jetztgradnet/beanstalk-ami-readme.txt

## beanstalk-ami-readme.txt
Changes in Amazon Linux AMI Beta2 (v 2010.11):

Security Updates:
=================
* glibc package update
        CVE-2010-3856: glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs
        CVE-2010-3847: glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs
* kernel package updates for
        CVE-2010-3081: kernel: 64-bit Compatibility Mode Stack Pointer Underflow
        CVE-2010-3301: kernel: IA32 System Call Entry Point Vulnerability
        CVE-2010-3904: kernel: RDS sockets local privilege escalation
* java-1.6.0-openjdk package update
        CVE-2009-3555: TLS: MITM attacks via session renegotiation
        CVE-2010-3541: CVE-2010-3573 OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)
        CVE-2010-3548: OpenJDK DNS server IP address information leak (6957564)
        CVE-2010-3549: OpenJDK HttpURLConnection request splitting (6952017)
        CVE-2010-3551: OpenJDK local network address disclosure (6952603)
        CVE-2010-3553: OpenJDK Swing unsafe reflection usage (6622002)
        CVE-2010-3554: CVE-2010-3561 OpenJDK corba reflection vulnerabilities (6891766,6925672)
        CVE-2010-3557: OpenJDK Swing mutable static (6938813)
        CVE-2010-3562: OpenJDK IndexColorModel double-free (6925710)
        CVE-2010-3564: OpenJDK kerberos vulnerability (6958060)
        CVE-2010-3565: OpenJDK JPEG writeImage remote code execution (6963023)
        CVE-2010-3567: OpenJDK ICU Opentype layout engine crash (6963285)
        CVE-2010-3568: OpenJDK Deserialization Race condition (6559775)
        CVE-2010-3569: OpenJDK Serialization inconsistencies (6966692)
        CVE-2010-3574: OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)
* openssl package update
	CVE-2010-3864 OpenSSL TLS extension parsing race condition

Image Updates:
==============
* Security updates will be downloaded and installed on instance launch (can be disabled via userdata, see user guide for more details)
* Reduced Image size to 8G
* Changed version numbering scheme
* Updated kernel to allow 64G of memory on c1.xlarge instances
* Added /dev/sd* symlinks to point to /dev/xvd* devices for backward compatibility
* Mount ephemeral0 (when requested) on /media/ephemeral0 by default

Updated Packages:
=================
* amanda updated to version 2.6.1p2-5.5
* aws-apitools-iam updated to version 1.1.0
* bash updated to version 4.1.2-2.6
* classpathx-mail updated to version 1.1.2-9.4.5
* cloud-init updated to version 0.5.14-21
* coreutils updated to version 8.4-7.9
* findutils updated to version 4.4.2-5.7
* gcc44 updated to version 4.4.4-5.18
* ImageMagick updated to version 6.5.4.7-5.9
* initscripts updated to version 8.45.30-2.12
* log4j updated to version 1.2.16-6.4.4
* mkinitrd updated to version 5.1.19.6-61.21
* php updated to version 5.3.3-1.6
* python26 updated to version 2.6.6-1.15
* readline updated to version 5.1-3.11
* rsync updated to version 3.0.6-4.8
* ruby updated to version 1.8.7
* tar updated to version 1.23
* tomcat6 updated to version 6.0.29
* util-linux-ng updated to version 2.17.2

New packages provided:
======================
* cacti: An rrd based graphing tool
* dkim-milter: DomainKeys Identified Mail sender authentication sendmail milter
* fping: Scriptable, parallelized ping-like utility
* freetds: Implementation of the TDS (Tabular DataStream) protocol
* libdmx: X.Org X11 DMX runtime library
* libmcrypt: Encryption algorithms library
* lighttpd: fast webserver with light system requirements
* memcached: High Performance, Distributed Memory Object Cache
* mod_security: Security module for the Apache HTTP Server
* monit: Manages and monitors processes, files, directories and devices
* munin: Network-wide graphing framework (grapher/gatherer)
* nagios: Nagios monitors hosts and services and yells if somethings breaks
* nagios-plugins: Host/service/network monitoring program plugins for Nagios
* nginx: Robust, small and high performance HTTP and reverse proxy server
* nrpe: Host/service/network monitoring agent for Nagios
* perl-Archive-Any: Single interface to deal with file archives
* perl-Array-Diff: Diff two arrays
* perl-Class-C3: Pragma to use the C3 method resolution order algorithm
* perl-Class-C3-XS: XS speedups for Class::C3
* perl-CPAN-DistnameInfo: Extract distribution name and version from a distribution filename
* perl-Data-Section: Read multiple hunks of data out of your DATA section
* perl-DBD-CSV: DBI driver for CSV files
* perl-DBD-XBase: Perl module for reading and writing the dbf files
* perl-File-MMagic: A Perl module emulating the file(1) command
* perl-HTML-Lint: HTML::Lint Perl module
* perl-HTML-Template: Perl module to use HTML Templates
* perl-IO-Capture: Abstract Base Class to build modules to capture output
* perl-IO-Multiplex: IO-Multiplex module for perl
* perl-IPC-SharedCache: Perl module to manage a cache in SysV IPC shared memory
* perl-IPC-ShareLite: Lightweight interface to shared memory
* perl-Log-Dispatch: Dispatches messages to one or more outputs
* perl-Log-Dispatch-FileRotate: Log to files that archive/rotate themselves
* perl-Log-Log4perl: Log4j implementation for Perl
* perl-Mail-Sender: Module for sending mails with attachments through an SMTP server
* perl-Mail-Sendmail: Simple platform independent mailer for Perl
* perl-Module-CPANTS-Analyse: Generate Kwalitee ratings for a distribution
* perl-Module-ExtractUse: Find out what modules are used
* perl-MRO-Compat: Mro::* interface compatibility for Perls < 5.9.5
* perl-Net-Server: Extensible, general Perl server engine
* perl-Net-SNMP: Object oriented interface to SNMP
* perl-Parse-RecDescent: Parse-RecDescent Perl module
* perl-Perl-Critic: Critique Perl source code for best-practices
* perl-Pod-Strip: Remove POD from Perl code
* perl-RRD-Simple: Simple interface to create and store data in RRD files
* perl-Software-License: Package that provides templated software licenses
* perl-SQL-Statement: SQL parsing and processing engine
* perl-Sub-Name: Name -- or rename -- a sub
* perl-Test-Kwalitee: Test the Kwalitee of a distribution before you release it
* perl-Test-Perl-Critic: Use Perl::Critic in test programs
* perl-Test-YAML-Meta: Validation of the META.yml file in a distribution
* perl-Test-YAML-Valid: Lets you test the validity of YAML files in unit tests
* perl-Text-CSV_XS: Comma-separated values manipulation routines
* perl-Text-Template: Expand template text with embedded Perl
* perl-UNIVERSAL-require: Require() modules from a variable
* perl-YAML-LibYAML: YAML::LibYAML Perl module
* python-epdb : an extended Python debugger
* radiusclient-ng: RADIUS protocol client library
* rrdtool: Round Robin Database Tool to store and display time-series data
* rsyslog: Enhanced system logging and kernel message trapping daemons
* rubygems: The Ruby standard for packaging ruby libraries
* t1lib: PostScript Type 1 font rasterizer
* tomcat-native: Tomcat native library
* xorg-x11-apps: X.Org X11 applications
* xorg-x11-utils: X.Org X11 X client utilities
* xorg-x11-xbitmaps: X.Org X11 application bitmaps
	Changes in Amazon Linux AMI Beta2 (v 2010.11):

	Security Updates:
	=================
	* glibc package update
	CVE-2010-3856: glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs
	CVE-2010-3847: glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs
	* kernel package updates for
	CVE-2010-3081: kernel: 64-bit Compatibility Mode Stack Pointer Underflow
	CVE-2010-3301: kernel: IA32 System Call Entry Point Vulnerability
	CVE-2010-3904: kernel: RDS sockets local privilege escalation
	* java-1.6.0-openjdk package update
	CVE-2009-3555: TLS: MITM attacks via session renegotiation
	CVE-2010-3541: CVE-2010-3573 OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)
	CVE-2010-3548: OpenJDK DNS server IP address information leak (6957564)
	CVE-2010-3549: OpenJDK HttpURLConnection request splitting (6952017)
	CVE-2010-3551: OpenJDK local network address disclosure (6952603)
	CVE-2010-3553: OpenJDK Swing unsafe reflection usage (6622002)
	CVE-2010-3554: CVE-2010-3561 OpenJDK corba reflection vulnerabilities (6891766,6925672)
	CVE-2010-3557: OpenJDK Swing mutable static (6938813)
	CVE-2010-3562: OpenJDK IndexColorModel double-free (6925710)
	CVE-2010-3564: OpenJDK kerberos vulnerability (6958060)
	CVE-2010-3565: OpenJDK JPEG writeImage remote code execution (6963023)
	CVE-2010-3567: OpenJDK ICU Opentype layout engine crash (6963285)
	CVE-2010-3568: OpenJDK Deserialization Race condition (6559775)
	CVE-2010-3569: OpenJDK Serialization inconsistencies (6966692)
	CVE-2010-3574: OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)
	* openssl package update
	CVE-2010-3864 OpenSSL TLS extension parsing race condition

	Image Updates:
	==============
	* Security updates will be downloaded and installed on instance launch (can be disabled via userdata, see user guide for more details)
	* Reduced Image size to 8G
	* Changed version numbering scheme
	* Updated kernel to allow 64G of memory on c1.xlarge instances
	* Added /dev/sd* symlinks to point to /dev/xvd* devices for backward compatibility
	* Mount ephemeral0 (when requested) on /media/ephemeral0 by default

	Updated Packages:
	=================
	* amanda updated to version 2.6.1p2-5.5
	* aws-apitools-iam updated to version 1.1.0
	* bash updated to version 4.1.2-2.6
	* classpathx-mail updated to version 1.1.2-9.4.5
	* cloud-init updated to version 0.5.14-21
	* coreutils updated to version 8.4-7.9
	* findutils updated to version 4.4.2-5.7
	* gcc44 updated to version 4.4.4-5.18
	* ImageMagick updated to version 6.5.4.7-5.9
	* initscripts updated to version 8.45.30-2.12
	* log4j updated to version 1.2.16-6.4.4
	* mkinitrd updated to version 5.1.19.6-61.21
	* php updated to version 5.3.3-1.6
	* python26 updated to version 2.6.6-1.15
	* readline updated to version 5.1-3.11
	* rsync updated to version 3.0.6-4.8
	* ruby updated to version 1.8.7
	* tar updated to version 1.23
	* tomcat6 updated to version 6.0.29
	* util-linux-ng updated to version 2.17.2

	New packages provided:
	======================
	* cacti: An rrd based graphing tool
	* dkim-milter: DomainKeys Identified Mail sender authentication sendmail milter
	* fping: Scriptable, parallelized ping-like utility
	* freetds: Implementation of the TDS (Tabular DataStream) protocol
	* libdmx: X.Org X11 DMX runtime library
	* libmcrypt: Encryption algorithms library
	* lighttpd: fast webserver with light system requirements
	* memcached: High Performance, Distributed Memory Object Cache
	* mod_security: Security module for the Apache HTTP Server
	* monit: Manages and monitors processes, files, directories and devices
	* munin: Network-wide graphing framework (grapher/gatherer)
	* nagios: Nagios monitors hosts and services and yells if somethings breaks
	* nagios-plugins: Host/service/network monitoring program plugins for Nagios
	* nginx: Robust, small and high performance HTTP and reverse proxy server
	* nrpe: Host/service/network monitoring agent for Nagios
	* perl-Archive-Any: Single interface to deal with file archives
	* perl-Array-Diff: Diff two arrays
	* perl-Class-C3: Pragma to use the C3 method resolution order algorithm
	* perl-Class-C3-XS: XS speedups for Class::C3
	* perl-CPAN-DistnameInfo: Extract distribution name and version from a distribution filename
	* perl-Data-Section: Read multiple hunks of data out of your DATA section
	* perl-DBD-CSV: DBI driver for CSV files
	* perl-DBD-XBase: Perl module for reading and writing the dbf files
	* perl-File-MMagic: A Perl module emulating the file(1) command
	* perl-HTML-Lint: HTML::Lint Perl module
	* perl-HTML-Template: Perl module to use HTML Templates
	* perl-IO-Capture: Abstract Base Class to build modules to capture output
	* perl-IO-Multiplex: IO-Multiplex module for perl
	* perl-IPC-SharedCache: Perl module to manage a cache in SysV IPC shared memory
	* perl-IPC-ShareLite: Lightweight interface to shared memory
	* perl-Log-Dispatch: Dispatches messages to one or more outputs
	* perl-Log-Dispatch-FileRotate: Log to files that archive/rotate themselves
	* perl-Log-Log4perl: Log4j implementation for Perl
	* perl-Mail-Sender: Module for sending mails with attachments through an SMTP server
	* perl-Mail-Sendmail: Simple platform independent mailer for Perl
	* perl-Module-CPANTS-Analyse: Generate Kwalitee ratings for a distribution
	* perl-Module-ExtractUse: Find out what modules are used
	* perl-MRO-Compat: Mro::* interface compatibility for Perls < 5.9.5
	* perl-Net-Server: Extensible, general Perl server engine
	* perl-Net-SNMP: Object oriented interface to SNMP
	* perl-Parse-RecDescent: Parse-RecDescent Perl module
	* perl-Perl-Critic: Critique Perl source code for best-practices
	* perl-Pod-Strip: Remove POD from Perl code
	* perl-RRD-Simple: Simple interface to create and store data in RRD files
	* perl-Software-License: Package that provides templated software licenses
	* perl-SQL-Statement: SQL parsing and processing engine
	* perl-Sub-Name: Name -- or rename -- a sub
	* perl-Test-Kwalitee: Test the Kwalitee of a distribution before you release it
	* perl-Test-Perl-Critic: Use Perl::Critic in test programs
	* perl-Test-YAML-Meta: Validation of the META.yml file in a distribution
	* perl-Test-YAML-Valid: Lets you test the validity of YAML files in unit tests
	* perl-Text-CSV_XS: Comma-separated values manipulation routines
	* perl-Text-Template: Expand template text with embedded Perl
	* perl-UNIVERSAL-require: Require() modules from a variable
	* perl-YAML-LibYAML: YAML::LibYAML Perl module
	* python-epdb : an extended Python debugger
	* radiusclient-ng: RADIUS protocol client library
	* rrdtool: Round Robin Database Tool to store and display time-series data
	* rsyslog: Enhanced system logging and kernel message trapping daemons
	* rubygems: The Ruby standard for packaging ruby libraries
	* t1lib: PostScript Type 1 font rasterizer
	* tomcat-native: Tomcat native library
	* xorg-x11-apps: X.Org X11 applications
	* xorg-x11-utils: X.Org X11 X client utilities
	* xorg-x11-xbitmaps: X.Org X11 application bitmaps