[ubuntu-cloud-announce] Refreshed Cloud Images of Ubuntu 12.04 LTS (Precise Pangolin) [20120616]
Ben Howard
ben.howard at canonical.com
Tue Jun 26 18:09:38 UTC 2012
A new release of the Ubuntu Cloud Images for stable Ubuntu
release 12.04 LTS (Precise Pangolin) is available at [1]. These new images
superseded the existing images [2]. Images are available for download or
immediate use on EC2 via publish AMI ids. Users who wish to update their
existing installations can do so with:
'apt-get update && sudo apt-get dist-upgrade && reboot'.
Kernel Updates:
- linux-image has been updated to 3.2.0-25-virtual [3]
- linux-meta has been updated to 3.2.0.25-27 [4]
Import image specific change: Grub has been configured so that grub-pc does
not force a debconf configuration prompt. This fixes (LP: 1009294).
The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
- apparmor: 2.7.102-0ubuntu3 => 2.7.102-0ubuntu3.1
- apport: 2.0.1-0ubuntu5 => 2.0.1-0ubuntu8
- apt: 0.8.16~exp12ubuntu10 => 0.8.16~exp12ubuntu10.2
- bind9: 1:9.8.1.dfsg.P1-4 => 1:9.8.1.dfsg.P1-4ubuntu0.1
- cyrus-sasl2: 2.1.25.dfsg1-3 => 2.1.25.dfsg1-3ubuntu0.1
- euca2ools: 2.0.0~bzr516-0ubuntu3 => 2.0.0~bzr516-0ubuntu3.1
- glib2.0: 2.32.1-0ubuntu2 => 2.32.3-0ubuntu1
- grub2: 1.99-21ubuntu3 => 1.99-21ubuntu3.1
- hdparm: 9.37-0ubuntu3 => 9.37-0ubuntu3.1
- isc-dhcp: 4.1.ESV-R4-0ubuntu5 => 4.1.ESV-R4-0ubuntu5.1
- krb5: 1.10+dfsg~beta1-2 => 1.10+dfsg~beta1-2ubuntu0.1
- libgcrypt11: 1.5.0-3 => 1.5.0-3ubuntu0.1
- libtasn1-3: 2.10-1ubuntu1 => 2.10-1ubuntu1.1
- libxml2: 2.7.8.dfsg-5.1ubuntu4 => 2.7.8.dfsg-5.1ubuntu4.1
- linux: 3.2.0-23.36 => 3.2.0-25.40
- linux-meta: 3.2.0.23.25 => 3.2.0.25.27
- lvm2: 2:1.02.48-4ubuntu7 => 2:1.02.48-4ubuntu7.1
- ntp: 1:4.2.6.p3+dfsg-1ubuntu3 => 1:4.2.6.p3+dfsg-1ubuntu3.1
- openssl: 1.0.1-4ubuntu3 => 1.0.1-4ubuntu5.2
- policykit-1: 0.104-1 => 0.104-1ubuntu1
- pygobject: 3.2.0-3 => 3.2.2-1~precise
- resolvconf: 1.63ubuntu11 => 1.63ubuntu14
- software-properties: 0.82.7 => 0.82.7.1
- sudo: 1.8.3p1-1ubuntu3 => 1.8.3p1-1ubuntu3.3
- update-manager: 1:0.156.14 => 1:0.156.14.5
- update-notifier: 0.119ubuntu8.1 => 0.119ubuntu8.4
- upstart: 1.5-0ubuntu5 => 1.5-0ubuntu7
- vim: 2:7.3.429-2ubuntu2 => 2:7.3.429-2ubuntu2.1
CVE Updates:
* apt
- Disable apt-key net-update for now, as validation code is still
insecure
CVE-2012-0954
* bind9
- Restrict the TTL of NS RRset to no more than that of the old NS
RRset when replacing it.
CVE-2012-1033
- denial of service via zero length rdata handling
CVE-2012-1667
* libxml2
- Fix an off by one pointer access in xpointer.c
CVE-2011-3102
* libtasn1-3
- denial of service and possible code execution via certain large
length values.
CVE-2012-1569
* openssl
- denial of service attack in DTLS, TLS v1.1 and TLS v1.2 implementation
CVE-2012-2333
* sudo
- Properly handle multiple netmasks in sudoers Host and Host_List values
CVE-2012-2337
* update-manager
- Incomplete fix for CVE-2012-0949
CVE-2012-0950
- Incorrect permissions on system_state archive may expose repo passwords
CVE-2012-0948
- Apport hook may upload system_state archive containing repo passwords
CVE-2012-0949
--
[1]
http://cloud-images-images.ubuntu.com/server/releases/12.04/release-20120616
[2]
http://cloud-images-images.ubuntu.com/server/releases/natty/release-20120424/
[3] https://launchpad.net/ubuntu/+source/linux/3.2.0-25.40
[4] https://launchpad.net/ubuntu/+source/linux-meta/3.2.0.25.27
--
Ben Howard
ben.howard at canonical.com
Canonical USA, Inc
GPG ID 0x5406A866
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-cloud-announce/attachments/20120626/dcf91123/attachment.pgp>
More information about the Ubuntu-cloud-announce
mailing list