A new release of the Ubuntu Cloud Images for stable Ubuntu release 22.10 (Kinetic Kudu) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * git: 1:2.37.2-1ubuntu1.2 => 1:2.37.2-1ubuntu1.4 The following is a complete changelog for this image. new: {} removed: {} changed: ['git', 'git-man'] new snaps: {} removed snaps: {} changed snaps: [] ==== git: 1:2.37.2-1ubuntu1.2 => 1:2.37.2-1ubuntu1.4 ==== ==== git git-man * SECURITY UPDATE: Overwritten path and using local clone optimization even when using a non-local transport - debian/patches/CVE_2023-22490_and_23946/0002-*.patch: adjust a mismatch data type in attr.c. - debian/patches/CVE_2023-22490_and_23946/0003-*.patch: demonstrate clone_local() with ambiguous transport in t/t5619-clone-local-ambiguous-transport.sh. - debian/patches/CVE_2023-22490_and_23946/0004-*.patch: delay picking a transport until after get_repo_path() in builtin/clone.c. - debian/patches/CVE_2023-22490_and_23946/0005-*.patch: prevent top-level symlinks without FOLLOW_SYMLINKS in dir-iterator, dir-iterator.h, t/t0066-dir-iterator.sh, t/t5604-clone-reference.sh. - debian/patches/CVE_2023-22490_and_23946/0006-*.patch: fix writing behind newly created symbolic links in apply.c, t/t4115-apply-symlink.sh. - CVE-2023-22490 - CVE-2023-23946 -- [1] http://cloud-images.ubuntu.com/releases/kinetic/release-20230215/ [2] http://cloud-images.ubuntu.com/releases/kinetic/release-20230214/