cloud-init 23.1.2-0ubuntu0~18.04.1 source package in Ubuntu
Changelog
cloud-init (23.1.2-0ubuntu0~18.04.1) bionic; urgency=medium
* SECURITY UPDATE: Make user/vendor data sensitive and remove log permissions
Because user data and vendor data may contain sensitive information,
this commit ensures that any user data or vendor data written to
instance-data.json gets redacted and is only available to root user.
Also, modify the permissions of cloud-init.log to be 640, so that
sensitive data leaked to the log isn't world readable.
Additionally, remove the logging of user data and vendor data to
cloud-init.log from the Vultr datasource.
This is based on upstream snapshot of 23.1.2 [(LP: #2013967)]
- d/cloud-init.postinst: postinst fixes for LP: #2013967
Redact sensitive keys from world-readable instance-data.json on upgrade.
Set perms 640 for /var/log/cloud-init.log on pkg upgrade.
Redact sensitive Vultr messages from /var/log/cloud-init.log
- (CVE-2023-1786)
-- James Falcon <email address hidden> Fri, 21 Apr 2023 14:44:30 -0500
Upload details
- Uploaded by:
- James Falcon
- Sponsored by:
- Chad Smith
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | main | admin | |
| Bionic | security | main | admin |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cloud-init_23.1.2.orig.tar.gz | 1.5 MiB | 4c3a2499d9953902a550e2134cceb5a9afd2324009404f6d52bb82d3e96dec3f |
| cloud-init_23.1.2-0ubuntu0~18.04.1.debian.tar.xz | 87.2 KiB | 9d6fb92bddd915de8095de9083b4e12214072e2bcb1bc288a56fff7478a0a464 |
| cloud-init_23.1.2-0ubuntu0~18.04.1.dsc | 2.2 KiB | 8e6d41dc75a49e944e5e69570fb320a1a8b2f816d58dca19c54c5fce494ca0b5 |
Available diffs
Binary packages built by this source
- cloud-init: Init scripts for cloud instances
Cloud instances need special scripts to run during initialisation
to retrieve and install ssh keys and to let the user run various scripts.
