Information on source package cloud-init

Available versions

ReleaseVersion
buster20.2-2~deb10u2
bullseye20.4.1-2+deb11u1
bookworm22.4.2-1
trixie24.1.1-1
sid24.1.1-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-1786vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedSensitive data could be exposed in logs of cloud-init before version 2 ...

Resolved issues

BugDescription
CVE-2022-2084Sensitive data could be exposed in world readable logs of cloud-init b ...
CVE-2021-3429When instructing cloud-init to set a random password for a new user ac ...
CVE-2020-8632In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ...
CVE-2020-8631cloud-init through 19.4 relies on Mersenne Twister for a random passwo ...
CVE-2019-0816A security feature bypass exists in Azure SSH Keypairs, due to a chang ...
CVE-2012-6639An privilege elevation vulnerability exists in Cloud-init before 0.7.0 ...

Security announcements

DSA / DLADescription
DLA-2601-1cloud-init - security update
DLA-2113-1cloud-init - security update

Search for package or bug name: Reporting problems