[ubuntu-cloud] Refreshed Cloud Images of 10.10 (Maverick Meerkat) [20111001]
Ben Howard
ben.howard at canonical.com
Tue Oct 4 18:52:10 UTC 2011
A new release of the Ubuntu Enterprise Cloud Images for stable Ubuntu
release 10.10 LTS (Maverick Meerkat) is available at [1]. These new images
superseded the existing images [2]. Images are available for download or
immediate use on EC2 via publish AMI ids. Users who wish to update their
existing installations can do so with:
'apt-get update && apt-get distupgrade && reboot'.
Please note that the abbreviation "uec" has been replaced with
"cloudimg" in file names
for downloadable images.
Notable package updates:
* linux-meta update to 2.6.35.30.38 [3,4] with numerous CVE fixes [5]
* ca-certificates: blacklist "DigiNotar Root CA" due to fraudulent
certificate
issuance (LP: #837557)
* krb5
- kadmind denial of service from freeing of uninitialized pointer.
(CVE-2011-0285)
- kdc denial of service due to double-free if PKINIT capability is
used. (CVE-2011-0284)
- kpropd denial of service via invalid network input (CVE-2010-4022)
- kdc denial of service from unauthenticated remote attackers
(CVE-2011-0281, CVE-2011-0282)
* sudo: privilege escalation via -g when using group Runas_List.
(CVE-2011-0010)
* rsync: denial of service and possible arbitrary code execution via
malformed data (CVE-2011-1097)
* perl:
- multiple intended restriction bypasses in Safe.pm. (CVE-2010-1168,
CVE-2010-1447)
- multiple issues in CGI.pm: hardcoded MIME boundary, and CRLF
injections. (CVE-2010-2716,
CVE-2010-4410, CVE-2010-4411)
- taint protection bypass via missing taint attributes. (CVE-2011-1487)
* bind9:
- denial of service via specially crafted packet. (CVE-2011-2464)
- denial of service via off-by-one. (CVE-2011-1910)
- denial of service via IXFR or DDNS update. (CVE-2011-0414)
* pam:
- multiple issues with lack of adequate privilege dropping.
(CVE-2010-3316, CVE-2010-3430,
CVE-2010-3431, CVE-2010-3435, CVE-2010-4706, CVE-2010-4707)
- privilege escalation via incorrect environment. (CVE-2010-3853)
* fuse:
- arbitrary unprivileged unmount. (CVE-2011-0541, CVE-2011-0542,
CVE-2011-0543)
- arbitrary unprivileged unmount. (CVE-2010-3879)
* util-linux: arbitrary unmount with fuse. (CVE-2010-3879)
* dpkg: relative directory and symlink following in source pkgs
(CVE-2010-1679)
* dbus
- denial of service via messages with non-native byte order.
(CVE-2011-2200)
- fix DoS with too deeply nested messages. (CVE-2010-4352, LP: #688992)
The following packages have been updated. Please see the full changelogs
for a complete listing of changes.
* apparmor: 2.5.1-0ubuntu0.10.10.4
* apport: 1.14.1-0ubuntu8.1
* apt: 0.8.3ubuntu7.2
* bash-completion: 1:1.2-2ubuntu1.1
* bind9: 1:9.7.1.dfsg.P2-2ubuntu0.4
* ca-certificates: 20090814ubuntu0.10.10.1
* curl: 7.21.0-1ubuntu1.1
* dbus: 1.4.0-0ubuntu1.3
* dhcp3: 3.1.3-2ubuntu6.3
* dpkg: 1.15.8.4ubuntu3.1
* eglibc: 2.12.1-0ubuntu10.2
* euca2ools: 1.2-0ubuntu11.1
* freetype: 2.4.2-2ubuntu0.2
* fuse: 2.8.4-1ubuntu1.3
* glib2.0: 2.26.1-0ubuntu1
* grub2: 1.98+20100804-5ubuntu3.3
* ifupdown: 0.6.10ubuntu3.1
* initramfs-tools: 0.98.1ubuntu6.1
* krb5: 1.8.1+dfsg-5ubuntu0.7
* landscape-client: 11.07.1.1-0ubuntu0.10.10.0
* language-selector: 0.6.8
* libpng: 1.2.44-1ubuntu0.1
* libxml2: 2.7.7.dfsg-4ubuntu0.2
* linux: 2.6.35-30.59
* linux-firmware: 1.38.6
* linux-meta: 2.6.35.30.38
* logrotate: 3.7.8-6ubuntu1.1
* ntp: 1:4.2.4p8+dfsg-1ubuntu6.1
* openldap: 2.4.23-0ubuntu3.5
* openssh: 1:5.5p1-4ubuntu6
* openssl: 0.9.8o-1ubuntu4.4
* pam: 1.1.1-4ubuntu2.3
* parted: 2.3-2ubuntu2
* pcsc-lite: 1.5.5-3ubuntu2.1
* perl: 5.10.1-12ubuntu2.1
* pm-utils: 1.4.1-3ubuntu1
* policykit-1: 0.96-2ubuntu1.1
* python-apt: 0.7.96.1ubuntu11.2
* rsync: 3.0.7-2ubuntu1.1
* shadow: 1:4.1.4.2-1ubuntu3.2
* smart: 1.3-1ubuntu0.2
* sqlite3: 3.7.2-1ubuntu0.1
* sudo: 1.7.2p7-1ubuntu2.1
* sysvinit: 2.87dsf-4ubuntu19.1
* tar: 1.23-2ubuntu2
* tzdata: 2011j-0ubuntu0.10.10
* update-manager: 1:0.142.23
* upstart: 0.6.6-4
* util-linux: 2.17.2-0ubuntu1.10.10.2
* w3m: 0.5.2-6ubuntu1
* xkeyboard-config: 1.8-1ubuntu8.1~10.10.1
--
[1] http://uec-images.ubuntu.com/server/releases/maverick/release-20111001/
[2] http://uec-images.ubuntu.com/server/releases/maverick/release-20101225/
[3] https://launchpad.net/ubuntu/+source/linux-meta
[4] https://launchpad.net/ubuntu/+source/linux-meta/2.6.35.30.38
--
Ben Howard
ben.howard at canonical.com
Canonical USA, Inc
GPG ID 0x5406A866
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-cloud/attachments/20111004/10376aef/attachment.pgp>
More information about the Ubuntu-cloud
mailing list