubuntu3.17 => 245.4-4ubuntu3.18 The following is a complete changelog for this image. new: {} removed: {} changed: ['bind9-dnsutils', 'bind9-host', 'bind9-libs:amd64', 'libnss-systemd:amd64', 'libpam-systemd:amd64', 'libpcre2-8-0:amd64', 'libsystemd0:amd64', 'libudev1:amd64', 'sosreport', 'systemd', 'systemd-sysv', 'systemd-timesyncd', 'udev'] new snaps: {} removed snaps: {} changed snaps: ['snapd'] ==== bind9: 1:9.16.1-0ubuntu2.10 => 1:9.16.1-0ubuntu2.11 ==== ==== bind9-dnsutils bind9-host bind9-libs:amd64 * SECURITY UPDATE: Processing large delegations may severely degrade resolver performance - debian/patches/CVE-2022-2795.patch: add limit to lib/dns/resolver.c. - CVE-2022-2795 * SECURITY UPDATE: memory leak in ECDSA DNSSEC verification code - debian/patches/CVE-2022-38177.patch: fix return handling in lib/dns/opensslecdsa_link.c. - CVE-2022-38177 * SECURITY UPDATE: memory leaks in EdDSA DNSSEC verification code - debian/patches/CVE-2022-38178.patch: fix return handling in lib/dns/openssleddsa_link.c. - CVE-2022-38178 ==== pcre2: 10.34-7 => 10.34-7ubuntu0.1 ==== ==== libpcre2-8-0:amd64 * SECURITY UPDATE: out-of-bounds read in pcre2_jit_compile - Fix a unicode property matching issue and an incorrect value reading in JIT in src/pcre2_jit_compile.c and src/pcre2_jit_test.c. - Fix a recursions issue in JIT caused by duplicated data transfers in src/pcre2_jit_compile.c and src/pcre2_jit_test.c. - CVE-2022-1586 - CVE-2022-1587 ==== sosreport: 4.3-1ubuntu0.20.04.1 => 4.3-1ubuntu0.20.04.2 ==== ==== sosreport * SECURITY UPDATE: Exposed sensitive information - debian/patches/CVE-2022-2806.patch: filter out all password keys in sos/report/plugins/ovirt.py. - CVE-2022-2806 ==== systemd: 245.4-4ubuntu3.17 => 245.4-4ubuntu3.18 ==== ==== libnss-systemd:amd64 libpam-systemd:amd64 libsystemd0:amd64 libudev1:amd64 systemd systemd-sysv systemd-timesyncd udev [ Nick Rosbrook ] * core: make sure we don't get confused when setting TERM for a tty fd (LP: #1959475) File: debian/patches/lp1959475-core-make-sure-we-don-t-get-confused-when-setting-TERM-fo.patch https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b10c6853050dde26665caf3b15444d768d2bc498 * shared/calendarspec: when mktime() moves us backwards, jump forward (LP: #1966800) File: debian/patches/lp1966800-shared-calendarspec-when-mktime-moves-us-backwards-jump-f.patch https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1f063541e44f6ff1a6904676d4264a2e49a09594 * network: do not remove localhost address (LP: #1979951) File: debian/patches/lp1979951-network-do-not-remove-localhost-address.patch https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=87f872b8c5451f353601fb606e7fd7a479217cef * units: remove the restart limit on the modprobe@.service (LP: #1982462) File: debian/patches/lp1982462-units-remove-the-restart-limit-on-the-modprobe-.service.patch https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=68353ffaf3539e6a58ef62a8b50850f56eae29ea [ Mustafa Kemal Gilor ] * d/p/lp1978079-efi-pstore-not-cleared-on-boot.patch: pstore: Run after modules are loaded. Thanks to Alexander Graf . (LP: #1978079) Author: Mustafa Kemal Gilor File: debian/patches/lp1978079-efi-pstore-not-cleared-on-boot.patch https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=6e60756f2079d6408abdb967127a1d9b9a0eba8c -- [1] http://cloud-images.ubuntu.com/releases/focal/release-20221003/ [2] http://cloud-images.ubuntu.com/releases/focal/release-20220920/