Fedora 26 Cloud-Init Update: Critical Fix for IAM Credentials

fedora

March 20, 2017

This update fixes several issues with systemd service ordering and network configuration

Summary

Cloud-init is a set of init scripts for cloud instances. Cloud instances

need special scripts to run during initialization to retrieve and install

ssh keys and to let the user run various scripts.

Update Information:

This update fixes several issues with systemd service ordering and network configuration. It also backports a fix for a [security issue](https://bugs.launchpad.net/cloud-init/+bug/1638312) in which instances run in EC2 write IAM instance profile credentials to disk. To work around the security issue without updating cloud-init, wait at least six hours between creating a bundle or an EBS snapshot and registering that as a machine image.

Topics Covered

security advisory critical Fedora network configuration service issue cloud-init IAM credential

Change Log

References

[ 1 ] Bug #1400249 - Wrong systemd unit in cloud-init https://bugzilla.redhat.com/show_bug.cgi?id=1400249 [ 2 ] Bug #1430511 - cloud init doesn't setup ssh keys for access https://bugzilla.redhat.com/show_bug.cgi?id=1430511 [ 3 ] Bug #1428492 - Cloud-init is starting before multi-user.target still https://bugzilla.redhat.com/show_bug.cgi?id=1428492 [ 4 ] Bug #1389530 - sysconfig.py fails to configure network https://bugzilla.redhat.com/show_bug.cgi?id=1389530

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade cloud-init' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity

critical

Lowest

Low

Medium

High

Critical

Name: cloud-init

Product: Fedora 26

Version: 0.7.9

Release: 4.fc26

URL: https://launchpad.net/cloud-init

Summary: Cloud instance init scripts

Topics Covered

security advisory critical Fedora network configuration service issue cloud-init IAM credential

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 26 Cloud-Init Update: Critical Fix for IAM Credentials

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 26 Cloud-Init Update: Critical Fix for IAM Credentials

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!