UbuntuUpdates.org

Package "cloud-init"

Name: cloud-init

Description:

initialization and customization tool for cloud instances

Latest version: 25.1.4-0ubuntu0~22.04.1
Release: jammy (22.04)
Level: security
Repository: main
Homepage: https://cloud-init.io/

Links


Download "cloud-init"


Other versions of "cloud-init" in Jammy

Repository Area Version
base main 22.1-14-g2e17a0d6-0ubuntu1~22.04.5
updates main 25.1.4-0ubuntu0~22.04.1

Changelog

Version: 25.1.4-0ubuntu0~22.04.1 2025-07-29 19:06:49 UTC

  cloud-init (25.1.4-0ubuntu0~22.04.1) jammy-security; urgency=medium

  * refresh patches:
    - d/p/revert-usr-lib-systemd-units.patch
  * Upstream snapshot based on 25.1.4.
    List of changes from upstream can be found at
    https://raw.githubusercontent.com/canonical/cloud-init/25.1.4/ChangeLog
    - Bugs fixed in this snapshot:
      + fix: disable cloud-init when non-x86 environments have no DMI-data
        and no strict datasources detected (LP: #2069607) (CVE-2024-6174)

 -- Chad Smith <email address hidden> Tue, 24 Jun 2025 15:15:25 -0600

Source diff to previous version
2069607 Remove hard coded IP addresses
CVE-2024-6174 When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default co

Version: 23.1.2-0ubuntu0~22.04.1 2023-04-26 01:07:00 UTC

  cloud-init (23.1.2-0ubuntu0~22.04.1) jammy; urgency=medium

  * SECURITY UPDATE: Make user/vendor data sensitive and remove log permissions
    Because user data and vendor data may contain sensitive information,
    this commit ensures that any user data or vendor data written to
    instance-data.json gets redacted and is only available to root user.

    Also, modify the permissions of cloud-init.log to be 640, so that
    sensitive data leaked to the log isn't world readable.
    Additionally, remove the logging of user data and vendor data to
    cloud-init.log from the Vultr datasource.

    This is based on upstream snapshot of 23.1.2 [(LP: #2013967)]

    - d/cloud-init.postinst: postinst fixes for LP: #2013967
      Redact sensitive keys from world-readable instance-data.json on upgrade.
      Set perms 640 for /var/log/cloud-init.log on pkg upgrade.
      Redact sensitive Vultr messages from /var/log/cloud-init.log
    - (CVE-2023-1786)

 -- James Falcon <email address hidden> Thu, 20 Apr 2023 20:37:40 -0500

Source diff to previous version
CVE-2023-1786 RESERVED

Version: 22.2-0ubuntu1~22.04.3 2022-06-29 23:06:29 UTC

  cloud-init (22.2-0ubuntu1~22.04.3) jammy-security; urgency=medium

  * SECURITY UPDATE: schema errors can cause cloud-init to leak
    userdata to system logs
    - d/cloud-init.postinst: redact previously leaked schema errors
      from logs
    - Remove schema errors from log (LP: #1978422)
    - CVE-2022-2084

 -- James Falcon <email address hidden> Tue, 14 Jun 2022 06:31:00 -0500

1978422 cloud-init logs leak hashed passwords
CVE-2022-2084 RESERVED



About   -   Send Feedback to @ubuntu_updates