[ubuntu-cloud] Refreshed Cloud Images of 10.04 LTS (Lucid Lynx) [20120221]
Ben Howard
ben.howard at canonical.com
Tue Feb 21 20:02:07 UTC 2012
A new release of the Ubuntu Enterprise Cloud Images for stable Ubuntu
release 10.04.4 LTS (Lucid Lynx) is available at [1]. These new images
superseded the existing images [2]. Images are available for download or
immediate use on EC2 via publish AMI ids. Users who wish to update their
existing installations can do so with:
'apt-get update && apt-get distupgrade && reboot'.
This update refreshes the Cloud Images from Ubuntu 10.04.3 to 10.04.4.
The release notes for 10.04.4 can be found at [3].
CVE Updates:
* linux-image:
- Fix a NULL pointer deref in the user-defined key type (CVE-2011-4110)
* libpng:
- adjust pngrutil.c to verify size when allocating memory in
png_decompress_chunk() (CVE-2011-3026)
* libxml2:
- fix off-by-one leading to denial of service encoding.c
(CVE-2011-0216)
- fix double free in XPath evaluation (CVE-2011-2834)
- fix out of bounds read (CVE-2011-3905)
- fix heap overflow (CVE-2011-3919)
* python-software-properties:
- incorrect ssl certificate validation (CVE-2011-4407)
* openssl:
- ECDSA private key timing attack (CVE-2011-1945)
- ECDH ciphersuite denial of service (CVE-2011-3210)
- DTLS plaintext recovery attack (CVE-2011-4108)
- policy check double free vulnerability (CVE-2011-4019)
- SSL 3.0 block padding exposure (CVE-2011-4576)
- malformed RFC 3779 data denial of service attack (CVE-2011-4577)
- Server Gated Cryptography (SGC) denial of service (CVE-2011-4619)
- fix for CVE-2011-4108 denial of service attack (CVE-2012-0050)
The following packages have been updated. Please see the full changelogs
for a complete listing of changes:
apt => 0.7.25.3ubuntu9.9
base-files => 5.0.0ubuntu20.10.04.4
grub2 => 1.98-1ubuntu12
lazr.restfulclient => 0.9.11-1ubuntu1.1
libpng => 1.2.42-1ubuntu2.2
libxml2 => 2.7.6.dfsg-1ubuntu1.2
linux => 2.6.32-37.81
linux-ec2 => 2.6.32-341.42
linux-meta => 2.6.32.37.43
linux-meta-ec2 => 2.6.32.341.22
openldap => 2.4.21-0ubuntu5.6
openssl => 0.9.8k-7ubuntu8.6
software-properties => 0.75.10.1
sysvinit => 2.87dsf-4ubuntu17.4
unattended-upgrades => 0.55ubuntu6
update-manager => 10.134.11.1
--
[1] http://cloud-images.ubuntu.com/releases/lucid/release-20120221/
[2] http://cloud-images.ubuntu.com/releases/lucid/release-20120110/
[3] https://wiki.ubuntu.com/LucidLynx/ReleaseNotes
--
Ben Howard
ben.howard at canonical.com
Canonical USA, Inc
GPG ID 0x5406A866
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-cloud/attachments/20120221/9d0f0aab/attachment.pgp>
More information about the Ubuntu-cloud
mailing list