File _patchinfo of Package patchinfo.13090
<patchinfo incident="13090">
<issue tracker="bnc" id="1136440">L3-Question: cloud-init :VIO: unable to detect environment</issue>
<issue tracker="bnc" id="1144363">cloud-init doesn't call udevadm settle correctly to wait for network device</issue>
<issue tracker="bnc" id="1142988">networking problems using cloud-init in leap 15.1 images</issue>
<issue tracker="bnc" id="1154092">cloud-init: datasource ConfigDrive fails</issue>
<issue tracker="bnc" id="1099358">OS boot failed when ISO mounted and enable cloud-init services</issue>
<issue tracker="bnc" id="1129124">VUL-0: CVE-2019-0816: cloud-init: extra ssh keys added to authorized_keys</issue>
<issue tracker="bnc" id="1151488">cloud-init resolv.conf changes get clobbered by netconfig</issue>
<issue tracker="cve" id="2019-0816"/>
<packager>rjschwei</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for cloud-init</summary>
<description>This update for cloud-init fixes the following issues:
Security issue fixed:
- CVE-2019-0816: Fixed the unnecessary extra ssh keys that were added to authorized_keys (bsc#1129124).
Non-security issues fixed:
- Add cloud-init-renderer-detect.patch (bsc#1154092, bsc#1142988)
+ Short curcuit the conditional for identifying the sysconfig renderer.
If we find ifup/ifdown accept the renderer as available.
- Add cloud-init-break-resolv-symlink.patch (bsc#1151488)
+ If /etc/resolv.conf is a symlink break it. This will avoid netconfig
from clobbering the changes cloud-init applied.
- Update to cloud-init 19.2 (bsc#1099358)
+ Remove, included upstream
- cloud-init-detect-nova.diff
- cloud-init-add-static-routes.diff
+ net: add rfc3442 (classless static routes) to EphemeralDHCP
(LP: #1821102)
+ templates/ntp.conf.debian.tmpl: fix missing newline for pools
(LP: #1836598)
+ Support netplan renderer in Arch Linux [Conrad Hoffmann]
+ Fix typo in publicly viewable documentation. [David Medberry]
+ Add a cdrom size checker for OVF ds to ds-identify
[Pengpeng Sun] (LP: #1806701)
+ VMWare: Trigger the post customization script via cc_scripts module.
[Xiaofeng Wang] (LP: #1833192)
+ Cloud-init analyze module: Added ability to analyze boot events.
[Sam Gilson]
+ Update debian eni network configuration location, retain Ubuntu setting
[Janos Lenart]
+ net: skip bond interfaces in get_interfaces
[Stanislav Makar] (LP: #1812857)
+ Fix a couple of issues raised by a coverity scan
+ Add missing dsname for Hetzner Cloud datasource [Markus Schade]
+ doc: indicate that netplan is default in Ubuntu now
+ azure: add region and AZ properties from imds compute location metadata
+ sysconfig: support more bonding options [Penghui Liao]
+ cloud-init-generator: use libexec path to ds-identify on redhat systems
(LP: #1833264)
+ tools/build-on-freebsd: update to python3 [Gonéri Le Bouder]
+ Allow identification of OpenStack by Asset Tag
[Mark T. Voelker] (LP: #1669875)
+ Fix spelling error making 'an Ubuntu' consistent. [Brian Murray]
+ run-container: centos: comment out the repo mirrorlist [Paride Legovini]
+ netplan: update netplan key mappings for gratuitous-arp (LP: #1827238)
+ freebsd: fix the name of cloudcfg VARIANT [Gonéri Le Bouder]
+ freebsd: ability to grow root file system [Gonéri Le Bouder]
+ freebsd: NoCloud data source support [Gonéri Le Bouder] (LP: #1645824)
+ Azure: Return static fallback address as if failed to find endpoint
[Jason Zions (MSFT)]
- Follow up to update cloud-init-trigger-udev.patch (bsc#1144363)
- Update to version 19.1 (bsc#1136440, bsc#1129124)
</description>
</patchinfo>
