[ubuntu-cloud] Refreshed UEC Images of 11.04 LTS (Natty Narwhal) [20111003]
Ben Howard
ben.howard at canonical.com
Tue Oct 4 21:15:22 UTC 2011
A new release of the Ubuntu Cloud Images for stable Ubuntu
release 11.04 LTS (Natty Narwhal) is available at [1]. These new images
superseded the existing images [2]. Images are available for download or
immediate use on EC2 via publish AMI ids. Users who wish to update their
existing installations can do so with:
'apt-get update && apt-get distupgrade && reboot'.
Updates of Interest:
* linux-virtual and linux-ec2 updated [3,4]. Multiple CVE's fixed [5]
* apt: incorrect InRelease file signature validation (CVE-2011-1829)
* bind9
- denial of service via specially crafted packet. (CVE-2011-2464)
- denial of service via off-by-one. (CVE-2011-1910)
* ca-certificates: Blacklist "DigiNotar Root CA" due to fraudulent
certificate issuance
* dbus: denial of service via messages with non-native byte order.
(CVE-2011-2200)
* libxml2: denial of service and possible code execution viaspecially
crafted xml file. (CVE-2011-1944)
* logrotate
- arbitrary code execution via shell metacharacters in log filename
(CVE-2011-1154)
- denial of service via invalid characters in log filename
(CVE-2011-1155)
* libcurl: libcurl unconditional credential delegation during GSSAPI
authentication vulnerability. (CVE-2011-2192)
* pam
- multiple issues with lack of adequate privilege dropping
(CVE-2010-3430, CVE-2010-3431, CVE-2010-3435, CVE-2010-4706
CVE-2010-4707)
- privilege escalation via incorrect environment. (CVE-2010-3853)
* perl
- multiple intended restriction bypasses in Safe.pm. (CVE-2010-1447)
- taint protection bypass via missing taint attributes.
(CVE-2011-1487)
Complete package change lists (please see the full changelogs for
comprehensive
list of changes):
* apport 1.20.1-0ubuntu5.1
* apt 0.8.13.2ubuntu4.2
* bind9 19.7.3.dfsg-1ubuntu2.2
* ca-certificates 20090814+nmu2ubuntu0.1
* curl 7.21.3-1ubuntu1.3
* dbus 1.4.6-1ubuntu6.1
* dpkg 1.16.0~ubuntu7.1
* freetype 2.4.4-1ubuntu2.1
* initramfs-tools 0.98.8ubuntu3.1
* isc-dhcp 4.1.1-P1-15ubuntu9.1
* landscape-client 11.07.1.1-0ubuntu0.11.04.0
* language-selector 0.34.2
* libpng 1.2.44-1ubuntu3.1
* libxml2 2.7.8.dfsg-2ubuntu0.1
* linux 2.6.38-11.50
* linux-meta 2.6.38.11.26
* logrotate 3.7.8-6ubuntu3.1
* lxc 0.7.4-0ubuntu7.1
* ntp 14.2.6.p2+dfsg-1ubuntu5.1
* pam 1.1.2-2ubuntu8.3
* perl 5.10.1-17ubuntu4.1
* plymouth 0.8.2-2ubuntu23
* pygobject 2.28.3-1ubuntu1.1
* python-apt 0.7.100.3ubuntu6.1
* smart 1.3-1.3ubuntu0.2
* sudo 1.7.4p4-5ubuntu7.1
* tzdata 2011j-0ubuntu0.11.04
* update-manager 10.150.3
--
[1] http://uec-images.ubuntu.com/server/releases/natty/release-20111003/
[2]
http://uec-images.ubuntu.com/server/releases/natty/release-20110426/<http://www.google.com/url?sa=D&q=http://uec-images.ubuntu.com/server/releases/lucid/release-20110719/&usg=AFQjCNEbMq_0T3zlXF1Y0tHzTByb9v5SrQ>
[3] https://launchpad.net/ubuntu/+source/linux
[4] https://launchpad.net/ubuntu/+source/linux/2.6.38-11.50
[5] Kernel CVEs:
https://bugs.launchpad.net/bugs/cve/2010-1020
https://bugs.launchpad.net/bugs/cve/2011-1493
https://bugs.launchpad.net/bugs/cve/2011-2689
https://bugs.launchpad.net/bugs/cve/2011-2699
https://bugs.launchpad.net/bugs/cve/2011-2918
https://bugs.launchpad.net/bugs/cve/2011-1581
https://bugs.launchpad.net/bugs/cve/2011-2484
https://bugs.launchpad.net/bugs/cve/2011-2493
https://bugs.launchpad.net/bugs/cve/2011-1017
--
Ben Howard
ben.howard at canonical.com
Canonical USA, Inc
GPG ID 0x5406A866
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-cloud/attachments/20111004/ad80a072/attachment.pgp>
More information about the Ubuntu-cloud
mailing list