Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 30 Jun 2020 17:20:38 -0700 Source: cloud-init Architecture: source Version: 20.2-2~deb10u1 Distribution: buster Urgency: medium Maintainer: Debian Cloud Team <debian-cloud@lists.debian.org> Changed-By: Noah Meyerhans <no...@debian.org> Closes: 866613 931173 936030 942968 949940 951362 951363 954276 954363 Changes: cloud-init (20.2-2~deb10u1) buster; urgency=medium . * Release for buster. No further changes. . cloud-init (20.2-2) unstable; urgency=medium . * Add missing Build-Dep on python3-pytest . cloud-init (20.2-1) unstable; urgency=medium . * New upstream version * Drop patches that have been merged upstream * Switch to pytest for running tests, per upstream change . cloud-init (20.1-2) unstable; urgency=medium . * Fix python 3.8 incompatibility (Closes: #954276) * Cherry-pick fa1abfec2705 (ec2: only redact token request headers in logs, avoid altering request) from upstream. (Closes: #954363) * Cherry-pick 1f860e5ac7eb (ec2: Do not fallback to IMDSv1 on EC2) from upstream. . cloud-init (20.1-1) unstable; urgency=medium . * New upstream release * Remove patches applied upstream: - CVE-2020-8631.patch - CVE-2020-8632.patch * Refresh patches: - 0009-Drop-all-unused-extended-version-handling.patch * Reduce cloud-guest-utils from Depends to Recommends * Bump standards version to 4.5.0 (no changes needed) * Remove Charles Plessy <ple...@debian.org> from uploaders, as he is no longer active in the cloud team. . cloud-init (19.4-2) unstable; urgency=medium . * Import upstream fix for CVE-2020-8632. rand_user_password generates passwords of insufficient length. (Closes: #951363) * Import upstream fix for CVE-2020-8631. Cloud-init uses an insufficient source of randomness when generating passwords. (Closes: #951362) . cloud-init (19.4-1) unstable; urgency=medium . * New upstream release. * Update debian/copyright to note dual-dual license status (Closes: #866613) . cloud-init (19.3-2) unstable; urgency=medium . * Build-depends on python3-pep8 instead of just pep8 (Closes: #949940). . cloud-init (19.3-1) unstable; urgency=medium . * New upstream release. . cloud-init (19.2-4) unstable; urgency=medium . * Removed the last bit of Python2 build-depends (Closes: #942968). . cloud-init (19.2-3) unstable; urgency=medium . * Remove the patch for sources.list, and activate the option to preserve the sources.list by default (ie: apt_preserve_sources_list: true). . cloud-init (19.2-2) unstable; urgency=medium . * Comment out backports by default in apt/sources.list. * Standards-Version bump to 4.4.1. . cloud-init (19.2-1) unstable; urgency=medium . * New upstream release. (Closes: #931173, #936030) * Drop 0008-opennebula-also-exclude-epochseconds-from-changed-en.patch applied upstream. * Drop CVE-2019-0816_Filter_list_of_ssh_keys_pulled_from_fabric.patch also applied upstream. * Rebased patches: - 0009-Drop-all-unused-extended-version-handling.patch - 0012-Fix-message-when-a-local-is-missing.patch Checksums-Sha1: fe764826b5534935923e9a584a9c72c0a30cafce 2431 cloud-init_20.2-2~deb10u1.dsc eb57352354a456aaa445582cf63ae473d6c1d957 24584 cloud-init_20.2-2~deb10u1.debian.tar.xz 55040f321790848fac55d22fc72c42115105f330 6811 cloud-init_20.2-2~deb10u1_source.buildinfo Checksums-Sha256: 7cdf98518ba4f43310871e4d053ad6249f3fa80711af0843c00798826f945c1a 2431 cloud-init_20.2-2~deb10u1.dsc 8a2c8f7fd71b2aa0ffd87a4bd2eafdb1cbbaa678fb258a6dfc948b267989b776 24584 cloud-init_20.2-2~deb10u1.debian.tar.xz 0765e7a161cd788e0d7ec79c4e851fec0ea88f2c2906c7efc24aba2c5537b1ce 6811 cloud-init_20.2-2~deb10u1_source.buildinfo Files: 09c97cecb5a7a6af6e79a27d4f16cd3d 2431 admin optional cloud-init_20.2-2~deb10u1.dsc d52bad7a8f97a029fd425786303b19da 24584 admin optional cloud-init_20.2-2~deb10u1.debian.tar.xz 54248fa5f8985a08396bd120ffe0495a 6811 admin optional cloud-init_20.2-2~deb10u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEE65xaF5r2LDCTz+zyV68+Bn2yWDMFAl7/dG0RHG5vYWhtQGRl Ymlhbi5vcmcACgkQV68+Bn2yWDNgqA/+IHrfnlmz8nBSpBEBa5Qz1/vQrpA+HaYn V1DLZyO7/hcZcHlcT2S1OudeHnbjjhdfjVVjndj+Dum8MpTZBEbXyBcte7IvaUSm SGFc86RPeHpM9PrPgQCOBHf/7nquSQ0hn0OE9Liko1y3aWpKmYo3KMvXnCo4R1ov abgtxoh9AtTMyauaZh+jUnfV9b+opkyUk7bVhAATDfoXH8jJ1BveDLzoFo5Q7kcZ cViz0rib8eEqBoCBtWE+JYIPD37Ts0RzW/F/10XAgQeIAh1Ut5+lx5BvhjPt5BfM IE7E0ddJrdLCI70CO0IPAQPaeFF6BO6mp40Jp2ffvCMovU5dzVNWHc1aLyJ94R9F NQJJmAchkuSum2fWBO5U7vqKMB8rkWzMg3qnH6PnOeSKU58jKqFIfkqxN7zwWZLD klpP5fty6CD+IAY6EDv4C1c4DIg6DBZsovKkPef5+hPtO/vaWADQJDJdcxmyDRn2 U7ughSDdGyiimlXeN5vqHPsDles2XuWT4z7hdTi9qCpzwXj4Je3y45FEsmXGLIOQ IL+ieo1mqj9RPtp8foyS5dBHQLZR++hRIdJYvVEEH/itGRAYQ94mO9b0qnAOm3Y8 ZmWEst4Njp4Yt3kkik548eN89sfPgSCZFpupa4Nf8993KFpUAVHTdpsKf4BL8h7i hpijyxlTYH0= =Rkhl -----END PGP SIGNATURE----- Thank you for your contribution to Debian.