Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Readme of Amazon Elastic Beanstalk AMI running Amazon Linux release 2010.11.1 (beta)
Changes in Amazon Linux AMI Beta2 (v 2010.11):
Security Updates:
=================
* glibc package update
CVE-2010-3856: glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs
CVE-2010-3847: glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs
* kernel package updates for
CVE-2010-3081: kernel: 64-bit Compatibility Mode Stack Pointer Underflow
CVE-2010-3301: kernel: IA32 System Call Entry Point Vulnerability
CVE-2010-3904: kernel: RDS sockets local privilege escalation
* java-1.6.0-openjdk package update
CVE-2009-3555: TLS: MITM attacks via session renegotiation
CVE-2010-3541: CVE-2010-3573 OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)
CVE-2010-3548: OpenJDK DNS server IP address information leak (6957564)
CVE-2010-3549: OpenJDK HttpURLConnection request splitting (6952017)
CVE-2010-3551: OpenJDK local network address disclosure (6952603)
CVE-2010-3553: OpenJDK Swing unsafe reflection usage (6622002)
CVE-2010-3554: CVE-2010-3561 OpenJDK corba reflection vulnerabilities (6891766,6925672)
CVE-2010-3557: OpenJDK Swing mutable static (6938813)
CVE-2010-3562: OpenJDK IndexColorModel double-free (6925710)
CVE-2010-3564: OpenJDK kerberos vulnerability (6958060)
CVE-2010-3565: OpenJDK JPEG writeImage remote code execution (6963023)
CVE-2010-3567: OpenJDK ICU Opentype layout engine crash (6963285)
CVE-2010-3568: OpenJDK Deserialization Race condition (6559775)
CVE-2010-3569: OpenJDK Serialization inconsistencies (6966692)
CVE-2010-3574: OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)
* openssl package update
CVE-2010-3864 OpenSSL TLS extension parsing race condition
Image Updates:
==============
* Security updates will be downloaded and installed on instance launch (can be disabled via userdata, see user guide for more details)
* Reduced Image size to 8G
* Changed version numbering scheme
* Updated kernel to allow 64G of memory on c1.xlarge instances
* Added /dev/sd* symlinks to point to /dev/xvd* devices for backward compatibility
* Mount ephemeral0 (when requested) on /media/ephemeral0 by default
Updated Packages:
=================
* amanda updated to version 2.6.1p2-5.5
* aws-apitools-iam updated to version 1.1.0
* bash updated to version 4.1.2-2.6
* classpathx-mail updated to version 1.1.2-9.4.5
* cloud-init updated to version 0.5.14-21
* coreutils updated to version 8.4-7.9
* findutils updated to version 4.4.2-5.7
* gcc44 updated to version 4.4.4-5.18
* ImageMagick updated to version 6.5.4.7-5.9
* initscripts updated to version 8.45.30-2.12
* log4j updated to version 1.2.16-6.4.4
* mkinitrd updated to version 5.1.19.6-61.21
* php updated to version 5.3.3-1.6
* python26 updated to version 2.6.6-1.15
* readline updated to version 5.1-3.11
* rsync updated to version 3.0.6-4.8
* ruby updated to version 1.8.7
* tar updated to version 1.23
* tomcat6 updated to version 6.0.29
* util-linux-ng updated to version 2.17.2
New packages provided:
======================
* cacti: An rrd based graphing tool
* dkim-milter: DomainKeys Identified Mail sender authentication sendmail milter
* fping: Scriptable, parallelized ping-like utility
* freetds: Implementation of the TDS (Tabular DataStream) protocol
* libdmx: X.Org X11 DMX runtime library
* libmcrypt: Encryption algorithms library
* lighttpd: fast webserver with light system requirements
* memcached: High Performance, Distributed Memory Object Cache
* mod_security: Security module for the Apache HTTP Server
* monit: Manages and monitors processes, files, directories and devices
* munin: Network-wide graphing framework (grapher/gatherer)
* nagios: Nagios monitors hosts and services and yells if somethings breaks
* nagios-plugins: Host/service/network monitoring program plugins for Nagios
* nginx: Robust, small and high performance HTTP and reverse proxy server
* nrpe: Host/service/network monitoring agent for Nagios
* perl-Archive-Any: Single interface to deal with file archives
* perl-Array-Diff: Diff two arrays
* perl-Class-C3: Pragma to use the C3 method resolution order algorithm
* perl-Class-C3-XS: XS speedups for Class::C3
* perl-CPAN-DistnameInfo: Extract distribution name and version from a distribution filename
* perl-Data-Section: Read multiple hunks of data out of your DATA section
* perl-DBD-CSV: DBI driver for CSV files
* perl-DBD-XBase: Perl module for reading and writing the dbf files
* perl-File-MMagic: A Perl module emulating the file(1) command
* perl-HTML-Lint: HTML::Lint Perl module
* perl-HTML-Template: Perl module to use HTML Templates
* perl-IO-Capture: Abstract Base Class to build modules to capture output
* perl-IO-Multiplex: IO-Multiplex module for perl
* perl-IPC-SharedCache: Perl module to manage a cache in SysV IPC shared memory
* perl-IPC-ShareLite: Lightweight interface to shared memory
* perl-Log-Dispatch: Dispatches messages to one or more outputs
* perl-Log-Dispatch-FileRotate: Log to files that archive/rotate themselves
* perl-Log-Log4perl: Log4j implementation for Perl
* perl-Mail-Sender: Module for sending mails with attachments through an SMTP server
* perl-Mail-Sendmail: Simple platform independent mailer for Perl
* perl-Module-CPANTS-Analyse: Generate Kwalitee ratings for a distribution
* perl-Module-ExtractUse: Find out what modules are used
* perl-MRO-Compat: Mro::* interface compatibility for Perls < 5.9.5
* perl-Net-Server: Extensible, general Perl server engine
* perl-Net-SNMP: Object oriented interface to SNMP
* perl-Parse-RecDescent: Parse-RecDescent Perl module
* perl-Perl-Critic: Critique Perl source code for best-practices
* perl-Pod-Strip: Remove POD from Perl code
* perl-RRD-Simple: Simple interface to create and store data in RRD files
* perl-Software-License: Package that provides templated software licenses
* perl-SQL-Statement: SQL parsing and processing engine
* perl-Sub-Name: Name -- or rename -- a sub
* perl-Test-Kwalitee: Test the Kwalitee of a distribution before you release it
* perl-Test-Perl-Critic: Use Perl::Critic in test programs
* perl-Test-YAML-Meta: Validation of the META.yml file in a distribution
* perl-Test-YAML-Valid: Lets you test the validity of YAML files in unit tests
* perl-Text-CSV_XS: Comma-separated values manipulation routines
* perl-Text-Template: Expand template text with embedded Perl
* perl-UNIVERSAL-require: Require() modules from a variable
* perl-YAML-LibYAML: YAML::LibYAML Perl module
* python-epdb : an extended Python debugger
* radiusclient-ng: RADIUS protocol client library
* rrdtool: Round Robin Database Tool to store and display time-series data
* rsyslog: Enhanced system logging and kernel message trapping daemons
* rubygems: The Ruby standard for packaging ruby libraries
* t1lib: PostScript Type 1 font rasterizer
* tomcat-native: Tomcat native library
* xorg-x11-apps: X.Org X11 applications
* xorg-x11-utils: X.Org X11 X client utilities
* xorg-x11-xbitmaps: X.Org X11 application bitmaps
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment