A new release of the Ubuntu Cloud Images for stable Ubuntu release 16.04 LTS (Xenial Xerus) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with:
   'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'.

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 * dnsmasq: 2.75-1ubuntu0.16.04.7 => 2.75-1ubuntu0.16.04.8 
 * python3.5: 3.5.2-2ubuntu0~16.04.12 => 3.5.2-2ubuntu0~16.04.13 
 * screen: 4.3.1-2build1 => 4.3.1-2ubuntu0.1 


The following is a complete changelog for this image.
new: {}
removed: {}
changed: ['dnsmasq-base', 'libpython3.5-minimal:amd64', 'libpython3.5-stdlib:amd64', 'libpython3.5:amd64', 'python3.5', 'python3.5-minimal', 'screen']
new snaps: {}
removed snaps: {}
changed snaps: []
==== dnsmasq: 2.75-1ubuntu0.16.04.7 => 2.75-1ubuntu0.16.04.8 ====
====     dnsmasq-base
  * SECURITY REGRESSION: issue with multiple queries (LP: #1916462)
    - backport multiple upstream commits to fix regressions
      + 04490bf622ac84891aad6f2dd2edf83725decdee
      + 12af2b171de0d678d98583e2190789e544440e02
      + 3f535da79e7a42104543ef5c7b5fa2bed819a78b
      + 141a26f979b4bc959d8e866a295e24f8cf456920
      + 305cb79c5754d5554729b18a2c06fe7ce699687a
==== python3.5: 3.5.2-2ubuntu0~16.04.12 => 3.5.2-2ubuntu0~16.04.13 ====
====     libpython3.5-minimal:amd64 libpython3.5-stdlib:amd64 libpython3.5:amd64 python3.5 python3.5-minimal
  * SECURITY UPDATE: Code execution from content received via HTTP
    - debian/patches/CVE-2020-27619.patch: no longer call eval() on
      content received via HTTP in Lib/test/multibytecodec_support.py.
    - CVE-2020-27619
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2021-3177.patch: replace snprintf with Python unicode
      formatting in ctypes param reprs in Lib/ctypes/test/test_parameters.py,
      Modules/_ctypes/callproc.c.
    - CVE-2021-3177
==== screen: 4.3.1-2build1 => 4.3.1-2ubuntu0.1 ====
====     screen
  * SECURITY UPDATE: DoS via crafted UTF-8 character sequence
    - debian/patches/99_CVE-2021-26937.patch: fix out of bounds array
      access in encoding.c.
    - CVE-2021-26937

--
[1] http://cloud-images.ubuntu.com/releases/xenial/release-20210226/
[2] http://cloud-images.ubuntu.com/releases/xenial/release-20210224/