jetztgradnet · January 22, 2011 14:00
diff --git a/beanstalk-ami-readme.txt b/beanstalk-ami-readme.txt
 Changes in Amazon Linux AMI Beta2 (v 2010.11):

 Security Updates:
 =================
 * glibc package update 
        CVE-2010-3856: glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs
        CVE-2010-3847: glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs 
 * kernel package updates for
        CVE-2010-3081: kernel: 64-bit Compatibility Mode Stack Pointer Underflow
        CVE-2010-3301: kernel: IA32 System Call Entry Point Vulnerability
        CVE-2010-3904: kernel: RDS sockets local privilege escalation
 * java-1.6.0-openjdk package update
        CVE-2009-3555: TLS: MITM attacks via session renegotiation
        CVE-2010-3541: CVE-2010-3573 OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)
        CVE-2010-3548: OpenJDK DNS server IP address information leak (6957564)
        CVE-2010-3549: OpenJDK HttpURLConnection request splitting (6952017)
        CVE-2010-3551: OpenJDK local network address disclosure (6952603)
        CVE-2010-3553: OpenJDK Swing unsafe reflection usage (6622002)
        CVE-2010-3554: CVE-2010-3561 OpenJDK corba reflection vulnerabilities (6891766,6925672)
        CVE-2010-3557: OpenJDK Swing mutable static (6938813)
        CVE-2010-3562: OpenJDK IndexColorModel double-free (6925710)
        CVE-2010-3564: OpenJDK kerberos vulnerability (6958060)
        CVE-2010-3565: OpenJDK JPEG writeImage remote code execution (6963023)
        CVE-2010-3567: OpenJDK ICU Opentype layout engine crash (6963285)
        CVE-2010-3568: OpenJDK Deserialization Race condition (6559775)
        CVE-2010-3569: OpenJDK Serialization inconsistencies (6966692)
        CVE-2010-3574: OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)
 * openssl package update
 	CVE-2010-3864 OpenSSL TLS extension parsing race condition

 Image Updates:
 ==============
 * Security updates will be downloaded and installed on instance launch (can be disabled via userdata, see user guide for more details)
 * Reduced Image size to 8G
 * Changed version numbering scheme
 * Updated kernel to allow 64G of memory on c1.xlarge instances
 * Added /dev/sd* symlinks to point to /dev/xvd* devices for backward compatibility
 * Mount ephemeral0 (when requested) on /media/ephemeral0 by default

 Updated Packages:
 =================
 * amanda updated to version 2.6.1p2-5.5
 * aws-apitools-iam updated to version 1.1.0
 * bash updated to version 4.1.2-2.6
 * classpathx-mail updated to version 1.1.2-9.4.5
 * cloud-init updated to version 0.5.14-21
 * coreutils updated to version 8.4-7.9
 * findutils updated to version 4.4.2-5.7
 * gcc44 updated to version 4.4.4-5.18
 * ImageMagick updated to version 6.5.4.7-5.9
 * initscripts updated to version 8.45.30-2.12
 * log4j updated to version 1.2.16-6.4.4
 * mkinitrd updated to version 5.1.19.6-61.21
 * php updated to version 5.3.3-1.6
 * python26 updated to version 2.6.6-1.15
 * readline updated to version 5.1-3.11
 * rsync updated to version 3.0.6-4.8
 * ruby updated to version 1.8.7
 * tar updated to version 1.23
 * tomcat6 updated to version 6.0.29
 * util-linux-ng updated to version 2.17.2

 New packages provided:
 ======================
 * cacti: An rrd based graphing tool
 * dkim-milter: DomainKeys Identified Mail sender authentication sendmail milter
 * fping: Scriptable, parallelized ping-like utility
 * freetds: Implementation of the TDS (Tabular DataStream) protocol
 * libdmx: X.Org X11 DMX runtime library
 * libmcrypt: Encryption algorithms library
 * lighttpd: fast webserver with light system requirements
 * memcached: High Performance, Distributed Memory Object Cache
 * mod_security: Security module for the Apache HTTP Server
 * monit: Manages and monitors processes, files, directories and devices
 * munin: Network-wide graphing framework (grapher/gatherer)
 * nagios: Nagios monitors hosts and services and yells if somethings breaks
 * nagios-plugins: Host/service/network monitoring program plugins for Nagios
 * nginx: Robust, small and high performance HTTP and reverse proxy server
 * nrpe: Host/service/network monitoring agent for Nagios
 * perl-Archive-Any: Single interface to deal with file archives
 * perl-Array-Diff: Diff two arrays
 * perl-Class-C3: Pragma to use the C3 method resolution order algorithm
 * perl-Class-C3-XS: XS speedups for Class::C3
 * perl-CPAN-DistnameInfo: Extract distribution name and version from a distribution filename
 * perl-Data-Section: Read multiple hunks of data out of your DATA section
 * perl-DBD-CSV: DBI driver for CSV files
 * perl-DBD-XBase: Perl module for reading and writing the dbf files
 * perl-File-MMagic: A Perl module emulating the file(1) command
 * perl-HTML-Lint: HTML::Lint Perl module
 * perl-HTML-Template: Perl module to use HTML Templates
 * perl-IO-Capture: Abstract Base Class to build modules to capture output
 * perl-IO-Multiplex: IO-Multiplex module for perl
 * perl-IPC-SharedCache: Perl module to manage a cache in SysV IPC shared memory
 * perl-IPC-ShareLite: Lightweight interface to shared memory
 * perl-Log-Dispatch: Dispatches messages to one or more outputs
 * perl-Log-Dispatch-FileRotate: Log to files that archive/rotate themselves
 * perl-Log-Log4perl: Log4j implementation for Perl
 * perl-Mail-Sender: Module for sending mails with attachments through an SMTP server
 * perl-Mail-Sendmail: Simple platform independent mailer for Perl
 * perl-Module-CPANTS-Analyse: Generate Kwalitee ratings for a distribution
 * perl-Module-ExtractUse: Find out what modules are used
 * perl-MRO-Compat: Mro::* interface compatibility for Perls < 5.9.5
 * perl-Net-Server: Extensible, general Perl server engine
 * perl-Net-SNMP: Object oriented interface to SNMP
 * perl-Parse-RecDescent: Parse-RecDescent Perl module
 * perl-Perl-Critic: Critique Perl source code for best-practices
 * perl-Pod-Strip: Remove POD from Perl code
 * perl-RRD-Simple: Simple interface to create and store data in RRD files
 * perl-Software-License: Package that provides templated software licenses
 * perl-SQL-Statement: SQL parsing and processing engine
 * perl-Sub-Name: Name -- or rename -- a sub
 * perl-Test-Kwalitee: Test the Kwalitee of a distribution before you release it
 * perl-Test-Perl-Critic: Use Perl::Critic in test programs
 * perl-Test-YAML-Meta: Validation of the META.yml file in a distribution
 * perl-Test-YAML-Valid: Lets you test the validity of YAML files in unit tests
 * perl-Text-CSV_XS: Comma-separated values manipulation routines
 * perl-Text-Template: Expand template text with embedded Perl
 * perl-UNIVERSAL-require: Require() modules from a variable
 * perl-YAML-LibYAML: YAML::LibYAML Perl module
 * python-epdb : an extended Python debugger
 * radiusclient-ng: RADIUS protocol client library
 * rrdtool: Round Robin Database Tool to store and display time-series data
 * rsyslog: Enhanced system logging and kernel message trapping daemons
 * rubygems: The Ruby standard for packaging ruby libraries
 * t1lib: PostScript Type 1 font rasterizer
 * tomcat-native: Tomcat native library
 * xorg-x11-apps: X.Org X11 applications
 * xorg-x11-utils: X.Org X11 X client utilities
 * xorg-x11-xbitmaps: X.Org X11 application bitmaps
	Changes in Amazon Linux AMI Beta2 (v 2010.11):

	Security Updates:
	=================
	* glibc package update
	CVE-2010-3856: glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs
	CVE-2010-3847: glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs
	* kernel package updates for
	CVE-2010-3081: kernel: 64-bit Compatibility Mode Stack Pointer Underflow
	CVE-2010-3301: kernel: IA32 System Call Entry Point Vulnerability
	CVE-2010-3904: kernel: RDS sockets local privilege escalation
	* java-1.6.0-openjdk package update
	CVE-2009-3555: TLS: MITM attacks via session renegotiation
	CVE-2010-3541: CVE-2010-3573 OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)
	CVE-2010-3548: OpenJDK DNS server IP address information leak (6957564)
	CVE-2010-3549: OpenJDK HttpURLConnection request splitting (6952017)
	CVE-2010-3551: OpenJDK local network address disclosure (6952603)
	CVE-2010-3553: OpenJDK Swing unsafe reflection usage (6622002)
	CVE-2010-3554: CVE-2010-3561 OpenJDK corba reflection vulnerabilities (6891766,6925672)
	CVE-2010-3557: OpenJDK Swing mutable static (6938813)
	CVE-2010-3562: OpenJDK IndexColorModel double-free (6925710)
	CVE-2010-3564: OpenJDK kerberos vulnerability (6958060)
	CVE-2010-3565: OpenJDK JPEG writeImage remote code execution (6963023)
	CVE-2010-3567: OpenJDK ICU Opentype layout engine crash (6963285)
	CVE-2010-3568: OpenJDK Deserialization Race condition (6559775)
	CVE-2010-3569: OpenJDK Serialization inconsistencies (6966692)
	CVE-2010-3574: OpenJDK HttpURLConnection incomplete TRACE permission check (6981426)
	* openssl package update
	CVE-2010-3864 OpenSSL TLS extension parsing race condition

	Image Updates:
	==============
	* Security updates will be downloaded and installed on instance launch (can be disabled via userdata, see user guide for more details)
	* Reduced Image size to 8G
	* Changed version numbering scheme
	* Updated kernel to allow 64G of memory on c1.xlarge instances
	* Added /dev/sd* symlinks to point to /dev/xvd* devices for backward compatibility
	* Mount ephemeral0 (when requested) on /media/ephemeral0 by default

	Updated Packages:
	=================
	* amanda updated to version 2.6.1p2-5.5
	* aws-apitools-iam updated to version 1.1.0
	* bash updated to version 4.1.2-2.6
	* classpathx-mail updated to version 1.1.2-9.4.5
	* cloud-init updated to version 0.5.14-21
	* coreutils updated to version 8.4-7.9
	* findutils updated to version 4.4.2-5.7
	* gcc44 updated to version 4.4.4-5.18
	* ImageMagick updated to version 6.5.4.7-5.9
	* initscripts updated to version 8.45.30-2.12
	* log4j updated to version 1.2.16-6.4.4
	* mkinitrd updated to version 5.1.19.6-61.21
	* php updated to version 5.3.3-1.6
	* python26 updated to version 2.6.6-1.15
	* readline updated to version 5.1-3.11
	* rsync updated to version 3.0.6-4.8
	* ruby updated to version 1.8.7
	* tar updated to version 1.23
	* tomcat6 updated to version 6.0.29
	* util-linux-ng updated to version 2.17.2

	New packages provided:
	======================
	* cacti: An rrd based graphing tool
	* dkim-milter: DomainKeys Identified Mail sender authentication sendmail milter
	* fping: Scriptable, parallelized ping-like utility
	* freetds: Implementation of the TDS (Tabular DataStream) protocol
	* libdmx: X.Org X11 DMX runtime library
	* libmcrypt: Encryption algorithms library
	* lighttpd: fast webserver with light system requirements
	* memcached: High Performance, Distributed Memory Object Cache
	* mod_security: Security module for the Apache HTTP Server
	* monit: Manages and monitors processes, files, directories and devices
	* munin: Network-wide graphing framework (grapher/gatherer)
	* nagios: Nagios monitors hosts and services and yells if somethings breaks
	* nagios-plugins: Host/service/network monitoring program plugins for Nagios
	* nginx: Robust, small and high performance HTTP and reverse proxy server
	* nrpe: Host/service/network monitoring agent for Nagios
	* perl-Archive-Any: Single interface to deal with file archives
	* perl-Array-Diff: Diff two arrays
	* perl-Class-C3: Pragma to use the C3 method resolution order algorithm
	* perl-Class-C3-XS: XS speedups for Class::C3
	* perl-CPAN-DistnameInfo: Extract distribution name and version from a distribution filename
	* perl-Data-Section: Read multiple hunks of data out of your DATA section
	* perl-DBD-CSV: DBI driver for CSV files
	* perl-DBD-XBase: Perl module for reading and writing the dbf files
	* perl-File-MMagic: A Perl module emulating the file(1) command
	* perl-HTML-Lint: HTML::Lint Perl module
	* perl-HTML-Template: Perl module to use HTML Templates
	* perl-IO-Capture: Abstract Base Class to build modules to capture output
	* perl-IO-Multiplex: IO-Multiplex module for perl
	* perl-IPC-SharedCache: Perl module to manage a cache in SysV IPC shared memory
	* perl-IPC-ShareLite: Lightweight interface to shared memory
	* perl-Log-Dispatch: Dispatches messages to one or more outputs
	* perl-Log-Dispatch-FileRotate: Log to files that archive/rotate themselves
	* perl-Log-Log4perl: Log4j implementation for Perl
	* perl-Mail-Sender: Module for sending mails with attachments through an SMTP server
	* perl-Mail-Sendmail: Simple platform independent mailer for Perl
	* perl-Module-CPANTS-Analyse: Generate Kwalitee ratings for a distribution
	* perl-Module-ExtractUse: Find out what modules are used
	* perl-MRO-Compat: Mro::* interface compatibility for Perls < 5.9.5
	* perl-Net-Server: Extensible, general Perl server engine
	* perl-Net-SNMP: Object oriented interface to SNMP
	* perl-Parse-RecDescent: Parse-RecDescent Perl module
	* perl-Perl-Critic: Critique Perl source code for best-practices
	* perl-Pod-Strip: Remove POD from Perl code
	* perl-RRD-Simple: Simple interface to create and store data in RRD files
	* perl-Software-License: Package that provides templated software licenses
	* perl-SQL-Statement: SQL parsing and processing engine
	* perl-Sub-Name: Name -- or rename -- a sub
	* perl-Test-Kwalitee: Test the Kwalitee of a distribution before you release it
	* perl-Test-Perl-Critic: Use Perl::Critic in test programs
	* perl-Test-YAML-Meta: Validation of the META.yml file in a distribution
	* perl-Test-YAML-Valid: Lets you test the validity of YAML files in unit tests
	* perl-Text-CSV_XS: Comma-separated values manipulation routines
	* perl-Text-Template: Expand template text with embedded Perl
	* perl-UNIVERSAL-require: Require() modules from a variable
	* perl-YAML-LibYAML: YAML::LibYAML Perl module
	* python-epdb : an extended Python debugger
	* radiusclient-ng: RADIUS protocol client library
	* rrdtool: Round Robin Database Tool to store and display time-series data
	* rsyslog: Enhanced system logging and kernel message trapping daemons
	* rubygems: The Ruby standard for packaging ruby libraries
	* t1lib: PostScript Type 1 font rasterizer
	* tomcat-native: Tomcat native library
	* xorg-x11-apps: X.Org X11 applications
	* xorg-x11-utils: X.Org X11 X client utilities
	* xorg-x11-xbitmaps: X.Org X11 application bitmaps