ELSA-2020-3898 - cloud-init security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2020-10-06 |
Description
[19.4-7.0.3]
- Add conditional restart of NetworkManager for cloud-final. [Orabug: 31965645]
- Correct postinstall upgrade cloud-init.service mismerge order.
[19.4-7.0.1]
- Add Oracle Linux variant to known distros
- Add cloud-init hotplug event handling support [Orabug: 30485135]
- Oracle data source should configure secondary VNICs [Orabug: 30487563]
- Add support for netfailover detection [Orabug: 30487591]
- Avoid hotplug handling when configure_secondary_nics is disabled [Orabug: 31086905]
- Set per-platform default NM_CONTROLLED=no for OCI [Orabug: 31086905]
- Remove secondary VNIC config from cache for hot unplug [Orabug: 31086905]
- Fix OL distro specific issues and dependency compatibility [Orabug: 30435672]
- Fix swap file size allocation logic to allocate maxsize [Orabug: 29952349]
- Make Oracle datasource detect dracut based config files [Orabug: 29956753]
[19.4-7.el7]
- ci-ec2-only-redact-token-request-headers-in-logs-avoid-.patch [bz#1821999]
- Resolves: bz#1821999
([RHEL7.9] Do not log IMDSv2 token values into cloud-init.log)
[19.4-6.el7]
- ci-Use-reload-or-try-restart-instead-of-try-reload-or-r.patch [bz#1748015]
- ci-ec2-Do-not-log-IMDSv2-token-values-instead-use-REDAC.patch [bz#1821999]
- Resolves: bz#1748015
([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok))
- Resolves: bz#1821999
([RHEL7.9] Do not log IMDSv2 token values into cloud-init.log)
[19.4-5.el7]
- ci-Remove-race-condition-between-cloud-init-and-Network-v2.patch [bz#1748015]
- ci-cc_mounts-fix-incorrect-format-specifiers-316.patch [bz#1772505]
- Resolves: bz#1748015
([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok))
- Resolves: bz#1772505
([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init)
[19.4-4.el7]
- ci-swap-file-size-being-used-before-checked-if-str-315.patch [bz#1772505]
- Resolves: bz#1772505
([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init)
[19.4-3.el7]
- ci-Do-not-use-fallocate-in-swap-file-creation-on-xfs.-7.patch [bz#1772505]
- Resolves: bz#1772505
([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init)
[19.4-2.el7]
- ci-Removing-cloud-user-from-wheel.patch [bz#1549638]
- ci-Remove-race-condition-between-cloud-init-and-Network.patch [bz#1748015]
- ci-cc_set_password-increase-random-pwlength-from-9-to-2.patch [bz#1812170]
- ci-utils-use-SystemRandom-when-generating-random-passwo.patch [bz#1812173]
- ci-Enable-ssh_deletekeys-by-default.patch [bz#1574338]
- Resolves: bz#1549638
([RHEL7]cloud-user added to wheel group and sudoers.d causes 'sudo -v' prompts for passphrase)
- Resolves: bz#1574338
(CVE-2018-10896 cloud-init: SSH host keys are not regenerated for the new instances [rhel-7])
- Resolves: bz#1748015
([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok))
- Resolves: bz#1812170
(CVE-2020-8632 cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py [rhel-7])
- Resolves: bz#1812173
(CVE-2020-8631 cloud-init: Use of random.choice when generating random password [rhel-7])
[19.4-1.el7]
- Rebase to 19.4 [bz#1803094]
- Resolves: bz#1803094
([RHEL-7.9] cloud-init rebase to 19.4)
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 7 (aarch64) | cloud-init-19.4-7.0.3.el7.src.rpm | 2b261b5098ce30238055be2c7bf359e0 | ELEA-2021-0865 |
| cloud-init-19.4-7.0.3.el7.aarch64.rpm | 8eb5299dc602cc3abaa53864ad22691c | ELEA-2021-0865 |
|
| Oracle Linux 7 (x86_64) | cloud-init-19.4-7.0.3.el7.src.rpm | 2b261b5098ce30238055be2c7bf359e0 | ELEA-2021-0865 |
| cloud-init-19.4-7.0.3.el7.x86_64.rpm | 62eda2edbf17ae13b8fd48edce3ce6d4 | ELEA-2021-0865 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
