CORRECTION: I incorrectly stated that 10.10 is a LTS release. 10.10 is NOT an LTS release and is a normal stable release.
The opening paragraph should have read: "A new release of the Ubuntu Enterprise Cloud Images for stable Ubuntu release 10.10 LTS (Maverick Meerkat) is available at [1]. These new images superseded the existing images [2]. " My apologies for any confusion this may have caused. To prevent this from happening again, I have adjusted my template accordingly. ~Ben On 10/04/2011 12:52 PM, Ben Howard wrote: > A new release of the Ubuntu Enterprise Cloud Images for stable Ubuntu > release 10.10 LTS (Maverick Meerkat) is available at [1]. These new images > superseded the existing images [2]. Images are available for download or > immediate use on EC2 via publish AMI ids. Users who wish to update their > existing installations can do so with: > 'apt-get update && apt-get distupgrade && reboot'. > > Please note that the abbreviation "uec" has been replaced with > "cloudimg" in file names > for downloadable images. > > Notable package updates: > * linux-meta update to 2.6.35.30.38 [3,4] with numerous CVE fixes [5] > * ca-certificates: blacklist "DigiNotar Root CA" due to fraudulent > certificate > issuance (LP: #837557) > * krb5 > - kadmind denial of service from freeing of uninitialized pointer. > (CVE-2011-0285) > - kdc denial of service due to double-free if PKINIT capability is > used. (CVE-2011-0284) > - kpropd denial of service via invalid network input (CVE-2010-4022) > - kdc denial of service from unauthenticated remote attackers > (CVE-2011-0281, CVE-2011-0282) > * sudo: privilege escalation via -g when using group Runas_List. > (CVE-2011-0010) > * rsync: denial of service and possible arbitrary code execution via > malformed data (CVE-2011-1097) > * perl: > - multiple intended restriction bypasses in Safe.pm. (CVE-2010-1168, > CVE-2010-1447) > - multiple issues in CGI.pm: hardcoded MIME boundary, and CRLF > injections. (CVE-2010-2716, > CVE-2010-4410, CVE-2010-4411) > - taint protection bypass via missing taint attributes. (CVE-2011-1487) > * bind9: > - denial of service via specially crafted packet. (CVE-2011-2464) > - denial of service via off-by-one. (CVE-2011-1910) > - denial of service via IXFR or DDNS update. (CVE-2011-0414) > * pam: > - multiple issues with lack of adequate privilege dropping. > (CVE-2010-3316, CVE-2010-3430, > CVE-2010-3431, CVE-2010-3435, CVE-2010-4706, CVE-2010-4707) > - privilege escalation via incorrect environment. (CVE-2010-3853) > * fuse: > - arbitrary unprivileged unmount. (CVE-2011-0541, CVE-2011-0542, > CVE-2011-0543) > - arbitrary unprivileged unmount. (CVE-2010-3879) > * util-linux: arbitrary unmount with fuse. (CVE-2010-3879) > * dpkg: relative directory and symlink following in source pkgs > (CVE-2010-1679) > * dbus > - denial of service via messages with non-native byte order. > (CVE-2011-2200) > - fix DoS with too deeply nested messages. (CVE-2010-4352, LP: #688992) > > The following packages have been updated. Please see the full changelogs > for a complete listing of changes. > > * apparmor: 2.5.1-0ubuntu0.10.10.4 > * apport: 1.14.1-0ubuntu8.1 > * apt: 0.8.3ubuntu7.2 > * bash-completion: 1:1.2-2ubuntu1.1 > * bind9: 1:9.7.1.dfsg.P2-2ubuntu0.4 > * ca-certificates: 20090814ubuntu0.10.10.1 > * curl: 7.21.0-1ubuntu1.1 > * dbus: 1.4.0-0ubuntu1.3 > * dhcp3: 3.1.3-2ubuntu6.3 > * dpkg: 1.15.8.4ubuntu3.1 > * eglibc: 2.12.1-0ubuntu10.2 > * euca2ools: 1.2-0ubuntu11.1 > * freetype: 2.4.2-2ubuntu0.2 > * fuse: 2.8.4-1ubuntu1.3 > * glib2.0: 2.26.1-0ubuntu1 > * grub2: 1.98+20100804-5ubuntu3.3 > * ifupdown: 0.6.10ubuntu3.1 > * initramfs-tools: 0.98.1ubuntu6.1 > * krb5: 1.8.1+dfsg-5ubuntu0.7 > * landscape-client: 11.07.1.1-0ubuntu0.10.10.0 > * language-selector: 0.6.8 > * libpng: 1.2.44-1ubuntu0.1 > * libxml2: 2.7.7.dfsg-4ubuntu0.2 > * linux: 2.6.35-30.59 > * linux-firmware: 1.38.6 > * linux-meta: 2.6.35.30.38 > * logrotate: 3.7.8-6ubuntu1.1 > * ntp: 1:4.2.4p8+dfsg-1ubuntu6.1 > * openldap: 2.4.23-0ubuntu3.5 > * openssh: 1:5.5p1-4ubuntu6 > * openssl: 0.9.8o-1ubuntu4.4 > * pam: 1.1.1-4ubuntu2.3 > * parted: 2.3-2ubuntu2 > * pcsc-lite: 1.5.5-3ubuntu2.1 > * perl: 5.10.1-12ubuntu2.1 > * pm-utils: 1.4.1-3ubuntu1 > * policykit-1: 0.96-2ubuntu1.1 > * python-apt: 0.7.96.1ubuntu11.2 > * rsync: 3.0.7-2ubuntu1.1 > * shadow: 1:4.1.4.2-1ubuntu3.2 > * smart: 1.3-1ubuntu0.2 > * sqlite3: 3.7.2-1ubuntu0.1 > * sudo: 1.7.2p7-1ubuntu2.1 > * sysvinit: 2.87dsf-4ubuntu19.1 > * tar: 1.23-2ubuntu2 > * tzdata: 2011j-0ubuntu0.10.10 > * update-manager: 1:0.142.23 > * upstart: 0.6.6-4 > * util-linux: 2.17.2-0ubuntu1.10.10.2 > * w3m: 0.5.2-6ubuntu1 > * xkeyboard-config: 1.8-1ubuntu8.1~10.10.1 > > > -- > > [1] http://uec-images.ubuntu.com/server/releases/maverick/release-20111001/ > [2] http://uec-images.ubuntu.com/server/releases/maverick/release-20101225/ > [3] https://launchpad.net/ubuntu/+source/linux-meta > [4] https://launchpad.net/ubuntu/+source/linux-meta/2.6.35.30.38 > -- Ben Howard [email protected] Canonical USA, Inc GPG ID 0x5406A866
signature.asc
Description: OpenPGP digital signature
-- Ubuntu-cloud mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-cloud
