cloud-init security, bug fix, and enhancement update

2020-10-06T00:00:00
ID ELSA-2020-3898
Type oraclelinux
Reporter Oracle
Modified 2020-10-06T00:00:00

Description

[19.4-7.0.3] - Add conditional restart of NetworkManager for cloud-final. [Orabug: 31965645] - Correct postinstall upgrade cloud-init.service mismerge order. [19.4-7.0.1] - Add Oracle Linux variant to known distros - Add cloud-init hotplug event handling support [Orabug: 30485135] - Oracle data source should configure secondary VNICs [Orabug: 30487563] - Add support for netfailover detection [Orabug: 30487591] - Avoid hotplug handling when configure_secondary_nics is disabled [Orabug: 31086905] - Set per-platform default NM_CONTROLLED=no for OCI [Orabug: 31086905] - Remove secondary VNIC config from cache for hot unplug [Orabug: 31086905] - Fix OL distro specific issues and dependency compatibility [Orabug: 30435672] - Fix swap file size allocation logic to allocate maxsize [Orabug: 29952349] - Make Oracle datasource detect dracut based config files [Orabug: 29956753] [19.4-7.el7] - ci-ec2-only-redact-token-request-headers-in-logs-avoid-.patch [bz#1821999] - Resolves: bz#1821999 ([RHEL7.9] Do not log IMDSv2 token values into cloud-init.log) [19.4-6.el7] - ci-Use-reload-or-try-restart-instead-of-try-reload-or-r.patch [bz#1748015] - ci-ec2-Do-not-log-IMDSv2-token-values-instead-use-REDAC.patch [bz#1821999] - Resolves: bz#1748015 ([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok)) - Resolves: bz#1821999 ([RHEL7.9] Do not log IMDSv2 token values into cloud-init.log) [19.4-5.el7] - ci-Remove-race-condition-between-cloud-init-and-Network-v2.patch [bz#1748015] - ci-cc_mounts-fix-incorrect-format-specifiers-316.patch [bz#1772505] - Resolves: bz#1748015 ([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok)) - Resolves: bz#1772505 ([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init) [19.4-4.el7] - ci-swap-file-size-being-used-before-checked-if-str-315.patch [bz#1772505] - Resolves: bz#1772505 ([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init) [19.4-3.el7] - ci-Do-not-use-fallocate-in-swap-file-creation-on-xfs.-7.patch [bz#1772505] - Resolves: bz#1772505 ([RHEL7] swapon fails with 'swapfile has holes' when created on a xfs filesystem by cloud-init) [19.4-2.el7] - ci-Removing-cloud-user-from-wheel.patch [bz#1549638] - ci-Remove-race-condition-between-cloud-init-and-Network.patch [bz#1748015] - ci-cc_set_password-increase-random-pwlength-from-9-to-2.patch [bz#1812170] - ci-utils-use-SystemRandom-when-generating-random-passwo.patch [bz#1812173] - ci-Enable-ssh_deletekeys-by-default.patch [bz#1574338] - Resolves: bz#1549638 ([RHEL7]cloud-user added to wheel group and sudoers.d causes 'sudo -v' prompts for passphrase) - Resolves: bz#1574338 (CVE-2018-10896 cloud-init: SSH host keys are not regenerated for the new instances [rhel-7]) - Resolves: bz#1748015 ([cloud-init][RHEL7] /etc/resolv.conf lose config after reboot (initial instance is ok)) - Resolves: bz#1812170 (CVE-2020-8632 cloud-init: Too short random password length in cc_set_password in config/cc_set_passwords.py [rhel-7]) - Resolves: bz#1812173 (CVE-2020-8631 cloud-init: Use of random.choice when generating random password [rhel-7]) [19.4-1.el7] - Rebase to 19.4 [bz#1803094] - Resolves: bz#1803094 ([RHEL-7.9] cloud-init rebase to 19.4)