UbuntuUpdates.org

Package "cloud-init"

Name: cloud-init

Description:

Init scripts for cloud instances

Latest version: 23.1.2-0ubuntu0~18.04.1
Release: bionic (18.04)
Level: updates
Repository: main

Links


Download "cloud-init"


Other versions of "cloud-init" in Bionic

Repository Area Version
base main 18.2-14-g6d48d265-0ubuntu1
security main 23.1.2-0ubuntu0~18.04.1

Changelog

Version: 23.1.2-0ubuntu0~18.04.1 2023-04-26 15:23:55 UTC

  cloud-init (23.1.2-0ubuntu0~18.04.1) bionic; urgency=medium

  * SECURITY UPDATE: Make user/vendor data sensitive and remove log permissions
    Because user data and vendor data may contain sensitive information,
    this commit ensures that any user data or vendor data written to
    instance-data.json gets redacted and is only available to root user.

    Also, modify the permissions of cloud-init.log to be 640, so that
    sensitive data leaked to the log isn't world readable.
    Additionally, remove the logging of user data and vendor data to
    cloud-init.log from the Vultr datasource.

    This is based on upstream snapshot of 23.1.2 [(LP: #2013967)]

    - d/cloud-init.postinst: postinst fixes for LP: #2013967
      Redact sensitive keys from world-readable instance-data.json on upgrade.
      Set perms 640 for /var/log/cloud-init.log on pkg upgrade.
      Redact sensitive Vultr messages from /var/log/cloud-init.log
    - (CVE-2023-1786)

 -- James Falcon <email address hidden> Fri, 21 Apr 2023 14:44:30 -0500

Source diff to previous version
CVE-2023-1786 RESERVED

Version: 23.1.1-0ubuntu0~18.04.1 2023-03-22 05:06:50 UTC

  cloud-init (23.1.1-0ubuntu0~18.04.1) bionic; urgency=medium

  * d/patches/netplan99-cannot-use-default.patch:
    - Retain routes' definitions compatible with netplan 0.99
  * d/patches/retain-netplan-world-readable.patch:
    - Retain original world-readable perms of /etc/netplan/50-cloud-init.yaml.
      Lunar made the config root read-only.
  * refresh patches:
    + debian/patches/expire-on-hashed-users.patch
  * Upstream snapshot based on 23.1.1. (LP: #2008230).
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/23.1.1/ChangeLog

 -- Alberto Contreras <email address hidden> Fri, 03 Mar 2023 10:03:11 +0100

Source diff to previous version
2008230 sru cloud-init (23.1 update) Bionic, Focal, Jammy, Kinetic

Version: 22.4.2-0ubuntu0~18.04.1 2022-12-06 00:07:13 UTC

  cloud-init (22.4.2-0ubuntu0~18.04.1) bionic; urgency=medium

  * Upstream snapshot based on 22.4.2 upstream release. (LP: #1996645)
    - List of changes from upstream can be found at
      https://raw.githubusercontent.com/canonical/cloud-init/22.4.2/ChangeLog
    - Includes (LP: #1997559, #1844191) not present in 22.4.0.

Source diff to previous version
1996645 sru cloud-init (22.3.4 to 22.4) Bionic, Focal, Jammy, Kinetic
1997559 AttributeError: 'NoneType' object has no attribute 'partition'

Version: 22.3.4-0ubuntu1~18.04.1 2022-10-14 02:07:11 UTC

  cloud-init (22.3.4-0ubuntu1~18.04.1) bionic; urgency=medium

  * New upstream bugfix release. (LP: #1987318)
    + Release 22.3.4 (LP: #1986703)
    + Fix Oracle DS primary interface when using IMDS (#1757)
      (LP: #1989686)

Source diff to previous version
1987318 sru cloud-init (22.3 update) Bionic, Focal, Jammy
1986703 Release 22.3
1989686 cloud-init sets wrong netmask causing borken network config on Oracle Cloud

Version: 22.2-0ubuntu1~18.04.3 2022-06-30 00:06:20 UTC

  cloud-init (22.2-0ubuntu1~18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: schema errors can cause cloud-init to leak
    userdata to system logs
    - d/cloud-init.postinst: redact previously leaked schema errors
      from logs
    - Remove schema errors from log (LP: #1978422)
    - CVE-2022-2084

 -- James Falcon <email address hidden> Wed, 15 Jun 2022 11:38:21 -0500

1978422 cloud-init logs leak hashed passwords
CVE-2022-2084 RESERVED



About   -   Send Feedback to @ubuntu_updates