[ubuntu-cloud] END-OF-LIFE Cloud Images Refresh of Ubuntu 10.10 (Maverick Meerkat)

Ben Howard ben.howard at canonical.com
Tue Apr 10 23:14:13 UTC 2012 

The final release of the Ubuntu Cloud Images for stable Ubuntu
release 10.10 (Maverick Meerkat) is available at [1]. These new images
superseded the existing images [2]. Images are available for download
or immediate use on EC2 via publish AMI ids. Users who wish to update
their existing installations can do so with:
   'apt-get update && sudo apt-get dist-upgrade && reboot'.

As of 2012-04-10, Ubuntu 10.10 (Maverick Meerkat) has reached
end-of-life [3,4].
Users who wish to upgrade their existing Ubuntu 10.10 installations can
do so
by following the instructions found at [5]. These final images are
provided as-is,
and are not supported.

linux image was update to 2.6.35-32.67 [6].

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
 - cloud-init: 0.5.15-0ubuntu3 => 0.5.15-0ubuntu3.1
 - freetype: 2.4.2-2ubuntu0.3 => 2.4.2-2ubuntu0.4
 - gcc-4.4: 4.4.4-14ubuntu5 => 4.4.4-14ubuntu5.1
 - gnutls26: 2.8.6-1 => 2.8.6-1ubuntu0.1
 - libpng: 1.2.44-1ubuntu0.2 => 1.2.44-1ubuntu0.4
 - linux: 2.6.35-32.66 => 2.6.35-32.67

CVE Updates:
*gnutls26
  - Denial of service in client application
      CVE-2011-4128
  - Denial of service via crafted TLS record
    - CVE-2012-1573
* libpnglibpng:
 - denial of service and possible code execution via incorrect type.
      CVE-2011-3045
 - denial of service and possible code execution via incorrect type.
      CVE-2011-3045
* freetype:
 - Denial of service via crafted BDF font:
      CVE-2012-1126, CVE-2012-1127, CVE-2012-1136,
      CVE-2012-1133, CVE-2012-1137, CVE-2012-1139,
      CVE-2012-1141
 - Denial of service via crafted TrueType font:
      CVE-2012-1128, CVE-2012-1131, CVE-2012-1135,
      CVE-2012-1138, CVE-2012-1144
 - Denial of service via crafted Type42 font
      CVE-2012-1129
 - Denial of service via crafted PCF font
      CVE-2012-1130
 - Denial of service via crafted Type1 font:
      CVE-2012-1132, CVE-2012-1134
 - Denial of service via crafted PostScript font
      CVE-2012-1140
 - Denial of service via crafted Windows FNT/FON font
      CVE-2012-1142
 - Denial of service via crafted font
      CVE-2012-1143

--
[1]
http://cloud-images-images.ubuntu.com/server/releases/maverick/release-20120410
[2]
http://cloud-images-images.ubuntu.com/server/releases/maverick/release-20120310
[3] https://lists.ubuntu.com/archives/ubuntu-announce/2012-April/000158.html
[4] https://wiki.ubuntu.com/Releases
[5] https://help.ubuntu.com/community/NattyUpgrades
[6] https://launchpad.net/ubuntu/+source/linux/2.6.35-32.67

-- 


Ben Howard
ben.howard at canonical.com
Canonical USA, Inc
GPG ID 0x5406A866




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-cloud/attachments/20120410/cdd6e760/attachment.pgp>

More information about the Ubuntu-cloud mailing list