ELSA-2020-3898

ELSA-2020-3898 - cloud-init security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2020-10-06

Description


[19.4-7.0.3]
- Add conditional restart of NetworkManager for cloud-final. [Orabug: 31965645]
- Correct postinstall upgrade cloud-init.service mismerge order.

[19.4-7.0.1]
- Add Oracle Linux variant to known distros
- Add cloud-init hotplug event handling support [Orabug: 30485135]
- Oracle data source should configure secondary VNICs [Orabug: 30487563]
- Add support for netfailover detection [Orabug: 30487591]
- Avoid hotplug handling when configure_secondary_nics is disabled [Orabug: 31086905]
- Set per-platform default NM_CONTROLLED=no for OCI [Orabug: 31086905]
- Remove secondary VNIC config from cache for hot unplug [Orabug: 31086905]
- Fix OL distro specific issues and dependency compatibility [Orabug: 30435672]
- Fix swap file size allocation logic to allocate maxsize [Orabug: 29952349]
- Make Oracle datasource detect dracut based config files [Orabug: 29956753]

[19.4-7.el7]
- ci-ec2-only-redact-token-request-headers-in-logs-avoid-.patch [bz#1821999]
- Resolves: bz#1821999
([RHEL7.9] Do not log IMDSv2 token values into cloud-init.log)

[19.4-6.el7]
- ci-Use-reload-or-try-restart-instead-of-try-reload-or-r.patch [bz#1748015]
- ci-ec2-Do-not-log-IMDSv2-token-values-instead-use-REDAC.patch [bz#1821999]
- Resolves: bz#1748015
([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok))
- Resolves: bz#1821999
([RHEL7.9] Do not log IMDSv2 token values into cloud-init.log)

[19.4-5.el7]
- ci-Remove-race-condition-between-cloud-init-and-Network-v2.patch [bz#1748015]
- ci-cc_mounts-fix-incorrect-format-specifiers-316.patch [bz#1772505]
- Resolves: bz#1748015
([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok))
- Resolves: bz#1772505
([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init)

[19.4-4.el7]
- ci-swap-file-size-being-used-before-checked-if-str-315.patch [bz#1772505]
- Resolves: bz#1772505
([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init)

[19.4-3.el7]
- ci-Do-not-use-fallocate-in-swap-file-creation-on-xfs.-7.patch [bz#1772505]
- Resolves: bz#1772505
([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init)

[19.4-2.el7]
- ci-Removing-cloud-user-from-wheel.patch [bz#1549638]
- ci-Remove-race-condition-between-cloud-init-and-Network.patch [bz#1748015]
- ci-cc_set_password-increase-random-pwlength-from-9-to-2.patch [bz#1812170]
- ci-utils-use-SystemRandom-when-generating-random-passwo.patch [bz#1812173]
- ci-Enable-ssh_deletekeys-by-default.patch [bz#1574338]
- Resolves: bz#1549638
([RHEL7]cloud-user added to wheel group and sudoers.d causes 'sudo -v' prompts for passphrase)
- Resolves: bz#1574338
(CVE-2018-10896 cloud-init: SSH host keys are not regenerated for the new instances [rhel-7])
- Resolves: bz#1748015
([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok))
- Resolves: bz#1812170
(CVE-2020-8632 cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py [rhel-7])
- Resolves: bz#1812173
(CVE-2020-8631 cloud-init: Use of random.choice when generating random password [rhel-7])

[19.4-1.el7]
- Rebase to 19.4 [bz#1803094]
- Resolves: bz#1803094
([RHEL-7.9] cloud-init rebase to 19.4)


Related CVEs


CVE-2020-8631
CVE-2020-8632
CVE-2018-10896

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) cloud-init-19.4-7.0.3.el7.src.rpm260661febb68c00c6b1d67fbdb631c08a774534c6cebc9e098f0b9cfeeb3aebeELBA-2023-12379ol7_aarch64_latest
cloud-init-19.4-7.0.3.el7.src.rpm260661febb68c00c6b1d67fbdb631c08a774534c6cebc9e098f0b9cfeeb3aebeELBA-2023-12379ol7_aarch64_u9_base
cloud-init-19.4-7.0.3.el7.aarch64.rpmdcd7e3db0db0828bfaf3de3c894dfc3b4f0492ae6e3b7c0ead6856cbc2bc8ca1ELBA-2023-12379ol7_aarch64_latest
cloud-init-19.4-7.0.3.el7.aarch64.rpmdcd7e3db0db0828bfaf3de3c894dfc3b4f0492ae6e3b7c0ead6856cbc2bc8ca1ELBA-2023-12379ol7_aarch64_u9_base
Oracle Linux 7 (x86_64) cloud-init-19.4-7.0.3.el7.src.rpm260661febb68c00c6b1d67fbdb631c08a774534c6cebc9e098f0b9cfeeb3aebeELBA-2023-12379ol7_x86_64_latest
cloud-init-19.4-7.0.3.el7.src.rpm260661febb68c00c6b1d67fbdb631c08a774534c6cebc9e098f0b9cfeeb3aebeELBA-2023-12379ol7_x86_64_u9_base
cloud-init-19.4-7.0.3.el7.x86_64.rpmc0cc6043d9c6284ae1c94bfe34d0a34d5f7782a639a41ad1853f59b79b20b891ELBA-2023-12379ol7_x86_64_latest
cloud-init-19.4-7.0.3.el7.x86_64.rpmc0cc6043d9c6284ae1c94bfe34d0a34d5f7782a639a41ad1853f59b79b20b891ELBA-2023-12379ol7_x86_64_u9_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete