Synopsis: Moderate: cloud-init security, bug fix, and enhancement update
Advisory ID: SLSA-2020:3898-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2018-10896
CVE-2020-8632
CVE-2020-8631
—
Security Fix(es):
* cloud-init: Use of random.choice when generating random password
(CVE-2020-8631)
* cloud-init: Too short random password length in cc_set_password in
config/cc_set_passwords.py (CVE-2020-8632)
* cloud-init: default configuration disabled deletion of SSH host keys
(CVE-2018-10896)
—
SL7
x86_64
cloud-init-19.4-7.el7.x86_64.rpm
– Scientific Linux Development Team
