Описание
ELSA-2025-10848: cloud-init security update (IMPORTANT)
[24.4-4.0.1.el9_6.3]
- Fix Oracle Datasource network and getdata methods for OCI OL [Orabug: 35950168]
- Fix log file permission [Orabug: 35302969]
- Update detection logic for OL distros in config template [Orabug: 34845400]
- Added missing services in rhel/systemd/cloud-init.service [Orabug: 32183938]
- Added missing services in cloud-init.service.tmpl for sshd [Orabug: 32183938]
- Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 [Orabug: 30435672]
- limit permissions [Orabug: 31352433]
- Changes to ignore all enslaved interfaces [Orabug: 30092148]
- Make Oracle datasource detect dracut based config files [Orabug: 29956753]
- add modified version of enable-ec2_utils-to-stop-retrying-to-get-ec2-metadata.patch:
- Enable ec2_utils.py having a way to stop retrying to get ec2 metadata
- Apply stop retrying to get ec2 metadata to helper/openstack.py MetadataReader Resolves: Oracle-Bug:41660 (Bugzilla)
- added OL to list of known distros Resolves: rhbz#1427280 Resolves: rhbz#1427280
[24.4-4.el9_6.3]
- ci-fix-Don-t-attempt-to-identify-non-x86-OpenStack-inst.patch [RHEL-100611]
- ci-fix-strict-disable-in-ds-identify-on-no-datasources-.patch [RHEL-100611]
- Resolves: RHEL-100611 (CVE-2024-6174 cloud-init: From CVEorg collector [rhel-9.6.z])
[24.4-4.el9_6.2]
- Adding missed fix 'Retain exit code in cloud-init status for recoverable errors'
- Resolves: RHEL-101693
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
cloud-init
24.4-4.0.1.el9_6.3
Oracle Linux x86_64
cloud-init
24.4-4.0.1.el9_6.3
Связанные CVE
Связанные уязвимости
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
When a non-x86 platform is detected, cloud-init grants root access to ...