[ubuntu-cloud] Refreshed Cloud Images of 10.04 LTS (Lucid Lynx) [20120221]

Ben Howard ben.howard at canonical.com
Tue Feb 21 20:02:07 UTC 2012


A new release of the Ubuntu Enterprise Cloud Images for stable Ubuntu
release 10.04.4 LTS (Lucid Lynx) is available at [1]. These new images
superseded the existing images [2]. Images are available for download or
immediate use on EC2 via publish AMI ids. Users who wish to update their
existing installations can do so with:
   'apt-get update && apt-get distupgrade && reboot'.

This update refreshes the Cloud Images from Ubuntu 10.04.3 to 10.04.4.
The release notes for 10.04.4 can be found at [3].

CVE Updates:
  * linux-image:
     - Fix a NULL pointer deref in the user-defined key type (CVE-2011-4110)
   * libpng:
     - adjust pngrutil.c to verify size when allocating memory in
          png_decompress_chunk() (CVE-2011-3026)
  * libxml2:
     - fix off-by-one leading to denial of service encoding.c
(CVE-2011-0216)
     - fix double free in XPath evaluation (CVE-2011-2834)
     - fix out of bounds read (CVE-2011-3905)
     - fix heap overflow (CVE-2011-3919)
  * python-software-properties:
     - incorrect ssl certificate validation (CVE-2011-4407)
  * openssl:
     - ECDSA private key timing attack (CVE-2011-1945)
     - ECDH ciphersuite denial of service (CVE-2011-3210)
     - DTLS plaintext recovery attack (CVE-2011-4108)
     - policy check double free vulnerability (CVE-2011-4019)
     - SSL 3.0 block padding exposure (CVE-2011-4576)
     - malformed RFC 3779 data denial of service attack (CVE-2011-4577)
     - Server Gated Cryptography (SGC) denial of service (CVE-2011-4619)
     - fix for CVE-2011-4108 denial of service attack (CVE-2012-0050)

The following packages have been updated. Please see the full changelogs
for a complete listing of changes:

apt => 0.7.25.3ubuntu9.9
base-files => 5.0.0ubuntu20.10.04.4
grub2 => 1.98-1ubuntu12
lazr.restfulclient => 0.9.11-1ubuntu1.1
libpng => 1.2.42-1ubuntu2.2
libxml2 => 2.7.6.dfsg-1ubuntu1.2
linux => 2.6.32-37.81
linux-ec2 => 2.6.32-341.42
linux-meta => 2.6.32.37.43
linux-meta-ec2 => 2.6.32.341.22
openldap => 2.4.21-0ubuntu5.6
openssl => 0.9.8k-7ubuntu8.6
software-properties => 0.75.10.1
sysvinit => 2.87dsf-4ubuntu17.4
unattended-upgrades => 0.55ubuntu6
update-manager => 10.134.11.1



--

[1] http://cloud-images.ubuntu.com/releases/lucid/release-20120221/
[2] http://cloud-images.ubuntu.com/releases/lucid/release-20120110/
[3] https://wiki.ubuntu.com/LucidLynx/ReleaseNotes

-- 


Ben Howard
ben.howard at canonical.com
Canonical USA, Inc
GPG ID 0x5406A866




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-cloud/attachments/20120221/9d0f0aab/attachment.pgp>


More information about the Ubuntu-cloud mailing list