suse-su-2025:20755-1
Vulnerability from csaf_suse
Published
2025-09-23 09:05
Modified
2025-09-23 09:05
Summary
Security update for cloud-init
Notes
Title of the patch
Security update for cloud-init
Description of the patch
This update for cloud-init fixes the following issues:
Update to version 25.1.3 (bsc#1245401,bsc#1245403):
+ docs: provide example3 for PAM and ssh_pwauth behavior (#27)
+ fix: Make hotplug socket writable only by root (#25) (CVE-2024-11584)
+ fix: Don't attempt to identify non-x86 OpenStack instances (LP: #2069607)
(CVE-2024-6174)
From 25.1.2:
+ fix: ensure MAAS datasource retries on failure (#6167)
Update to version 25.1.1 (bsc#1239715,jsc#PED-8680,bsc#1228414):
+ Drop hidesensitivedata in 16 & greater
+ test: pytestify cc_chef tests, add migration test
+ chef: migrate files in old config directories for backups and cache
+ fix: correct the path for Chef's backups (#5994)
+ fix(Azure): don't reraise FileNotFoundError during ephemeral setup (#6113)
+ fix(azure): handle unexpected exceptions during obtain_lease() (#6092)
[Ksenija Stanojevic]
+ Allow to set mac_address for VLAN subinterface (#6081)
[jumpojoy] (GH: 5364)
+ fix: Remove erroneous EC2 reference from 503 warning (#6077)
+ fix: NM reload and bring up individual network conns (#6073) [Ani Sinha]
+ fix: stop warning on dual-stack request failure (#6044)
+ fix: install_method: pip cannot find ansible-pull command path (#6021)
[Hasan Aliyev] (GH: 5720)
+ fix: Fix DataSourceAliYun exception_cb signature (#6068) (GH: 6066)
+ fix: Update OauthUrlHelper to use readurl exception_cb signature
(GH: 6065)
+ test: add OauthUrlHelper tests
+ test: Remove CiTestCase from test_url_helper.py
+ test: pytestify test_url_helper.py
+ fix: track more removed modules (#6043)
From 25.1:
+ ci: fix post-merge packaging CI (#6038)
+ feat(azure): Fix imds-based ssh_pwauth (#6002) [Ksenija Stanojevic]
+ ci: check for sorted patches (#6036)
+ feat: aliyun datasource support crawl metadata at once (#5942)
[jinkangkang]
+ docs: document /usr merge breaking change (#6032)
+ test: Add integration test for /var mounts (#6033)
+ test: Ensure pre-24.2 custom modules work (#6034)
+ doc: Update references to older keys (#6022) [Pedro Ribeiro]
+ fix: untyped-defs in tests/unittests/{config, net, sources} (#6023)
[Romain]
+ fix: don't reference PR in post-merged CI (#6019)
+ chore: explicitly skip broken ansible integration tests (#5996) [a-dubs]
+ tests(oracle): fix test_install_missing_deps apt race condition (#5996)
[a-dubs]
+ test(oracle): fix test_ubuntu_drivers_installed (#5996) [a-dubs]
+ test(oracle): fix test_frequency_override integration test (#5996)
[a-dubs]
+ chore: add type hint to IntegrationCloud's cloud_instance field (#5996)
[a-dubs]
+ test(oracle): fix modules/test_lxd.py::test_storage_lvm on noble (#5996)
[a-dubs]
+ commit 9e591fff266be9d4c83f74ec02a717b74993304d [a-dubs]
+ net/sysconfig: do not remove all existing settings of
/etc/sysconfig/network (#5991) [Ani Sinha] (GH: 5990)
+ fix: remove wrong return when checking if network necessary (#6013)
+ fix: typing for rsyslog, ubuntu_pro, power_state_change (#5985)
[MostafaTarek124eru]
+ fix: Retry on OpenStack HTTP status codes (#5943) [weiyang] (GH: 5687)
+ fix: Ensure fqdn is treated as string in get_hostname_fqdn (#5993)
[MKhatibzadeh] (GH: 5989)
+ feat(vmware): Convert imc network config to v2 (#5937) [PengpengSun]
+ ci: add upstream post-merge test
+ ci: check if upstream commit causes ubuntu patch conflicts
+ ci: organize cla tests together
+ test: eliminate obsolete cases, add non-error case
+ chore: remove redundant manual schema validation
+ doc: clarify subiquity docs
+ chore: cleanup `len' usage (#5956) [Shreenidhi Shedi]
+ Fix: GCE _get_data crashes if DHCP lease fails (#5998) [Bryan Fraschetti]
+ Fixes GH-5997
+ fix: correct the path for Chef's cache (#5994)
[MostafaTarek124eru] (GH: 5090)
+ fix: Run ansible with run_user instead of root for distro install_method
(#5986) [Amirhossein Shaerpour] (GH: 4092)
+ fix: retry AWS hotplug for async IMDS (#5995) (GH: 5373)
+ feat(integration_tests): add optional INSTANCE_TYPE setting (#5988)
[Alec Warren]
+ feat(integration-tests): set boto3 and botocore to INFO to prevent
log spamming [a-dubs]
+ ci: add 'tox -e integration-tests-fast' command [a-dubs]
+ chore: Add feature flag for manual network waiting (#5977)
+ Release 24.4.1
+ fix: Use /usr/lib/ rather than /lib in packaging code (#5970)
+ Use log_with_downgradable_level for user password warnings (#5927)
[Ani Sinha]
+ doc: change to hyphenated keys (#5909) (GH: 5555)
+ fix: Wait for udev on openstack (#5947) [Robert Schweikert] (GH: 4125)
+ test: disambiguate resource cleanup from test failure (#5926)
+ fix: use program name of netcat as installed by upstream, "nc" (#5933)
(#5933) [Andreas K. Hüttel]
+ ci: bump canonical/setup-lxd to version v0.1.2 (#5948)
+ feat(cc_chef): Allow change of Chef configuration file (#5925)
[Sean Smith]
+ docs: fix typo in generated file in LXD tutorial (#5941) [Pavel Shpak]
+ feat: Identify Samsung Cloud Platform as OpenStack (#5924) [us0310306]
+ fix: don't deadlock when starting network service with systemctl (#5935)
+ feat: Custom keys for apt archives (#5828) [Bryan Fraschetti] (GH: 5473)
+ test: improve test initialization error path (#5920)
+ chore: improve logging when lxd detection fails (#5919)
+ fix: Add "manual" to allowed subnet types (#5875)
[Math Marchand] (GH: 5769)
+ fix: remove bad ssh_svcname setting for Gentoo/OpenRC (#5918)
[Andreas K. Hüttel]
+ feat(gentoo): Add compatibility for Gentoo with systemd (#5918)
[Andreas K. Hüttel]
+ fix(ovf): no warning should be log when rpctool found no value (#5915)
[PengpengSun] (GH: 5914)
+ Move DS VMware to be in front of DS OVF (#5912) [PengpengSun] (GH: 4030)
+ ci: Add proper 'Breaks: ' to integration testing simple deb (#5923)
+ chore: Add akhuettel to CLA signers file (#5917) [Andreas K. Hüttel]
+ chore: eliminate calls at import time (#5889) (GH: 5344)
+ test: Add pyserial to test-requirements.txt (#5907)
+ test: Allow unknown size in growpart test (#5876)
+ doc: Update tutorials [Sally]
+ fix: bump azure key size to 3072 (#5841)
24.4.1:
+ fix: Ensure _should_wait_via_user_data() handles all user data types (#5976)
+ fix: Don't log error in wait_for_url (#5972)
+ feat(url_helper): Retry on 503 error (#5938)
+ fix: Don't break modules that use get_meta_doc() (#5953)
+ refactor: Pass deprecation log args as tuple (#5953)
+ fix: uninstall custom signal handlers before shutdown (#5913)
24.4:
+ test: Ensure unit ordering in ftp tests includes downstream units (#5892)
+ test: re-decrement expected webhook events (#5894)
+ test: allow relative path in apt-get test (#5891)
+ Fix metric setting of nmconnection for rhel (#5878) [Amy Chen]
+ chore: remove unused code(#5887)
+ feat(ephemeral): replace old has_url_connectivity() with new
_check_connectivity_to_imds() [a-dubs]
+ feat(oracle): add true single stack ipv6 support [a-dubs]
+ feat(ephemeral): refactor ephemeralIP and add ipv6 connectivity check
[a-dubs]
+ test: Decrement expected webhook events (#5888)
+ chore: remove `--docs` option from `cloud-init schema` (#5857) (GH: 5756)
+ test: pytestify "tests/unittests/config/test_cc_timezone.py" (#5885)
[Mahesh Ghumare]
+ ci: bump integration tests to use plucky
+ test: add grub_dpkg to inactive modules
+ test: move default behavior tests into their own module
+ test(apt): add plucky version for hello pkg (#5883)
+ Docs: improved mermaid diagram for better visibility. Add "MaheshG11"
as contributor (#5874) [Mahesh Ghumare] (GH: 5837)
+ fix(ntp): Fix RockyLinux OS support (#5864) [Sid Shukla]
+ chore(jsonschema): migrate from deprecated Validator.iter_errors (#5856)
+ chore: remove deprecation warning getting jsonschema's version (#5856)
+ chore: use filter arg for tar.extractall (#5856)
+ chore: remove __init__ from pytest test class (#5856)
+ chore: do not test element's truth value directly (#5856)
+ chore: migrate from deprecated datetime.datetime.utcfromtimestamp (#5856)
+ chore: migrate from deprecated datetime.datetime.utcnow() (#5856)
+ chore: set recursive=False for ensure_dir if parent path is "/" (#5816)
[sxt1001]
+ ci: fix broken daily dependencies (#5867)
+ ci: fix packaging tests (#5865)
+ feat(vultr): add override for network interface detection (#5847)
[Andrew Davis]
+ feat(networkd): Support RequiredForOnline option (#5852) [Dan McGregor]
+ Prevent NM from handling DNS when network interfaces have DNS config
(#5846) [Ani Sinha]
+ fix(smartos): Add `addrconf` IPv6 support (#5831)
[blackhelicoptersdotnet]
+ freebsd: adjust to match the new pyyaml package name (#5844)
[Gonéri Le Bouder]
+ fix: disable grub-dpkg by default (#5840)
+ fix(openbsd): Enable sysv init scripts in OpenBSD build script (#5790)
[Hyacinthe Cartiaux] (LP: 4036, #1992853)
+ test: Fix duplicate judgment conditions in password generation (#5835)
[sxt1001]
+ chore: don't render non-templated unit files (#5830)
+ chore: simplify and standardize cloud-final.service (#5830)
+ chore: simplify Conflicts=shutdown.target (#5830)
+ chore: remove redundant Before=NetworkManager.service (#5830)
+ chore: remove unnecessary systemd settings (#5830)
+ chore: eliminate redundant ordering dependencies (#5819)
+ fix: fix ordering cycle for distros with default deps (#5819) (GH: 5755)
+ test: unbreak pytest-xdist (#5829)
+ feat: Conditionally remove networkd online dependency on Ubuntu (#5772)
+ feat: Ensure random passwords contain multiple character types (#5815)
[sxt1001] (GH: 5814)
+ docs: split example page into example library (#5645) [Sally]
+ doc: clarify workarounds required for single process changes (#5817)
+ chore: add 3.13 to PR CI runs, 3.14 to scheduled (#5825)
+ fix: Render v2 bridges correctly on network-manager with set-name
(#5740) (GH: 5717)
+ test: add no_thinpool unit test (#5802)
+ chore: split lxd init config into separate function (#5802)
+ test: pytestify test_cc_lxd.py (#5802)
+ fix: Correctly handle missing thinpool in cc_lxd (#5802)
+ fix: Render bridges correctly for v2 on sysconfig with set-name (#5674)
(GH: 5574)
+ tests(minimal): rsyslog not in minimal images expect warning (#5811)
+ tests(lxd): avoid failure on multiple calls to --show-log (#5811)
+ chore: update netplan import semantics and related tests (#5805)
(GH: 5804)
+ lint: fix untyped-defs on /tests/unittest/cmd (#5800) [iru]
+ test: actually use devel release and verify_clean_boot enhancements
(#5801)
+ feat(locale): locales install on minimal images when cfg requests (#5799)
+ feat(byobu): support byobu install on minimal images when cfg requests
(#5799)
+ chore: Use devel release and no sbuild in integration CI (#5798)
+ test: Update integration tests from netplan backport (#5796)
+ test: add get_syslog_or_console for minimal images without syslog (#5793)
+ chore: Remove resize_root_tmp from cloud.cfg.tmpl (#5795) (GH: 5786)
+ docs: Fix field name from `contents` to `content` (#5787) [Igor Akkerman]
+ chore: bump pycloudlib to required version (#5792)
+ fix: avoid deprecation logs for calling cli stages (#5770) (GH: 5726)
+ tests: bump pycloudlib deps to include gce bug fix for id str (#5783)
+ fix(test): convert use p.gce.instance.id instead of instance_id (#5783)
+ fix(network-manager): bond properties and network schema (#5768)
[Denis Kadyshev]
+ Fix metric setting for ifcfg network connections for rhel (#5777)
[Ani Sinha] (GH: 5776)
+ fix(akamai): handle non-string user data in base64 decoding (#5751)
[Jesse Alter]
+ fix(ci): do not auto stale issues (#5775)
+ Make pytest more verbose for easier debugging (#5778) [Ani Sinha]
+ ci: fix tox.ini pytest cmd to use cloudinit dir for coverage reporting
(#5774) [Alec Warren]
+ tests: add OS_IMAGE_TYPE setting to allow for minimal tests (#5682)
+ test(hotplug): Simplify test_multi_nic_hotplug (#5763)
+ test(hotplug): increase nc timeout (#5763)
+ test: pytestify test_main.py (#5758)
+ test(ec2-dual-stack): fix int-test (#5762)
+ test: make verify_clean_boot really respect return code (#5761)
+ test: bump timeout in test_order (#5759)
+ docs: Properly document the cc_ubuntu_autoinstall module (#5757)
+ docs: fix WSL tutorial (#5752) (GH: 5746)
+ test: make verify_clean_boot respect return code by environment (#5754)
+ feat(integration_test): add CLOUD_INIT_PKG setting (#5739)
+ fix(ci): fix packaging check merge operation (#5750)
+ doc: do not document user.meta-data key (#5745)
+ test: avoid undocumented lxd key (#5748)
+ test: Refactor test_cc_set_hostname.py and test_cc_ntp.py (#5727)
+ chore: update docs URLs to cloud-init.io (#5741)
+ test: fix timer logging change expected logs (#5734)
+ fix: type annotations for several modules (#5733)
+ chore: add timer to io and string manipulation code
+ feat: add log package and performance module
+ remove newline injected for cloud-init status --wait (#5700)
[Andrew Nelson] (GH: 5863)
+ test: webhook require_deprecation msg on 24.3 (#5731)
+ test: fix test_nocloud message typo introduced by 313390f8 (#5731)
+ test: Fix test_log_message_on_missing_version_file (#5730)
+ tests: assert info level warnings instead of require_deprecation
+ tests: fix test to ignore_warnings not require Used fallback ds
+ chore: clean up pytest warnings (#5721)
+ tests(pro): bump pycloudlib add noble release to pro tests (#5719)
+ fix(hotplugd.socket): remove basic.target as dependency (#5722)
(LP: #2081124)
+ ci: fix integration test positional argument (#5718)
+ Create datasource for CloudCIX (#1351) [BrianKelleher]
+ ci: colorize output (#5716)
+ fix(schema): Allow for locale: false in schema add tests (#5647)
+ ci: fix packaging patch check (#5713)
+ chore: clean up old pickle workaround (#5714)
+ fix: force sftp cleanup when done with instance (#5698)
+ test(hotplug): reenable vpc test in focal (#5492)
+ chore: fix typing of userdata_raw (#5710)
+ fix(NetworkManager): Fix network activator (#5620)
+ fix: lxd do not check for thinpool kernel module (#5709)
+ docs: fix typo in docstring (#5708)
+ Scaleway: Force on-link: true for static networks (#5654)
[Louis Bouchard] (LP: 5523, #2073869)
+ fix: Invalid "seedfrom" in NoCloud system configuration (#5701)
+ tests: pytestify test_nocloud.py (#5701)
+ test: make verify_clean_boot respect return code by series (#5695)
+ fix: use cross-distro netcat name (#5696)
+ ci: fix labeler (#5697)
+ chore(actions): add packaging label for any branches modifying debian/*
+ (#5693)
+ test: add verify_clean_boot() calls alongside verify_clean_log() (#5671)
+ test: add deprecation support to verify_clean_boot (#5671)
+ doc: remove misleading warning (#5681)
+ chore: Prefer other methods over $INSTANCE_ID (#5661)
+ ci: fix packaging test when no patches (#5680)
+ chore: fix tip-ruff and update to latest version (#5676)
+ chore: make ansible test serial (#5677)
+ feat(ec2): Bump url_max_timeout to 240s from 120s. (#5565)
[Robert Nickel]
+ chore: fix typo in requirements.txt (#5637)
+ feat: make pyserial an optional dependency (#5637)
+ chore: bump ci dependency versions (#5660)
+ chore: drop broken optimization (#5666)
24.3.1:
+ test: add test coverage for iproute2 commands (#5651)
+ fix(netops): fix ip addr flush command (#5651) (GH: 5648)
24.3:
+ docs: Clarify v2 set-name behavior (#5639)
+ fix: properly handle blank lines in fstab (#5643)
+ fix: cc_user_groups incorrectly assumes "useradd" never locks password
field (#5355) [dermotbradley]
+ tests: assert cloud-init user-data cert is the only root cert (#5641)
+ feat: add automation for ubuntu/* branches asserting quilt patches apply
(#5622)
+ fix(sources/wsl): no error with empty .cloud-init dir (SC-1862) (#5633)
+ feat(azure): add PPS support for azure-proxy-agent (#5601)
[Ksenija Stanojevic]
+ fix(tests): use instance.clean/restart instead of clean --reboot (#5636)
+ test: fix cmd/test_schema int test (#5629)
+ test: fix test_honor_cloud_dir int test (#5627)
+ docs: alphabetize dsname lookup table. update comment to create the csv
(#5624)
+ docs: new datasources should update reference/ds_dsname_map (#5624)
+ test: fix ca_certs int test (#5626)
+ chore: update schema docs to use RST bold for config key names (#5562)
+ fix(doc): italics around deprecation prefix, description bolds key names
(#5562)
+ feat(doc): add env vars to debug config module doc builds (#5562)
+ fix(doc): doc of nested objects under JSON schema items.oneOf (#5562)
+ fix(doc): object type check if patternProperties or properties (#5562)
+ doc(schema): schema descriptions should end with trailing stop (#5562)
+ fix(wsl): Properly assemble multipart data (#5538) [Carlos Nihelton]
+ feat: collect-logs improvements (#5619)
+ tests: fix test_ca_certs.py for gcp (#5621)
+ fix(nm): Ensure bond property name formatting matches schema definition
(#5383) [Curt Moore]
+ Update behavior of base bond interface with NetworkManager (#5385)
[Curt Moore]
+ ci: Drop Python 3.6 and 3.7 (#5607)
+ chore(black): Bump version (#5607)
+ chore(mypy): Fix failures on newer versions of mypy (#5607)
+ chore(tox.ini): Simplify configuration, fix minor bugs (#5607)
+ chore(mypy): Lint log module (#5607)
+ fix(systemd): Correct location of installed drop-in files(#5615)
[Noah Meyerhans]
+ fix(btrfs): Version parsing (#5618)
+ docs: Remove unnecessary section, add feature flag page (#5617)
+ docs: Drop Python 3.6 and 3.7 support (#5617)
+ chore: explain other use of oauth (#5616)
+ chore(actions): add doc label for any doc related subdir file matches
(#5602)
+ doc: Add misc links, improve wording (#5595)
+ doc(boot): Make first boot a dedicated page (#5595)
+ doc: Describe all stages in a single process (#5595)
+ chore: Deprecate old commands in help output (#5595)
+ chore: add comment explaining the NetworkManager may-fail setting
(#5598) [Ani Sinha]
+ Revert "fix(vmware): Set IPv6 to dhcp when there is no IPv6 addr
(#5471)" (#5596) [PengpengSun]
+ fix: read_optional_seed to set network-config when present (#5593)
+ feat(snap): avoid refresh on package_upgrade: true and refresh.hold
(#5426)
+ fix: Fix tests which have outdated strings (#5585)
+ fix: Fix ftp failures (#5585)
+ doc: improve integration testing configuration instructions (#5556)
[Alec Warren]
+ azure: check azure-proxy-agent status (#5138) [Ksenija Stanojevic]
+ refactor: refactor and fix mypy in DataSourceIBMCloud.py (#5509)
[Alec Warren]
+ fix: Update default LXD meta-data with user meta-data (#5584)
+ chore: Fix log message in url_helper.py (#5583)
+ fix: nocloud no fail when network-config absent (#5580)
+ feat: Single process optimization (#5489)
+ chore: Add helper, refactor utilities into separate module (#5573)
+ refactor: update handle function of cc_mounts (#5498)
+ fix: Integration tests (#5576)
+ fix(NoCloudNet): Add network-config support (#5566)
+ feat: Eliminate redundant configuration reads (#5536)
+ fix(actions): correct typo in cloudinit/config/schemas/ match (#5570)
+ fix: add host template for AOSC (#5557) [Yuanhang Sun]
+ chore(debian): Remove vestigial postinst and preinst code (#5569)
+ fix(actions): doc labeler needs all clause instead of default any (#5568)
+ docs: Overhaul user data formats documentation (#5551)
+ chore: Deprecate ENI as an input configuration format (#5561)
+ doc: improve drop-in custom modules (#5548)
+ doc(NoCloud): Categorize the different configuration types (#5521)
+ doc(autoinstall): Remove incorrect statements, be more direct (#5545)
+ chore: remove unneeded doc-lint tox env config (#5547)
+ fix(doc-spelling): config spelling_word_list_filename (#5547)
+ doc(modules): add section to wrap modules' doc (#5550)
+ doc: Update docs on boothooks (#5546)
+ fix: doc auto label to consider schema json changes as doc PRs (#5543)
+ feat(schema): add chef_license schema enum (#5543)
+ doc: add diagram with boot stages (#5539)
+ docs: improve qemu command line (#5540) [Christian Ehrhardt]
+ fix: auto label doc PRs (#5542)
+ fix(wsl): Put back the "path" argument to wsl_path in ds-identify
+ (#5537) [Carlos Nihelton]
+ test: fix test_kernel_command_line_match (#5529)
+ test: fix no ds cache tests (#5529)
+ fix(azurelinux): Change default usr_lib_exec path (#5526) [Minghe Ren]
+ feat: Support URI sources in `write_files` module (#5505)
[Lucas Ritzdorf]
+ add openeuler to distros in cc_spacewalk.py (#5530) [sxt1001]
+ feat(wsl): Special handling Landscape client config tags (#5460)
[Carlos Nihelton]
+ chore: Deprecate partially supported system config (#5515)
+ chore: Improve detection logging for user clarity (#5515)
+ fix(ds-identify): Detect nocloud when seedfrom url exists (#5515)
+ refactor: logs.py add typing and small misc refactors (#5414)
+ refactor: logs.py pathlib changes (#5414)
+ refactor: replace verbosity with log levels in logs.py (#5414)
+ feat: Add trace-level logger (#5414)
+ chore(formatting): fix squashed commit test formatting (#5524)
+ fix: Clean cache if no datasource fallback (#5499)
+ Support setting mirrorlist in yum repository config (#5522) [Ani Sinha]
+ doc(OFV): Document how to configure cloud-init (#5519)
+ fix: Update DNS behavior for NetworkManager interfaces (#5496)
[Curt Moore]
+ Fix configuration of DNS servers via OpenStack (#5384) [Curt Moore]
+ test: Unconditionally skip test_multi_nic_hotplug_vpc (#5503)
+ tests: revert expectation of exit 2 from cloud-init init --local (#5504)
+ fix(test): Fix ip printer for non-lxd (#5488)
+ feat(systemd): convert warning level message to deprecation (#5209)
+ test: allow verify_clean_boot to ignore all or specific tracebacks
(#5209)
+ test: Don't fail tests which call cloud-init as a command (#5209)
+ feat(systemd): Warn user of unexpected run mode (#5209)
+ fix: add schema rules for 'baseurl' and 'metalink' in yum repo config
(#5501) [Ani Sinha]
+ Set MTU for bond parent interface (#5495) [Curt Moore]
+ refactor: util.mounts to handle errors (#5490)
+ refactor: util.get_proc_env to work with strs (#5490)
+ typing: fix check_untyped_defs in cloudinit.util (#5490)
+ test: Add missing assert to test_status.py (#5494)
+ test: Ensure mkcert executable in ftp tests (#5493)
+ test: pytestify and cleanup test_cc_mounts.py (#5459)
+ fix(vmware): Set IPv6 to dhcp when there is no IPv6 addr (#5471)
[PengpengSun]
+ fix(openbsd): fix mtu on newline in hostname files (#5412) [Tobias Urdin]
+ feat(aosc): Add 'AOSC OS' support (#5310) [Yuanhang Sun]
24.2:
+ test: Fix no default user in test_status.py (#5478)
+ fix: correct deprecated_version=22.2 for users.sudo
+ test: Add jsonschema guard in test_cc_ubuntu_pro.py (#5479)
+ fix(test): Fix pycloudlib types in integration tests (#5350)
+ fix(test): Fix ip printing for non-lxd instances (#5350)
+ chore(mypy): Drop unused missing import exclusions (#5350)
+ type: Add stub types for network v1/v2 config (#5350)
+ chore: Auto-format network jsonschema in ci (#5350)
+ fix(tox): Update tox.ini (#5350)
+ chore(typing): Remove type ignores and casts (#5350)
+ refactor(typing): Remove unused code paths (#5350)
+ fix(typing): Add / update type annotations (#5350)
+ fix(typing): Remove type annotation for unused variable (#5350)
+ fix(typing): Remove invalid type annotations (#5350)
+ ci(mypy): Set default follow_imports value (#5350)
+ test: Update integration tests to pass on focal (#5476)
+ tests: update ubuntu_pro test to account for info-level deprecations
(#5475)
+ tests: update nocloud deprecation test for boundary version (#5474)
+ fix(rh_subscription): add string type to org (#5453)
+ tests: integration tests aware of features.DEPRECATION_INFO_BOUNDARY
+ tests: update keyserver PPA key fur curtin-dev (#5472)
+ test: Fix deprecation test failures (#5466)
+ chore: fix schema.py formatting (#5465)
+ fix: dont double-log deprecated INFOs (#5465)
+ fix(test): Mock version boundary (#5464)
+ fix(schema): Don't report changed keys as deprecated (#5464)
+ test: fix unit test openstack vlan mac_address (#5367)
+ fix: Ensure properties for bonded interfaces are properly translated
(#5367) [Curt Moore]
+ fix(schema): permit deprecated hyphenated keys under users key (#5456)
+ fix: Do not add the vlan_mac_address field into the VLAN object (#5365)
[Curt Moore]
+ doc(refactor): Convert module docs to new system (#5427) [Sally]
+ test: Add unit tests for features.DEPRECATION_INFO_BOUNDARY (#5411)
+ feat: Add deprecation boundary support to schema validator (#5411)
+ feat: Add deprecation boundary to logger (#5411)
+ fix: Gracefully handle missing files (#5397) [Curt Moore]
+ test(openstack): Test bond mac address (#5369)
+ fix(openstack): Fix bond mac_address (#5369) [Curt Moore]
+ test: Add ds-identify integration test coverage (#5394)
+ chore(cmdline): Update comments (#5458)
+ fix: Add get_connection_with_tls_context() for requests 2.32.2+ (#5435)
[eaglegai]
+ fix(net): klibc ipconfig PROTO compatibility (#5437)
[Alexsander de Souza] (LP: #2065787)
+ Support metalink in yum repository config (#5444) [Ani Sinha]
+ tests: hard-code curtin-dev ppa instead of canonical-kernel-team (#5450)
+ ci: PR update checklist GH- anchors to align w/ later template (#5449)
+ test: update validate error message in test_networking (#5436)
+ ci: Add PR checklist (#5446)
+ chore: fix W0105 in t/u/s/h/test_netlink.py (#5409)
+ chore(pyproject.toml): migrate to booleans (#5409)
+ typing: add check_untyped_defs (#5409)
+ fix(openstack): Append interface / scope_id for IPv6 link-local metadata
address (#5419) [Christian Rohmann]
+ test: Update validation error in test_cli.py test (#5430)
+ test: Update schema validation error in integration test (#5429)
+ test: bump pycloudlib to get azure oracular images (#5428)
+ fix(azure): fix discrepancy for monotonic() vs time() (#5420)
[Chris Patterson]
+ fix(pytest): Fix broken pytest gdb flag (#5415)
+ fix: Use monotonic time (#5423)
+ docs: Remove mention of resolv.conf (#5424)
+ perf(netplan): Improve network v1 -> network v2 performance (#5391)
+ perf(set_passwords): Run module in Network stage (#5395)
+ fix(test): Remove temporary directory side effect (#5416)
+ Improve schema validator warning messages (#5404) [Ani Sinha]
+ feat(sysconfig): Add DNS from interface config to resolv.conf (#5401)
[Ani Sinha]
+ typing: add no_implicit_optional lint (#5408)
+ doc: update examples to reflect alternative ways to provide `sudo`
option (#5418) [Ani Sinha]
+ fix(jsonschema): Add missing sudo definition (#5418)
+ chore(doc): migrate cc modules i through r to templates (#5313)
+ chore(doc): migrate grub_dpkg to tmpl add changed/deprecation (#5313)
+ chore(json): migrate cc_apt_configure and json schema indents (#5313)
+ chore(doc): migrate ca_certs/chef to template, flatten schema (#5313)
+ chore(doc): migrate cc_byobu to templates (#5313)
+ chore(doc): migrate cc_bootcmd to templates (#5313)
+ fix(apt): Enable calling apt update multiple times (#5230)
+ chore(VMware): Modify section of instance-id in the customization config
(#5356) [PengpengSun]
+ fix(treewide): Remove dead code (#5332) [Shreenidhi Shedi]
+ doc: network-config v2 ethernets are of type object (#5381) [Malte Poll]
+ Release 24.1.7 (#5375)
+ fix(azure): url_helper: specify User-Agent when using headers_cb with
readurl() (#5298) [Ksenija Stanojevic]
+ fix: Stop attempting to resize ZFS in cc_growpart on Linux (#5370)
+ doc: update docs adding YAML 1.1 spec and jinja template references
+ fix(final_message): do not warn on datasourcenone when single ds
+ fix(growpart): correct growpart log message to include value of mode
+ feat(hotplug): disable hotplugd.socket (#5058)
+ feat(hotlug): trigger hotplug after cloud-init.service (#5058)
+ test: add function to push and enable systemd units (#5058)
+ test(util): fix wait_until_cloud_init exit code 2 (#5058)
+ test(hotplug): fix race getting ipv6 (#5271)
+ docs: Adjust CSS to increase font weight across the docs (#5363) [Sally]
+ fix(ec2): Correctly identify netplan renderer (#5361)
+ tests: fix expect logging from growpart on devent with partition (#5360)
+ test: Add v2 test coverage to test_net.py (#5247)
+ refactor: Simplify collect_logs() in logs.py (#5268)
+ fix: Ensure no subp from logs.py import (#5268)
+ tests: fix integration tests for ubuntu pro 32.3 release (#5351)
+ tests: add oracular's hello package for pkg upgrade test (#5354)
+ growpart: Fix behaviour for ZFS datasets (#5169) [Mina Galić]
+ device_part_info: do not recurse if we did not match anything (#5169)
[Mina Galić]
+ feat(alpine): add support for Busybox adduser/addgroup (#5176)
[dermotbradley]
+ ci: Move lint tip and py3-dev jobs to daily (#5347)
+ fix(netplan): treat netplan warnings on stderr as debug for cloud-init
(#5348)
+ feat(disk_setup): Add support for nvme devices (#5263)
+ fix(log): Do not warn when doing requested operation (#5263)
+ Support sudoers in the "/usr/usr merge" location (#5161)
[Robert Schweikert]
+ doc(nocloud): Document network-config file (#5204)
+ fix(netplan): Fix predictable interface rename issue (#5339)
+ cleanup: Don't execute code on import (#5295)
+ fix(net): Make duplicate route add succeed. (#5343)
+ fix(freebsd): correct configuration of IPv6 routes (#5291) [Théo Bertin]
+ fix(azure): disable use-dns for secondary nics (#5314)
+ chore: fix lint failure (#5320)
+ Update pylint version to support python 3.12 (#5338) [Ani Sinha]
+ fix(tests): use regex to avoid focal whitespace in jinja debug test
(#5335)
+ chore: Add docstrings and types to Version class (#5262)
+ ci(mypy): add type-jinja2 stubs (#5337)
+ tests(alpine): github trust lxc mounted source dir cloud-init-ro (#5329)
+ test: Add oracular release to integration tests (#5328)
+ Release 24.1.6 (#5326)
+ test: Fix failing test_ec2.py test (#5324)
+ fix: Check renderer for netplan-specific code (#5321)
+ docs: Removal of top-level --file breaking change (#5308)
+ fix: typo correction of delaycompress (#5317)
+ docs: Renderers/Activators have downstream overrides (#5322)
+ fix(ec2): Ensure metadata exists before configuring PBR (#5287)
+ fix(lxd): Properly handle unicode from LXD socket (#5309)
+ docs: Prefer "artifact" over "artefact" (#5311) [Arthur Le Maitre]
+ chore(doc): migrate cc_byobu to templates
+ chore(doc): migrate cc_bootcmd to templates
+ chore(doc): migrate apt_pipelining and apk_configure to templates
+ tests: in_place mount module-docs into lxd vm/container
+ feat(docs): generate rtd module schema from rtd/module-docs
+ feat: Set RH ssh key permissions when no 'ssh_keys' group (#5296)
[Ani Sinha]
+ test: Avoid circular import in Azure tests (#5280)
+ test: Fix test_failing_userdata_modules_exit_codes (#5279)
+ chore: Remove CPY check from ruff (#5281)
+ chore: Clean up docstrings
+ chore(ruff): Bump to version 0.4.3
+ feat(systemd): Improve AlmaLinux OS and CloudLinux OS support (#5265)
[Elkhan Mammadli]
+ feat(ca_certs): Add AlmaLinux OS and CloudLinux OS support (#5264)
[Elkhan Mammadli]
+ docs: cc_apt_pipelining docstring typo fix (#5273) [Alex Ratner]
+ feat(azure): add request identifier to IMDS requests (#5218)
[Ksenija Stanojevic]
+ test: Fix TestFTP integration test (#5237) [d1r3ct0r]
+ feat(ifconfig): prepare for CIDR output (#5272) [Mina Galić]
+ fix: stop manually dropping dhcp6 key in integration test (#5267)
[Alec Warren]
+ test: Remove some CiTestCase tests (#5256)
+ fix: Warn when signal is handled (#5186)
+ fix(snapd): ubuntu do not snap refresh when snap absent (LP: #2064300)
+ feat(landscape-client): handle already registered client (#4784)
[Fabian Lichtenegger-Lukas]
+ doc: Show how to debug external services blocking cloud-init (#5255)
+ fix(pdb): Enable running cloud-init under pdb (#5217)
+ chore: Update systemd description (#5250)
+ fix(time): Harden cloud-init to system clock changes
+ fix: Update analyze timestamp uptime
+ fix(schema): no network validation on netplan systems without API
+ fix(mount): Don't run cloud-init.service if cloud-init disabled (#5226)
+ fix(ntp): Fix AlmaLinux OS and CloudLinux OS support (#5235)
[Elkhan Mammadli]
+ tests: force version of cloud-init from PPA regardless of version (#5251)
+ ci: Print isort diff (#5242)
+ test: Fix integration test dependencies (#5248)
+ fix(ec2): Fix broken uuid match with other-endianness (#5236)
+ fix(schema): allow networkv2 schema without top-level key (#5239)
[Cat Red]
+ fix(cmd): Do not hardcode reboot command (#5208)
+ test: Run Alpine tests without network (#5220)
+ docs: Add base config reference from explanation (#5241)
+ docs: Remove preview from WSL tutorial (#5225)
+ chore: Remove broken maas code (#5219)
+ feat(WSL): Add support for Ubuntu Pro configs (#5116) [Ash]
+ chore: sync ChangeLog and version.py from 24.1.x (#5228)
+ bug(package_update): avoid snap refresh in images without snap command
(LP: #2064132)
+ ci: Skip package build on tox runs (#5210)
+ chore: Fix test skip message
+ test(ec2): adopt pycloudlib public ip creation while launching instances
+ test(ec2): add ipv6 testing for multi-nic instances
+ test(ec2): adopt pycloudlib enable_ipv6 while launching instances
+ feat: tool to print diff between netplan and networkv2 schema (#5200)
[Cat Red]
+ test: mock internet access in test_upgrade (#5212)
+ ci: Add timezone for alpine unit tests (#5216)
+ fix: Ensure dump timestamps parsed as UTC (#5214)
+ docs: Add WSL tutorial (#5206)
+ feature(schema): add networkv2 schema (#4892) [Cat Red]
+ Add alpine unittests to ci (#5121)
+ test: Fix invalid openstack datasource name (#4905)
+ test: Fix MAAS test and mark xfail (#4905)
+ chore(ds-identify): Update shellcheck ignores (#4905)
+ fix(ds-identify): Prevent various false positives and false negatives
(#4905)
+ Use grep for faster parsing of cloud config in ds-identify (#4905)
[Scott Moser] (LP: #2030729)
+ tests: validate netplan API YAML instead of strict content (#5195)
+ chore(templates): update ubuntu universe wording (#5199)
+ Deprecate the users ssh-authorized-keys property (#5162)
[Anders Björklund]
+ doc(nocloud): Describe ftp and ftp over tls implementation (#5193)
+ feat(net): provide network config to netplan.State for render (#4981)
+ docs: Add breaking datasource identification changes (#5171)
+ fix(openbsd): Update build-on-openbsd python dependencies (#5172)
[Hyacinthe Cartiaux]
+ fix: Add subnet ipv4/ipv6 to network schema (#5191)
+ docs: Add deprecated system_info to schema (#5168)
+ docs: Add DataSourceNone documentation (#5165)
+ test: Skip test if console log is None (#5188)
+ fix(dhcp): Enable interactively running cloud-init init --local (#5166)
+ test: Update message for netplan apply dbus issue
+ test: install software-properties-common if absent during PPA setup
+ test: bump pycloudlib to use latest version
+ test: Update version of hello package installed on noble
+ test: universally ignore netplan apply dbus issue (#5178)
+ chore: Remove obsolete nose workaround
+ feat: Add support for FTP and FTP over TLS (#4834)
+ feat(opennebula): Add support for posix shell
+ test: Make analyze tests not depend on GNU date
+ test: Eliminate bash dependency from subp tests
+ docs: Add breaking changes section to reference docs (#5147) [Cat Red]
+ util: add log_level kwarg for logexc() (#5125) [Chris Patterson]
+ refactor: Make device info part of distro definition (#5067)
+ refactor: Distro-specific growpart code (#5067)
+ test(ec2): fix mocking with responses==0.9.0 (focal) (#5163)
+ chore(safeyaml): Remove unicode helper for Python2 (#5142)
+ Revert "test: fix upgrade dhcp6 on ec2 (#5131)" (#5148)
+ refactor(net): Reuse netops code
+ refactor(iproute2): Make expressions multi-line for legibility
+ feat(freebsd): support freebsd find part by gptid and ufsid (#5122)
[jinkangkang]
+ feat: Determining route metric based on NIC name (#5070) [qidong.ld]
+ test: Enable profiling in integration tests (#5130)
+ dhcp: support configuring static routes for dhclient's unknown-121
option (#5146) [Chris Patterson]
+ feat(azure): parse ProvisionGuestProxyAgent as bool (#5126)
[Ksenija Stanojevic]
+ fix(url_helper): fix TCP connection leak on readurl() retries (#5144)
[Chris Patterson]
+ test: pytest-ify t/u/sources/test_ec2.py
+ Revert "ec2: Do not enable dhcp6 on EC2 (#5104)" (#5145) [Major Hayden]
+ fix: Logging sensitive data
+ test: Mock ds-identify systemd path (#5119)
+ fix(dhcpcd): Make lease parsing more robust (#5129)
+ test: fix upgrade dhcp6 on ec2 (#5131)
+ net/dhcp: raise InvalidDHCPLeaseFileError on error parsing dhcpcd lease
(#5128) [Chris Patterson]
+ fix: Fix runtime file locations for cloud-init (#4820)
+ ci: fix linkcheck.yml invalid yaml (#5123)
+ net/dhcp: bump dhcpcd timeout to 300s (#5127) [Chris Patterson]
+ ec2: Do not enable dhcp6 on EC2 (#5104) [Major Hayden]
+ fix: Fall back to cached local ds if no valid ds found (#4997)
[PengpengSun]
+ ci: Make linkcheck a scheduled job (#5118)
+ net: Warn when interface rename fails
+ ephemeral(dhcpcd): Set dhcpcd interface down
+ Release 24.1.3
+ chore: Handle all level 1 TiCS security violations (#5103)
+ fix: Always use single datasource if specified (#5098)
+ fix(tests): Leaked mocks (#5097)
+ fix(rhel)!: Fix network boot order in upstream cloud-init
+ fix(rhel): Fix network ordering in sysconfig
+ feat: Use NetworkManager renderer by default in RHEL family
+ fix: Allow caret at the end of apt package (#5099)
+ test: Add missing mocks to prevent bleed through (#5082)
[Robert Schweikert]
+ fix: Ensure network config in DataSourceOracle can be unpickled (#5073)
+ docs: set the home directory using homedir, not home (#5101)
[Olivier Gayot] (LP: #2047796)
+ fix(cacerts): Correct configuration customizations for Photon (#5077)
[Christopher McCann]
+ fix(test): Mock systemd fs path for non-systemd distros
+ fix(tests): Leaked subp.which mock
+ fix(networkd): add GatewayOnLink flag when necessary (#4996) [王煎饼]
+ Release 24.1.2
+ test: fix `disable_sysfs_net` mock (#5065)
+ refactor: don't import subp function directly (#5065)
+ test: Remove side effects from tests (#5074)
+ refactor: Import log module rather than functions (#5074)
+ fix: Fix breaking changes in package install (#5069)
+ fix: Undeprecate 'network' in schema route definition (#5072)
+ refactor(ec2): simplify convert_ec2_metadata_network_config
+ fix(ec2): fix ipv6 policy routing
+ fix: document and add 'accept-ra' to network schema (#5060)
+ bug(maas): register the correct DatasourceMAASLocal in init-local
(#5068) (LP: #2057763)
+ ds-identify: Improve ds-identify testing flexibility (#5047)
+ fix(ansible): Add verify_commit and inventory to ansible.pull schema
(#5032) [Fionn Fitzmaurice]
+ doc: Explain breaking change in status code (#5049)
+ gpg: Handle temp directory containing files (#5063)
+ distro(freebsd): add_user: respect homedir (#5061) [Mina Galić]
+ doc: Install required dependencies (#5054)
+ networkd: Always respect accept-ra if set (#4928) [Phil Sphicas]
+ chore: ignore all cloud-init_*.tar.gz in .gitignore (#5059)
+ test: Don't assume ordering of ThreadPoolExecutor submissions (#5052)
+ feat: Add new distro 'azurelinux' for Microsoft Azure Linux. (#4931)
[Dan Streetman]
+ fix(gpg): Make gpg resilient to host configuration changes (#5026)
+ Sync 24.1.1 changelog and version
+ DS VMware: Fix ipv6 addr converter from netinfo to netifaces (#5029)
[PengpengSun]
+ packages/debian: remove dependency on isc-dhcp-client (#5041)
[Chris Patterson]
+ test: Allow fake_filesystem to work with TemporaryDirectory (#5035)
+ tests: Don't wait for GCE instance teardown (#5037)
+ fix: Include DataSourceCloudStack attribute in unpickle test (#5039)
+ bug(vmware): initialize new DataSourceVMware attributes at unpickle
(#5021) (LP: #2056439)
+ fix(apt): Don't warn on apt 822 source format (#5028)
+ fix(atomic_helper.py): ensure presence of parent directories (#4938)
[Shreenidhi Shedi]
+ fix: Add "broadcast" to network v1 schema (#5034) (LP: #2056460)
+ pro: honor but warn on custom ubuntu_advantage in /etc/cloud/cloud.cfg
(#5030)
+ net/dhcp: handle timeouts for dhcpcd (#5022) [Chris Patterson]
+ fix: Make wait_for_url respect explicit arguments
+ test: Fix scaleway retry assumptions
+ fix: Make DataSourceOracle more resilient to early network issues
(#5025) (LP: #2056194)
+ chore(cmd-modules): fix exit code when --mode init (#5017)
+ feat: pylint: enable W0201 - attribute-defined-outside-init
+ refactor: Ensure no attributes defined outside __init__
+ chore: disable attribute-defined-outside-init check in tests
+ refactor: Use _unpickle rather than hasattr() in sources
+ chore: remove unused vendordata "_pure" variables
+ chore(cmd-modules): deprecate --mode init (#5005)
+ tests: drop CiTestCase and convert to pytest
+ bug(tests): mock reads of host's /sys/class/net via get_sys_class_path
+ fix: log correct disabled path in ds-identify (#5016)
+ tests: ec2 dont spend > 1 second retrying 19 times when 3 times will do
+ tests: openstack mock expected ipv6 IMDS
+ bug(wait_for_url): when exceptions occur url is unset, use url_exc
(LP: #2055077)
+ feat(run-container): Run from arbitrary commitish (#5015)
+ tests: Fix wsl test (#5008)
+ feat(ds-identify): Don't run unnecessary systemd-detect-virt (#4633)
+ chore(ephemeral): add debug log when bringing up ephemeral network
(#5010) [Alec Warren]
+ release: sync changelog and version (#5011)
+ Cleanup test_net.py (#4840)
+ refactor: remove dependency on netifaces (#4634) [Cat Red]
+ feat: make lxc binary configurable (#5000)
+ docs: update 404 page for new doc site and bug link
+ test(aws): local network connectivity on multi-nics (#4982)
+ test: Make integration test output more useful (#4984)
From 24.1.7
+ fix(ec2): Correctly identify netplan renderer (#5361)
From 24.1.6
+ fix(ec2): Ensure metadata exists before configuring PBR (#5287)
+ fix: Check renderer for netplan-specific code (#5321)
+ test: Fix failing test_ec2.py test (#5324)
From 24.1.5
+ fix(package_update): avoid snap refresh in images without snap command
(LP: #2064132)
From 24.1.4
+ fix(dhcpcd): Make lease parsing more robust (#5129)
+ net/dhcp: raise InvalidDHCPLeaseFileError on error parsing dhcpcd lease
+ (#5128) [Chris Patterson]
+ fix: Fix runtime file locations for cloud-init (#4820)
+ net/dhcp: bump dhcpcd timeout to 300s (#5127) [Chris Patterson]
+ net: Warn when interface rename fails
+ ephemeral(dhcpcd): Set dhcpcd interface down
+ test: Remove side effects from tests (#5074)
+ refactor: Import log module rather than functions (#5074)
From 24.1.3
+ fix: Always use single datasource if specified (#5098)
+ fix: Allow caret at the end of apt package (#5099)
From 24.1.2
+ test: Don't assume ordering of ThreadPoolExecutor submissions (#5052)
+ refactor(ec2): simplify convert_ec2_metadata_network_config
+ tests: drop CiTestCase and convert to pytest
+ bug(tests): mock reads of host's /sys/class/net via get_sys_class_path
+ fix: Fix breaking changes in package install (#5069)
+ fix: Undeprecate 'network' in schema route definition (#5072)
+ fix(ec2): fix ipv6 policy routing
+ fix: document and add 'accept-ra' to network schema (#5060)
+ bug(maas): register the correct DatasourceMAASLocal in init-local
(#5068) (LP: #2057763)
From 24.1.1
+ fix: Include DataSourceCloudStack attribute in unpickle test (#5039)
+ bug(vmware): initialize new DataSourceVMware attributes at unpickle (#5021)
+ fix(apt): Don't warn on apt 822 source format (#5028)
+ fix: Add "broadcast" to network v1 schema (#5034)
+ pro: honor but warn on custom ubuntu_advantage in /etc/cloud/cloud.cfg
(#5030)
+ net/dhcp: handle timeouts for dhcpcd (#5022)
+ fix: Make wait_for_url respect explicit arguments
+ bug(wait_for_url): when exceptions occur url is unset, use url_exc
+ test: Fix scaleway retry assumptions
+ fix: Make DataSourceOracle more resilient to early network issues (#5025)
+ tests: Fix wsl test (#5008)
From 24.1
+ fix: Don't warn on vendor directory (#4986)
+ apt: kill spawned keyboxd after gpg cmd interaction
+ tests: upgrade tests should only validate current boot log
+ net/dhcp: fix maybe_perform_dhcp_discovery check for interface=None
[Chris Patterson]
+ doc(network-v2): fix section nesting levels
+ fix(tests): don't check for clean log on minimal image (#4965) [Cat Red]
+ fix(cc_resize): Don't warn if zpool command not found (#4969)
(LP: #2055219)
+ feat(subp): Make invalid command warning more user-friendly (#4972)
+ docs: Remove statement about device path matching (#4966)
+ test: Fix xfail to check the dhcp client name (#4971)
+ tests: avoid console prompts when removing gpg on Noble
+ test: fix test_get_status_systemd_failure
+ fix: Remove hardcoded /var/lib/cloud hotplug path (#4940)
+ refactor: Refactor status.py (#4864)
+ test: Use correct lxd network-config keys (#4950)
+ test: limit temp dhcp6 changes to < NOBLE (#4942)
+ test: allow downgrades when install debs (#4941)
+ tests: on noble, expect default /etc/apt/sources.list
+ tests: lxd_vm early boot status test ordered After=systemd-remount-fs
(#4936)
+ tests: pro integration tests supply ubuntu_advantage until pro v32
(#4935)
+ feat(hotplug): add cmd to enable hotplug (#4821)
+ test: fix test_combined_cloud_config_json (#4925)
+ test: xfail udhcpc on azure (#4924)
+ feat: Implement the WSL datasource (#4786) [Carlos Nihelton]
+ refactor(openrc): Improve the OpenRC files (#4916) [dermotbradley]
+ tests: use apt install instead of dpkg -i to install pkg deps
+ tests: inactive module rename ubuntu_advantage to ubuntu_pro
+ test: fix tmpdir in test_cc_apk_configure (#4914)
+ test: fix jsonschema version checking in pro test (#4915)
+ feat(dhcp): Make dhcpcd the default dhcp client (#4912)
+ feat(Alpine) cc_growpart.py: fix handling of /dev/mapper devices (#4876)
[dermotbradley]
+ test: Retry longer in test_status.py integration test (#4910)
+ test: fix kernel override test (#4913)
+ chore: Rename sysvinit/gentoo directory to sysvinit/openrc (#4906)
[dermotbradley]
+ doc: update ubuntu_advantage references to pro
+ chore: rename cc_ubuntu_advantage to cc_ubuntu_pro (SC-1555)
+ feat(ubuntu pro): deprecate ubuntu_pro key in favor of ubuntu_advantage
+ feat(schema): support ubuntu_pro key and deprecate ubuntu_advantage
+ test: fix verify_clean_log (#4903)
+ test: limit test_no_hotplug_triggered_by_docker to stable releases
+ tests: generalize warning Open vSwitch warning from netplan apply (#4894)
+ fix(hotplug): remove literal quotes in args
+ feat(apt): skip known /etc/apt/sources.list content
+ feat(apt): use APT deb822 source format by default
+ test(ubuntu-pro): change livepatch to esm-infra
+ doc(ec2): fix metadata urls (#4880)
+ fix: unpin jsonschema and update tests (#4882)
+ distro: add eject FreeBSD code path (#4838) [Mina Galić]
+ feat(ec2): add hotplug as a default network update event (#4799)
+ feat(ec2): support instances with repeated device-number (#4799)
+ feat(cc_install_hotplug): trigger hook on known ec2 drivers (#4799)
+ feat(ec2): support multi NIC/IP setups (#4799)
+ feat(hotplug): hook-hotplug is now POSIX shell add OpenRC init script
[dermotbradley]
+ test: harden test_dhcp.py::test_noble_and_newer_force_client
+ test: fix test_combined_cloud_config_json (#4868)
+ feat(apport): Disable hook when disabled (#4874)
+ chore: Add pyright ignore comments (#4874)
+ bug(apport): Fix invalid typing (#4874)
+ refactor: Move general apport hook to main branch (#4874)
+ feat(bootspeed)!: cloud-config.service drop After=snapd.seeded
+ chore: update CI package build to oldest supported Ubuntu release focal
(#4871)
+ test: fix test_cli.test_valid_userdata
+ feat: handle error when log file is empty (#4859) [Hasan]
+ test: fix test_ec2_ipv6
+ fix: Address TIOBE abstract interpretation issues (#4866)
+ feat(dhcp): Make udhcpc use same client id (#4830)
+ feat(dhcp): Support InfiniBand with dhcpcd (#4830)
+ feat(azure): Add ProvisionGuestProxyAgent OVF setting (#4860)
[Ksenija Stanojevic]
+ test: Bring back dhcp6 integration test changes (#4855)
+ tests: add status --wait blocking test from early boot
+ tests: fix retry decorator to return the func value
+ docs: add create_hostname_file to all hostname user-data examples
(#4727) [Cat Red]
+ fix: Fix typos (#4850) [Viktor Szépe]
+ feat(dhcpcd): Read dhcp option 245 for azure wireserver (#4835)
+ tests(dhcp): Add udhcpc client to test matrix (#4839)
+ fix: Add types to network v1 schema (#4841)
+ docs(vmware): fixed indentation on example userdata yaml (#4854)
[Alec Warren]
+ tests: Remove invalid keyword from method call
+ fix: Handle systemctl when dbus not ready (#4842) (LP: #2046483)
+ fix(schema cli): avoid netplan validation on net-config version 1
+ tests: reduce expected reports due to dropped rightscale module
+ tests(net-config): add awareness of netplan on stable Ubuntu
[Gilbert Gilb's]
+ feat: fall back to cdrom_id eject if eject is not available (#4769)
[Cat Red]
+ fix(packages/bddeb): restrict debhelper-compat to 12 in focal (#4831)
+ tests: Add kernel commandline test (#4833)
+ fix: Ensure NetworkManager renderer works without gateway (#4829)
+ test: Correct log parsing in schema test (#4832)
+ refactor: Remove cc_rightscale_userdata (#4813)
+ refactor: Replace load_file with load_binary_file to simplify typing
(#4823)
+ refactor: Add load_text_file function to simplify typing (#4823)
+ refactor: Change variable name for consistent typing (#4823)
+ feat(dhcp): Add support for dhcpcd (#4746)
+ refactor: Remove unused networking code (#4810)
+ test: Add more DNS net tests
+ BREAKING CHANGE: Stop adding network v2 DNS to global DNS
+ doc: update DataSource.default_update_events doc (#4815)
+ chore: do not modify instance attribute (#4815)
+ test: fix mocking leaks (#4815)
+ Revert "ci: Pin pytest<8.0.0. (#4816)" (#4815)
+ test: Update tests for passlib (#4818)
+ fix(net-schema): no warn when skipping schema check on non-netplan
+ feat(SUSE): reboot marker file is written as /run/reboot-needed (#4788)
[Robert Schweikert]
+ test: Cleanup unwanted logger setup calls (#4817)
+ refactor(cloudinit.util): Modernize error handling, add better warnings
(#4812)
+ ci: Pin pytest<8.0.0. (#4816)
+ fix(tests): fixing KeyError on integrations tests (#4811) [Cat Red]
+ tests: integration for network schema on netplan systems (#4767)
+ feat(schema): use netplan API to validate network-config (#4767)
+ chore: define CLOUDINIT_NETPLAN_FILE static var (#4767)
+ fix: cli schema config-file option report network-config type (#4767)
+ refactor(azure): replace BrokenAzureDataSource with reportable errors
(#4807) [Chris Patterson]
+ Fix Alpine and Mariner /etc/hosts templates (#4780) [dermotbradley]
+ tests: revert #4792 as noble images no longer return 2 (#4809) [Cat Red]
+ tests: use client fixture instead of class_client in cleantest (#4806)
+ tests: enable ds-idenitfy xfail test LXD-kvm-not-MAAS-1 (#4808)
+ fix(tests): failing integration tests due to missing ua token (#4802)
[Cat Red]
+ Revert "Use grep for faster parsing of cloud config in ds-identify
(#4327)"
+ tests: Demonstrate ds-identify yaml parsing broken
+ tests: add exit 2 on noble from cloud-init status (#4792)
+ fix: linkcheck for ci to ignore scaleway anchor URL (#4793)
+ feat: Update cacerts to support VMware Photon (#4763)
[Christopher McCann]
+ fix: netplan rendering integrations tests (#4795) [Cat Red]
+ azure: remove cloud-init.log reporting via KVP (#4715) [Chris Patterson]
+ feat(Alpine): Modify ds-identify for Alpine support and add OpenRC
init.d script (#4785) [dermotbradley]
+ doc: Add DatasourceScaleway documentation (#4773) [Louis Bouchard]
+ fix: packaged logrotate file lacks suffix on ubuntu (#4790)
+ feat(logrotate): config flexibility more backups (#4790)
+ fix(clean): stop warning when running clean command (#4761) [d1r3ct0r]
+ feat: network schema v1 strict on nic name length 15 (#4774)
+ logrotate config (#4721) [Fabian Lichtenegger-Lukas]
+ test: Enable coverage in integration tests (#4682)
+ test: Move unit test helpers to global test helpers (#4682)
+ test: Remove snapshot option from install_new_cloud_init (#4682)
+ docs: fix cloud-init single param docs (#4682)
+ Alpine: fix location of dhclient leases file (#4782) [dermotbradley]
+ test(jsonschema): Pin jsonschema version (#4781)
+ refactor(IscDhclient): discover DHCP leases at distro-provided location
(#4683) [Phsm Qwerty]
+ feat: datasource check for WSL (#4730) [Carlos Nihelton]
+ test: Update hostname integration tests (#4744)
+ test: Add mantic and noble releases to integration tests (#4744)
+ refactor: Ensure internal DNS state same for v1 and v2 (#4756)
+ feat: Add v2 route mtu rendering to NetworkManager (#4748)
+ tests: stable ubuntu releases will not exit 2 on warnings (#4757)
+ doc(ds-identify): Describe ds-identify irrespective of distro (#4742)
+ fix: relax NetworkManager renderer rules (#4745)
+ fix: fix growpart race (#4618)
+ feat: apply global DNS to interfaces in network-manager (#4723)
[Florian Apolloner]
+ feat(apt): remove /etc/apt/sources.list when deb22 preferred (#4740)
+ chore: refactor schema data as enums and namedtuples (#4585)
+ feat(schema): improve CLI message on unprocessed data files (#4585)
+ fix(config): relocate /run to /var/run on BSD (canonical#4677)
[Mina Galić]
+ fix(ds-identify): relocate /run on *BSD (#4677) [Mina Galić]
+ fix(sysvinit): make code a bit more consistent (#4677) [Mina Galić]
+ doc: Document how cloud-init is, not how it was (#4737)
+ tests: add expected exit 2 on noble from cloud-init status (#4738)
+ test(linkcheck): ignore github md and rst link headers (#4734)
+ test: Update webhook test due to removed cc_migrator module (#4726)
+ fix(ds-identify): Return code 2 is a valid result, use cached value
+ fix(cloudstack): Use parsed lease file for virtual router in cloudstack
+ fix(dhcp): Guard against FileNotFoundError and NameError exceptions
+ fix(apt_configure): disable sources.list if rendering deb822 (#4699)
(LP: #2045086)
+ docs: Add link to contributing to docs (#4725) [Cat Red]
+ chore: remove commented code (#4722)
+ chore: Add log message when create_hostname_file key is false (#4724)
[Cat Red]
+ fix: Correct v2 NetworkManager route rendering (#4637)
+ azure/imds: log http failures as warnings instead of info (#4714)
[Chris Patterson]
+ fix(setup): Relocate libexec on OpenBSD (#4708) [Mina Galić]
+ feat(jinja): better jinja feedback and error catching (#4629)
[Alec Warren]
+ test: Fix silent swallowing of unexpected subp error (#4702)
+ fix: Move cloud-final.service after time-sync.target (#4610)
[Dave Jones] (LP: #1951639)
+ feat(log): Make logger name more useful for __init__.py
+ chore: Remove cc_migrator module (#4690)
+ fix(tests): make cmd/devel/tests work on non-GNU [Mina Galić]
+ chore: Remove cmdline from spelling list (#4670)
+ doc: Document boot status meaning (#4670)
+ doc: Set expectations for new datasources (#4670)
+ ci: Show linkcheck broken links in job output (#4670)
+ dmi: Add support for OpenBSD (#4654) [Mina Galić]
+ ds-identify: fake dmidecode support on OpenBSD (#4654) [Mina Galić]
+ ds-identify: add OpenBSD support in uname (#4654) [Mina Galić]
+ refactor: Ensure '_cfg' in Init class is dict (#4674)
+ refactor: Make event scope required in stages.py (#4674)
+ refactor: Remove unused argument (#4674)
+ chore: Move from lintian to a sphinx spelling plugin (#3639)
+ fix(doc): Fix spelling errors found by sphinxcontrib-spelling (#3639)
+ ci: Add Python 3.13 (#4567)
+ Add AlexSv04047 to CLA signers file (#4671) [AlexSv04047]
+ fix(openbsd): services & build tool (#4660) [CodeBleu]
+ tests/unittests: add a new unit test for network manager net activator
(#4672) [Ani Sinha]
+ Implement DataSourceCloudStack.get_hostname() (#4433) [Phsm Qwerty]
+ net/nm: check for presence of ifcfg files when nm connection files
are absent (#4645) [Ani Sinha]
+ doc: Overhaul debugging documentation (#4578)
+ doc: Move dangerous commands to dev docs (#4578)
+ doc: Relocate file location docs (#4578)
+ doc: Remove the debugging page (#4578)
+ fix(util): Fix boottime to work on OpenBSD (#4667) [Mina Galić]
+ net: allow dhcp6 configuration from generate_fallback_configuration()
[Ani Sinha]
+ net/network_manager: do not set "may-fail" to False for both ipv4 and
ipv6 dhcp [Ani Sinha]
+ feat(subp): Measure subprocess command time (#4606)
+ fix(python3.13): Fix import error for passlib on Python 3.13 (#4669)
+ style(brpm/bddeb): add black and ruff for packages build scripts (#4666)
+ copr: remove TODO.rst from spec file
+ fix(packages/brpm): correct syntax error and typo
+ style(ruff): fix tip target
+ config: Module documentation updates (#4599)
+ refactor(subp): Remove redundant parameter 'env' (#4555)
+ refactor(subp): Remove unused parameter 'target' (#4555)
+ refactor: Remove 'target' boilerplate from cc_apt_configure (#4555)
+ refactor(subp): Re-add return type to subp() (#4555)
+ refactor(subp): Add type information to args (#4555)
+ refactor(subp): Use subprocess.DEVNULL (#4555)
+ refactor(subp): Remove parameter 'combine_capture' (#4555)
+ refactor(subp): Remove unused parameter 'status_cb' (#4555)
+ fix(cli): fix parsing of argparse subcommands (#4559)
[Calvin Mwadime] (LP: #2040325)
+ chore!: drop support for dsa ssh hostkeys in docs and schema (#4456)
+ chore!: do not generate ssh dsa host keys (#4456) [shixuantong]
From 23.4.4
+ fix(nocloud): smbios datasource definition
+ tests: Check that smbios seed works
+ fix(source): fix argument boundaries when parsing cmdline (#4825)
From 23.4.3
+ fix: Handle systemctl when dbus not ready (#4842)
(LP: #2046483)
From 23.4.2
+ fix: Handle invalid user configuration gracefully (#4797)
(LP: #2051147)
From 23.4.1
+ fix: Handle systemctl commands when dbus not ready (#4681)
From 23.4
+ tests: datasourcenone use client.restart to block until done (#4635)
+ tests: increase number of retries across reboot to 90 (#4651)
+ fix: Add schema for merge types (#4648)
+ feat: Allow aliyun ds to fetch data in init-local (#4590) [qidong.ld]
+ azure: report failure to eject as error instead of debug (#4643)
[Chris Patterson]
+ bug(schema): write network-config if instance dir present (#4635)
+ test: fix schema fuzzing test (#4639)
+ Update build-on-openbsd dependencies (#4644) [CodeBleu]
+ fix(test): Fix expected log for ipv6-only ephemeral network (#4641)
+ refactor: Remove metaclass from network_state.py (#4638)
+ schema: non-root fallback to default paths on perm errors (# 4631)
+ fix: Don't loosen the permissions of the log file (#4628)
+ Revert "logging: keep current file mode of log file if its stricter
than the new mode (#4250)"
+ ephemeral: Handle link up failure for both ipv4 and ipv6 (#4547)
+ fix(main): Don't call logging too early (#4595)
+ fix: Remove Ubuntu-specific kernel naming convention assertion (#4617)
+ fix(log): Do not implement handleError with a self parameter (#4617)
+ fix(log): Don't try to reuse stderr logger (#4617)
+ feat: Standardize logging output to stderr (#4617)
+ chore: Sever unmaintained TODO.rst (#4625)
+ test: Skip failing tests
+ distros: Add suse
+ test: Add default hello package version (#4614)
+ fix(net): Improve DHCPv4 SUSE code, add test
+ net: Fix DHCPv4 not enabled on SUSE in some cases [bin456789]
+ fix(schema): Warn if missing dependency (#4616)
+ fix(cli): main source cloud_config for schema validation (#4562)
+ feat(schema): annotation path for invalid top-level keys (#4562)
+ feat(schema): top-level additionalProperties: false (#4562)
+ test: ensure top-level properties tests will pass (#4562)
+ fix(schema): Add missing schema definitions (#4562)
+ test: Fix snap tests (#4562)
+ azure: Check for stale pps data from IMDS (#4596) [Ksenija Stanojevic]
+ test: Undo dhcp6 integration test changes (#4612)
+ azure: update diagnostic from warning level to debug [Chris Patterson]
+ azure/imds: remove limit for connection errors if route present (#4604)
+ [Chris Patterson]
+ [enhancement]: Add shellcheck to CI (#4488) [Aviral Singh]
+ chore: add conventional commits template (#4593)
+ Revert "net: allow dhcp6 configuration from
generate_fallback_configuration()" (#4607)
+ azure: workaround to disable reporting IMDS failures on Azure Stack
[Chris Patterson]
+ cc_apt_pipelining: Update docs, deprecate options (#4571)
+ test: add gh workflows on push to main, update status badges (#4597)
+ util: Remove function abs_join() (#4587)
+ url_helper: Remove unused function retry_on_url_exc() (#4587)
+ cc_resizefs: Add bcachefs resize support (#4594)
+ integration_tests: Support non-Ubuntu distros (#4586)
+ fix(cmdline): fix cmdline parsing with MAC containing cc:
+ azure/errors: include http code in reason for IMDS failure
[Chris Patterson]
+ tests: cloud-init schema --system does not return exit code 2
+ github: allow pull request to specify desired rebase and merge
+ tests: fix integration test expectations of exit 2 on schema warning
+ tests: fix schema test expected cli output Valid schema <type>
+ fix(schema cli): check raw userdata when processed cloud-config empty
+ azure: report failure to host if ephemeral DHCP secondary NIC (#4558)
[Chris Patterson]
+ man: Document cloud-init error codes (#4500)
+ Add support for cloud-init "degraded" state (#4500)
+ status.json: Don't override detail key with error condition (#4500)
+ status: Remove duplicated data (#4500)
+ refactor: Rename exported_errors in status.json (#4500)
+ test: Remove stale status.json value (#4500)
+ tools/render-template: Make yaml loading opt-in, fix setup.py (#4564)
+ Add summit digest/trip report to docs (#4561) [Sally]
+ doc: Fix incorrect statement about `cloud-init analyze`
+ azure/imds: ensure new errors are logged immediately when retrying
(#4468) [Chris Patterson]
+ Clarify boothook docs (#4543)
+ boothook: allow stdout/stderr to emit to cloud-init-output.log
+ summit-notes: add 2023 notes for reference in mailinglist/discourse
+ fix: added mock to stop leaking journalctl that slows down unit test
(#4556) [Alec Warren]
+ tests: maas test for DataSourceMAASLocal get_data
+ maas tests: avoid using CiTest case and prefer pytest.tmpdir fixture
+ MAAS: Add datasource to init-local timeframe
+ Ensure all tests passed and/or are skipped
+ Support QEMU in integration tests
+ fix(read-dependencies): handle version specifiers containing [~!]
+ test: unpin pytest
+ schema: network-config optional network key. route uses oneOf (#4482)
+ schema: add cloud_init_deepest_matches for best error message (#4482)
+ network: warn invalid cfg add /run/cloud-init/network-config (#4482)
+ schema: add network-config support to schema subcommand (#4482)
+ Update version number and merge ChangeLog from 23.3.3 into main (#4553)
+ azure: check for primary interface when performing DHCP (#4465)
[Chris Patterson]
+ Fix hypothesis failure
+ subp: add a log when skipping a file for execution for lack of exe
permission (#4506) [Ani Sinha]
+ azure/imds: refactor max_connection_errors definition (#4467)
[Chris Patterson]
+ chore: fix PR template rendering (#4526)
+ fix(cc_apt_configure): avoid unneeded call to apt-install (#4519)
+ comment difference between sysconfig and NetworkManager renderer (#4517)
[Ani Sinha]
+ Set Debian's default locale to be c.UTF-8 (#4503) (LP: #2038945)
+ Convert test_debian.py to pytest (#4503)
+ doc: fix cloudstack link
+ doc: fix development/contributing.html references
+ doc: hide duplicated links
+ Revert "ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen
(#4281)" (#4511) (LP: #2039453)
+ Fix the missing mcopy argument [Vladimir Pouzanov]
+ tests: Add logging fix (#4499)
+ Update upgrade test to account for dhcp6
+ Remove logging of PPID path (#4502)
+ Make Python 3.12 CI test non-experimental (#4498)
+ ds-identify: exit 2 on disabled state from marker or cmdline (#4399)
+ cloud-init-generator: Various performance optimizations (#4399)
+ systemd: Standardize cloud-init systemd enablement (#4399)
+ benchmark: benchmark cloud-init-generator independent of ds-identify
(#4399)
+ tests/integration_tests: add cloud-init disablement coverage (#4399)
+ doc: Describe disabling cloud-init using an environment variable (#4399)
+ fix: cloud-init status --wait broken with KERNEL_CMDLINE (#4399)
+ azure/imds: retry on 429 errors for reprovisiondata (#4470)
[Chris Patterson]
+ cmd: Don't write json status files for non-boot stages (#4478)
+ ds-identify: Allow disable service and override environment (#4485)
[Mina Galić]
+ Update DataSourceNWCS.py (#4496) [shell-skrimp]
+ Add r00ta to CLA signers file
+ Fix override of systemd_locale_conf in rhel [Jacopo Rota]
+ ci(linkcheck): minor fixes (#4495)
+ integration test fix for deb822 URI format (#4492)
+ test: use a mantic-compatible tz in t/i/m/test_combined.py (#4494)
+ ua: shift CLI command from ua to pro for all interactions
+ pro: avoid double-dash when enabling inviddual services on CLI
+ net: allow dhcp6 configuration from generate_fallback_configuration()
(#4474) [Ani Sinha]
+ tests: apt re.search to match alternative ordering of installed pkgs
+ apt: doc apt_pkg performance improvement over subp apt-config dump
+ Tidy up contributing docs (#4469) [Sally]
+ [enhancement]: Automatically linkcheck in CI (#4479) [Aviral Singh]
+ Revert allowing pro service warnings (#4483)
+ Export warning logs to status.json (#4455)
+ Fix regression in package installation (#4466)
+ schema: cloud-init schema in early boot or in dev environ (#4448)
+ schema: annotation of nested dicts lists in schema marks (#4448)
+ feat(apport): collect ubuntu-pro logs if ubuntu-advantage.log present
(#4443)
+ apt_configure: add deb822 support for default sources file (#4437)
+ net: remove the word "on instance boot" from cloud-init generated config
(#4457) [Ani Sinha]
+ style: Make cloudinit.log functions use snake case (#4449)
+ Don't recommend using cloud-init as a library (#4459)
+ vmware: Fall back to vmtoolsd if vmware-rpctool errs (#4444)
[Andrew Kutz]
+ azure: add option to enable/disable secondary ip config (#4432)
+ [Ksenija Stanojevic]
+ Allow installing snaps via package_update_upgrade_install module (#4202)
+ docs: Add cloud-init overview/introduction (#4440) [Sally]
+ apt: install software-properties-common when absent but needed (#4441)
+ sources/Azure: Ignore system volume information folder while scanning
for files in the ntfs resource disk (#4446) [Anh Vo]
+ refactor: Remove unnecessary __main__.py file
+ style: Drop vi format comments
+ cloudinit.log: Use more appropriate exception (#4435)
+ cloudinit.log: Don't configure NullHandler (#4435)
+ commit 6bbbfbbb030831c72b5aa2bba9cb8492f19d56f4
+ cloudinit.log: Remove unnecessary module function and variables (#4435)
+ cloudinit.log: Remove unused getLogger wrapper (#4435)
+ cloudinit.log: Standardize use of cloudinit's logging module (#4435)
+ Remove unnecessary logging wrapper in Cloud class (#4435)
+ integration test: allow pro service warnings (#4447)
+ integration tests: fix mount indentation (#4445)
+ sources/Azure: fix for conflicting reports to platform (#4434)
[Chris Patterson]
+ docs: link the cloud-config validation service (#4442)
+ Fix pip-managed ansible on pip < 23.0.1 (#4403)
+ Install gnupg if gpg not found (#4431)
+ Add "phsm" as contributor (#4429) [Phsm Qwerty]
+ cc_ubuntu_advantage: do not rely on uaclient.messages module (#4397)
[Grant Orndorff]
+ tools/ds-identify: match Azure datasource's ds_detect() behavior (#4430)
[Chris Patterson]
+ Refactor test_apt_source_v1.py to use pytest (#4427)
+ sources: do not override datasource detection if None is in list (#4426)
[Chris Patterson]
+ feat: check for create_hostname_file key before writing /etc/hostname
(SC-1588) (#4330) [Cat Red]
+ Pytestify apt config test modules (#4424)
+ upstream gentoo patch (#4422)
+ Work around no instance ip (#4419)
+ Fix typing issues in subp module (#4401)
+ net: fix ipv6_dhcpv6_stateful/stateless/slaac configuration for rhel
(#4395) [Ani Sinha]
+ Release 23.3.1
+ apt: kill dirmngr/gpg-agent without gpgconf dependency (LP: #2034273)
+ integration tests: fix mount indentation (#4405)
+ Use grep for faster parsing of cloud config in ds-identify (#4327)
[Scott Moser] (LP: #2030729)
+ doc: fix instructions on how to disable cloud-init from kernel command
line (#4406) [Ani Sinha]
+ doc/vmware: Update contents relevant to disable_vmware_customization
[PengpengSun]
+ Bring back flake8 for python 3.6 (#4394)
+ integration tests: Fix cgroup parsing (#4402)
+ summary: Update template parameter descriptions in docs [MJ Moshiri]
+ Log PPID for better debugging (#4398)
+ integration tests: don't clean when KEEP_* flags true (#4400)
+ clean: add a new option to clean generated config files [Ani Sinha]
+ pep-594: drop deprecated pipes module import
From 23.3.3
+ Fix pip-managed ansible on pip < 23.0.1 (#4403)
From 23.3.2
+ Revert "ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen"
(#4281) (#4511) (LP: #2039453)
From 23.3.1
+ apt: kill dirmngr/gpg-agent without gpgconf dependency (LP: #2034273)
+ integration tests: Fix cgroup parsing (#4402)
- Add cloud-init-direxist.patch (bsc#1236720)
+ Make sure the directory exists, if not create it, before writing in that
location.
Patchnames
SUSE-SLE-Micro-6.1-276
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cloud-init",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cloud-init fixes the following issues:\n\nUpdate to version 25.1.3 (bsc#1245401,bsc#1245403):\n\n + docs: provide example3 for PAM and ssh_pwauth behavior (#27)\n + fix: Make hotplug socket writable only by root (#25) (CVE-2024-11584)\n + fix: Don\u0027t attempt to identify non-x86 OpenStack instances (LP: #2069607)\n (CVE-2024-6174)\n\nFrom 25.1.2:\n\n + fix: ensure MAAS datasource retries on failure (#6167)\n\nUpdate to version 25.1.1 (bsc#1239715,jsc#PED-8680,bsc#1228414):\n\n + Drop hidesensitivedata in 16 \u0026 greater\n + test: pytestify cc_chef tests, add migration test\n + chef: migrate files in old config directories for backups and cache\n + fix: correct the path for Chef\u0027s backups (#5994)\n + fix(Azure): don\u0027t reraise FileNotFoundError during ephemeral setup (#6113)\n + fix(azure): handle unexpected exceptions during obtain_lease() (#6092)\n [Ksenija Stanojevic]\n + Allow to set mac_address for VLAN subinterface (#6081)\n [jumpojoy] (GH: 5364)\n + fix: Remove erroneous EC2 reference from 503 warning (#6077)\n + fix: NM reload and bring up individual network conns (#6073) [Ani Sinha]\n + fix: stop warning on dual-stack request failure (#6044)\n + fix: install_method: pip cannot find ansible-pull command path (#6021)\n [Hasan Aliyev] (GH: 5720)\n + fix: Fix DataSourceAliYun exception_cb signature (#6068) (GH: 6066)\n + fix: Update OauthUrlHelper to use readurl exception_cb signature\n (GH: 6065)\n + test: add OauthUrlHelper tests\n + test: Remove CiTestCase from test_url_helper.py\n + test: pytestify test_url_helper.py\n + fix: track more removed modules (#6043)\n\nFrom 25.1:\n\n + ci: fix post-merge packaging CI (#6038)\n + feat(azure): Fix imds-based ssh_pwauth (#6002) [Ksenija Stanojevic]\n + ci: check for sorted patches (#6036)\n + feat: aliyun datasource support crawl metadata at once (#5942)\n [jinkangkang]\n + docs: document /usr merge breaking change (#6032)\n + test: Add integration test for /var mounts (#6033)\n + test: Ensure pre-24.2 custom modules work (#6034)\n + doc: Update references to older keys (#6022) [Pedro Ribeiro]\n + fix: untyped-defs in tests/unittests/{config, net, sources} (#6023)\n [Romain]\n + fix: don\u0027t reference PR in post-merged CI (#6019)\n + chore: explicitly skip broken ansible integration tests (#5996) [a-dubs]\n + tests(oracle): fix test_install_missing_deps apt race condition (#5996)\n [a-dubs]\n + test(oracle): fix test_ubuntu_drivers_installed (#5996) [a-dubs]\n + test(oracle): fix test_frequency_override integration test (#5996)\n [a-dubs]\n + chore: add type hint to IntegrationCloud\u0027s cloud_instance field (#5996)\n [a-dubs]\n + test(oracle): fix modules/test_lxd.py::test_storage_lvm on noble (#5996)\n [a-dubs]\n + commit 9e591fff266be9d4c83f74ec02a717b74993304d [a-dubs]\n + net/sysconfig: do not remove all existing settings of\n /etc/sysconfig/network (#5991) [Ani Sinha] (GH: 5990)\n + fix: remove wrong return when checking if network necessary (#6013)\n + fix: typing for rsyslog, ubuntu_pro, power_state_change (#5985)\n [MostafaTarek124eru]\n + fix: Retry on OpenStack HTTP status codes (#5943) [weiyang] (GH: 5687)\n + fix: Ensure fqdn is treated as string in get_hostname_fqdn (#5993)\n [MKhatibzadeh] (GH: 5989)\n + feat(vmware): Convert imc network config to v2 (#5937) [PengpengSun]\n + ci: add upstream post-merge test\n + ci: check if upstream commit causes ubuntu patch conflicts\n + ci: organize cla tests together\n + test: eliminate obsolete cases, add non-error case\n + chore: remove redundant manual schema validation\n + doc: clarify subiquity docs\n + chore: cleanup `len\u0027 usage (#5956) [Shreenidhi Shedi]\n + Fix: GCE _get_data crashes if DHCP lease fails (#5998) [Bryan Fraschetti]\n + Fixes GH-5997\n + fix: correct the path for Chef\u0027s cache (#5994)\n [MostafaTarek124eru] (GH: 5090)\n + fix: Run ansible with run_user instead of root for distro install_method\n (#5986) [Amirhossein Shaerpour] (GH: 4092)\n + fix: retry AWS hotplug for async IMDS (#5995) (GH: 5373)\n + feat(integration_tests): add optional INSTANCE_TYPE setting (#5988)\n [Alec Warren]\n + feat(integration-tests): set boto3 and botocore to INFO to prevent\n log spamming [a-dubs]\n + ci: add \u0027tox -e integration-tests-fast\u0027 command [a-dubs]\n + chore: Add feature flag for manual network waiting (#5977)\n + Release 24.4.1\n + fix: Use /usr/lib/ rather than /lib in packaging code (#5970)\n + Use log_with_downgradable_level for user password warnings (#5927)\n [Ani Sinha]\n + doc: change to hyphenated keys (#5909) (GH: 5555)\n + fix: Wait for udev on openstack (#5947) [Robert Schweikert] (GH: 4125)\n + test: disambiguate resource cleanup from test failure (#5926)\n + fix: use program name of netcat as installed by upstream, \"nc\" (#5933)\n (#5933) [Andreas K. H\u00fcttel]\n + ci: bump canonical/setup-lxd to version v0.1.2 (#5948)\n + feat(cc_chef): Allow change of Chef configuration file (#5925)\n [Sean Smith]\n + docs: fix typo in generated file in LXD tutorial (#5941) [Pavel Shpak]\n + feat: Identify Samsung Cloud Platform as OpenStack (#5924) [us0310306]\n + fix: don\u0027t deadlock when starting network service with systemctl (#5935)\n + feat: Custom keys for apt archives (#5828) [Bryan Fraschetti] (GH: 5473)\n + test: improve test initialization error path (#5920)\n + chore: improve logging when lxd detection fails (#5919)\n + fix: Add \"manual\" to allowed subnet types (#5875)\n [Math Marchand] (GH: 5769)\n + fix: remove bad ssh_svcname setting for Gentoo/OpenRC (#5918)\n [Andreas K. H\u00fcttel]\n + feat(gentoo): Add compatibility for Gentoo with systemd (#5918)\n [Andreas K. H\u00fcttel]\n + fix(ovf): no warning should be log when rpctool found no value (#5915)\n [PengpengSun] (GH: 5914)\n + Move DS VMware to be in front of DS OVF (#5912) [PengpengSun] (GH: 4030)\n + ci: Add proper \u0027Breaks: \u0027 to integration testing simple deb (#5923)\n + chore: Add akhuettel to CLA signers file (#5917) [Andreas K. H\u00fcttel]\n + chore: eliminate calls at import time (#5889) (GH: 5344)\n + test: Add pyserial to test-requirements.txt (#5907)\n + test: Allow unknown size in growpart test (#5876)\n + doc: Update tutorials [Sally]\n + fix: bump azure key size to 3072 (#5841)\n\n24.4.1:\n\n + fix: Ensure _should_wait_via_user_data() handles all user data types (#5976)\n + fix: Don\u0027t log error in wait_for_url (#5972)\n + feat(url_helper): Retry on 503 error (#5938)\n + fix: Don\u0027t break modules that use get_meta_doc() (#5953)\n + refactor: Pass deprecation log args as tuple (#5953)\n + fix: uninstall custom signal handlers before shutdown (#5913)\n\n24.4:\n\n + test: Ensure unit ordering in ftp tests includes downstream units (#5892)\n + test: re-decrement expected webhook events (#5894)\n + test: allow relative path in apt-get test (#5891)\n + Fix metric setting of nmconnection for rhel (#5878) [Amy Chen]\n + chore: remove unused code(#5887)\n + feat(ephemeral): replace old has_url_connectivity() with new\n _check_connectivity_to_imds() [a-dubs]\n + feat(oracle): add true single stack ipv6 support [a-dubs]\n + feat(ephemeral): refactor ephemeralIP and add ipv6 connectivity check\n [a-dubs]\n + test: Decrement expected webhook events (#5888)\n + chore: remove `--docs` option from `cloud-init schema` (#5857) (GH: 5756)\n + test: pytestify \"tests/unittests/config/test_cc_timezone.py\" (#5885)\n [Mahesh Ghumare]\n + ci: bump integration tests to use plucky\n + test: add grub_dpkg to inactive modules\n + test: move default behavior tests into their own module\n + test(apt): add plucky version for hello pkg (#5883)\n + Docs: improved mermaid diagram for better visibility. Add \"MaheshG11\"\n as contributor (#5874) [Mahesh Ghumare] (GH: 5837)\n + fix(ntp): Fix RockyLinux OS support (#5864) [Sid Shukla]\n + chore(jsonschema): migrate from deprecated Validator.iter_errors (#5856)\n + chore: remove deprecation warning getting jsonschema\u0027s version (#5856)\n + chore: use filter arg for tar.extractall (#5856)\n + chore: remove __init__ from pytest test class (#5856)\n + chore: do not test element\u0027s truth value directly (#5856)\n + chore: migrate from deprecated datetime.datetime.utcfromtimestamp (#5856)\n + chore: migrate from deprecated datetime.datetime.utcnow() (#5856)\n + chore: set recursive=False for ensure_dir if parent path is \"/\" (#5816)\n [sxt1001]\n + ci: fix broken daily dependencies (#5867)\n + ci: fix packaging tests (#5865)\n + feat(vultr): add override for network interface detection (#5847)\n [Andrew Davis]\n + feat(networkd): Support RequiredForOnline option (#5852) [Dan McGregor]\n + Prevent NM from handling DNS when network interfaces have DNS config\n (#5846) [Ani Sinha]\n + fix(smartos): Add `addrconf` IPv6 support (#5831)\n [blackhelicoptersdotnet]\n + freebsd: adjust to match the new pyyaml package name (#5844)\n [Gon\u00e9ri Le Bouder]\n + fix: disable grub-dpkg by default (#5840)\n + fix(openbsd): Enable sysv init scripts in OpenBSD build script (#5790)\n [Hyacinthe Cartiaux] (LP: 4036, #1992853)\n + test: Fix duplicate judgment conditions in password generation (#5835)\n [sxt1001]\n + chore: don\u0027t render non-templated unit files (#5830)\n + chore: simplify and standardize cloud-final.service (#5830)\n + chore: simplify Conflicts=shutdown.target (#5830)\n + chore: remove redundant Before=NetworkManager.service (#5830)\n + chore: remove unnecessary systemd settings (#5830)\n + chore: eliminate redundant ordering dependencies (#5819)\n + fix: fix ordering cycle for distros with default deps (#5819) (GH: 5755)\n + test: unbreak pytest-xdist (#5829)\n + feat: Conditionally remove networkd online dependency on Ubuntu (#5772)\n + feat: Ensure random passwords contain multiple character types (#5815)\n [sxt1001] (GH: 5814)\n + docs: split example page into example library (#5645) [Sally]\n + doc: clarify workarounds required for single process changes (#5817)\n + chore: add 3.13 to PR CI runs, 3.14 to scheduled (#5825)\n + fix: Render v2 bridges correctly on network-manager with set-name\n (#5740) (GH: 5717)\n + test: add no_thinpool unit test (#5802)\n + chore: split lxd init config into separate function (#5802)\n + test: pytestify test_cc_lxd.py (#5802)\n + fix: Correctly handle missing thinpool in cc_lxd (#5802)\n + fix: Render bridges correctly for v2 on sysconfig with set-name (#5674)\n (GH: 5574)\n + tests(minimal): rsyslog not in minimal images expect warning (#5811)\n + tests(lxd): avoid failure on multiple calls to --show-log (#5811)\n + chore: update netplan import semantics and related tests (#5805)\n (GH: 5804)\n + lint: fix untyped-defs on /tests/unittest/cmd (#5800) [iru]\n + test: actually use devel release and verify_clean_boot enhancements\n (#5801)\n + feat(locale): locales install on minimal images when cfg requests (#5799)\n + feat(byobu): support byobu install on minimal images when cfg requests\n (#5799)\n + chore: Use devel release and no sbuild in integration CI (#5798)\n + test: Update integration tests from netplan backport (#5796)\n + test: add get_syslog_or_console for minimal images without syslog (#5793)\n + chore: Remove resize_root_tmp from cloud.cfg.tmpl (#5795) (GH: 5786)\n + docs: Fix field name from `contents` to `content` (#5787) [Igor Akkerman]\n + chore: bump pycloudlib to required version (#5792)\n + fix: avoid deprecation logs for calling cli stages (#5770) (GH: 5726)\n + tests: bump pycloudlib deps to include gce bug fix for id str (#5783)\n + fix(test): convert use p.gce.instance.id instead of instance_id (#5783)\n + fix(network-manager): bond properties and network schema (#5768)\n [Denis Kadyshev]\n + Fix metric setting for ifcfg network connections for rhel (#5777)\n [Ani Sinha] (GH: 5776)\n + fix(akamai): handle non-string user data in base64 decoding (#5751)\n [Jesse Alter]\n + fix(ci): do not auto stale issues (#5775)\n + Make pytest more verbose for easier debugging (#5778) [Ani Sinha]\n + ci: fix tox.ini pytest cmd to use cloudinit dir for coverage reporting\n (#5774) [Alec Warren]\n + tests: add OS_IMAGE_TYPE setting to allow for minimal tests (#5682)\n + test(hotplug): Simplify test_multi_nic_hotplug (#5763)\n + test(hotplug): increase nc timeout (#5763)\n + test: pytestify test_main.py (#5758)\n + test(ec2-dual-stack): fix int-test (#5762)\n + test: make verify_clean_boot really respect return code (#5761)\n + test: bump timeout in test_order (#5759)\n + docs: Properly document the cc_ubuntu_autoinstall module (#5757)\n + docs: fix WSL tutorial (#5752) (GH: 5746)\n + test: make verify_clean_boot respect return code by environment (#5754)\n + feat(integration_test): add CLOUD_INIT_PKG setting (#5739)\n + fix(ci): fix packaging check merge operation (#5750)\n + doc: do not document user.meta-data key (#5745)\n + test: avoid undocumented lxd key (#5748)\n + test: Refactor test_cc_set_hostname.py and test_cc_ntp.py (#5727)\n + chore: update docs URLs to cloud-init.io (#5741)\n + test: fix timer logging change expected logs (#5734)\n + fix: type annotations for several modules (#5733)\n + chore: add timer to io and string manipulation code\n + feat: add log package and performance module\n + remove newline injected for cloud-init status --wait (#5700)\n [Andrew Nelson] (GH: 5863)\n + test: webhook require_deprecation msg on 24.3 (#5731)\n + test: fix test_nocloud message typo introduced by 313390f8 (#5731)\n + test: Fix test_log_message_on_missing_version_file (#5730)\n + tests: assert info level warnings instead of require_deprecation\n + tests: fix test to ignore_warnings not require Used fallback ds\n + chore: clean up pytest warnings (#5721)\n + tests(pro): bump pycloudlib add noble release to pro tests (#5719)\n + fix(hotplugd.socket): remove basic.target as dependency (#5722)\n (LP: #2081124)\n + ci: fix integration test positional argument (#5718)\n + Create datasource for CloudCIX (#1351) [BrianKelleher]\n + ci: colorize output (#5716)\n + fix(schema): Allow for locale: false in schema add tests (#5647)\n + ci: fix packaging patch check (#5713)\n + chore: clean up old pickle workaround (#5714)\n + fix: force sftp cleanup when done with instance (#5698)\n + test(hotplug): reenable vpc test in focal (#5492)\n + chore: fix typing of userdata_raw (#5710)\n + fix(NetworkManager): Fix network activator (#5620)\n + fix: lxd do not check for thinpool kernel module (#5709)\n + docs: fix typo in docstring (#5708)\n + Scaleway: Force on-link: true for static networks (#5654)\n [Louis Bouchard] (LP: 5523, #2073869)\n + fix: Invalid \"seedfrom\" in NoCloud system configuration (#5701)\n + tests: pytestify test_nocloud.py (#5701)\n + test: make verify_clean_boot respect return code by series (#5695)\n + fix: use cross-distro netcat name (#5696)\n + ci: fix labeler (#5697)\n + chore(actions): add packaging label for any branches modifying debian/*\n + (#5693)\n + test: add verify_clean_boot() calls alongside verify_clean_log() (#5671)\n + test: add deprecation support to verify_clean_boot (#5671)\n + doc: remove misleading warning (#5681)\n + chore: Prefer other methods over $INSTANCE_ID (#5661)\n + ci: fix packaging test when no patches (#5680)\n + chore: fix tip-ruff and update to latest version (#5676)\n + chore: make ansible test serial (#5677)\n + feat(ec2): Bump url_max_timeout to 240s from 120s. (#5565)\n [Robert Nickel]\n + chore: fix typo in requirements.txt (#5637)\n + feat: make pyserial an optional dependency (#5637)\n + chore: bump ci dependency versions (#5660)\n + chore: drop broken optimization (#5666)\n\n24.3.1:\n\n + test: add test coverage for iproute2 commands (#5651)\n + fix(netops): fix ip addr flush command (#5651) (GH: 5648)\n\n24.3:\n\n + docs: Clarify v2 set-name behavior (#5639)\n + fix: properly handle blank lines in fstab (#5643)\n + fix: cc_user_groups incorrectly assumes \"useradd\" never locks password\n field (#5355) [dermotbradley]\n + tests: assert cloud-init user-data cert is the only root cert (#5641)\n + feat: add automation for ubuntu/* branches asserting quilt patches apply\n (#5622)\n + fix(sources/wsl): no error with empty .cloud-init dir (SC-1862) (#5633)\n + feat(azure): add PPS support for azure-proxy-agent (#5601)\n [Ksenija Stanojevic]\n + fix(tests): use instance.clean/restart instead of clean --reboot (#5636)\n + test: fix cmd/test_schema int test (#5629)\n + test: fix test_honor_cloud_dir int test (#5627)\n + docs: alphabetize dsname lookup table. update comment to create the csv\n (#5624)\n + docs: new datasources should update reference/ds_dsname_map (#5624)\n + test: fix ca_certs int test (#5626)\n + chore: update schema docs to use RST bold for config key names (#5562)\n + fix(doc): italics around deprecation prefix, description bolds key names\n (#5562)\n + feat(doc): add env vars to debug config module doc builds (#5562)\n + fix(doc): doc of nested objects under JSON schema items.oneOf (#5562)\n + fix(doc): object type check if patternProperties or properties (#5562)\n + doc(schema): schema descriptions should end with trailing stop (#5562)\n + fix(wsl): Properly assemble multipart data (#5538) [Carlos Nihelton]\n + feat: collect-logs improvements (#5619)\n + tests: fix test_ca_certs.py for gcp (#5621)\n + fix(nm): Ensure bond property name formatting matches schema definition\n (#5383) [Curt Moore]\n + Update behavior of base bond interface with NetworkManager (#5385)\n [Curt Moore]\n + ci: Drop Python 3.6 and 3.7 (#5607)\n + chore(black): Bump version (#5607)\n + chore(mypy): Fix failures on newer versions of mypy (#5607)\n + chore(tox.ini): Simplify configuration, fix minor bugs (#5607)\n + chore(mypy): Lint log module (#5607)\n + fix(systemd): Correct location of installed drop-in files(#5615)\n [Noah Meyerhans]\n + fix(btrfs): Version parsing (#5618)\n + docs: Remove unnecessary section, add feature flag page (#5617)\n + docs: Drop Python 3.6 and 3.7 support (#5617)\n + chore: explain other use of oauth (#5616)\n + chore(actions): add doc label for any doc related subdir file matches\n (#5602)\n + doc: Add misc links, improve wording (#5595)\n + doc(boot): Make first boot a dedicated page (#5595)\n + doc: Describe all stages in a single process (#5595)\n + chore: Deprecate old commands in help output (#5595)\n + chore: add comment explaining the NetworkManager may-fail setting\n (#5598) [Ani Sinha]\n + Revert \"fix(vmware): Set IPv6 to dhcp when there is no IPv6 addr\n (#5471)\" (#5596) [PengpengSun]\n + fix: read_optional_seed to set network-config when present (#5593)\n + feat(snap): avoid refresh on package_upgrade: true and refresh.hold\n (#5426)\n + fix: Fix tests which have outdated strings (#5585)\n + fix: Fix ftp failures (#5585)\n + doc: improve integration testing configuration instructions (#5556)\n [Alec Warren]\n + azure: check azure-proxy-agent status (#5138) [Ksenija Stanojevic]\n + refactor: refactor and fix mypy in DataSourceIBMCloud.py (#5509)\n [Alec Warren]\n + fix: Update default LXD meta-data with user meta-data (#5584)\n + chore: Fix log message in url_helper.py (#5583)\n + fix: nocloud no fail when network-config absent (#5580)\n + feat: Single process optimization (#5489)\n + chore: Add helper, refactor utilities into separate module (#5573)\n + refactor: update handle function of cc_mounts (#5498)\n + fix: Integration tests (#5576)\n + fix(NoCloudNet): Add network-config support (#5566)\n + feat: Eliminate redundant configuration reads (#5536)\n + fix(actions): correct typo in cloudinit/config/schemas/ match (#5570)\n + fix: add host template for AOSC (#5557) [Yuanhang Sun]\n + chore(debian): Remove vestigial postinst and preinst code (#5569)\n + fix(actions): doc labeler needs all clause instead of default any (#5568)\n + docs: Overhaul user data formats documentation (#5551)\n + chore: Deprecate ENI as an input configuration format (#5561)\n + doc: improve drop-in custom modules (#5548)\n + doc(NoCloud): Categorize the different configuration types (#5521)\n + doc(autoinstall): Remove incorrect statements, be more direct (#5545)\n + chore: remove unneeded doc-lint tox env config (#5547)\n + fix(doc-spelling): config spelling_word_list_filename (#5547)\n + doc(modules): add section to wrap modules\u0027 doc (#5550)\n + doc: Update docs on boothooks (#5546)\n + fix: doc auto label to consider schema json changes as doc PRs (#5543)\n + feat(schema): add chef_license schema enum (#5543)\n + doc: add diagram with boot stages (#5539)\n + docs: improve qemu command line (#5540) [Christian Ehrhardt]\n + fix: auto label doc PRs (#5542)\n + fix(wsl): Put back the \"path\" argument to wsl_path in ds-identify\n + (#5537) [Carlos Nihelton]\n + test: fix test_kernel_command_line_match (#5529)\n + test: fix no ds cache tests (#5529)\n + fix(azurelinux): Change default usr_lib_exec path (#5526) [Minghe Ren]\n + feat: Support URI sources in `write_files` module (#5505)\n [Lucas Ritzdorf]\n + add openeuler to distros in cc_spacewalk.py (#5530) [sxt1001]\n + feat(wsl): Special handling Landscape client config tags (#5460)\n [Carlos Nihelton]\n + chore: Deprecate partially supported system config (#5515)\n + chore: Improve detection logging for user clarity (#5515)\n + fix(ds-identify): Detect nocloud when seedfrom url exists (#5515)\n + refactor: logs.py add typing and small misc refactors (#5414)\n + refactor: logs.py pathlib changes (#5414)\n + refactor: replace verbosity with log levels in logs.py (#5414)\n + feat: Add trace-level logger (#5414)\n + chore(formatting): fix squashed commit test formatting (#5524)\n + fix: Clean cache if no datasource fallback (#5499)\n + Support setting mirrorlist in yum repository config (#5522) [Ani Sinha]\n + doc(OFV): Document how to configure cloud-init (#5519)\n + fix: Update DNS behavior for NetworkManager interfaces (#5496)\n [Curt Moore]\n + Fix configuration of DNS servers via OpenStack (#5384) [Curt Moore]\n + test: Unconditionally skip test_multi_nic_hotplug_vpc (#5503)\n + tests: revert expectation of exit 2 from cloud-init init --local (#5504)\n + fix(test): Fix ip printer for non-lxd (#5488)\n + feat(systemd): convert warning level message to deprecation (#5209)\n + test: allow verify_clean_boot to ignore all or specific tracebacks\n (#5209)\n + test: Don\u0027t fail tests which call cloud-init as a command (#5209)\n + feat(systemd): Warn user of unexpected run mode (#5209)\n + fix: add schema rules for \u0027baseurl\u0027 and \u0027metalink\u0027 in yum repo config\n (#5501) [Ani Sinha]\n + Set MTU for bond parent interface (#5495) [Curt Moore]\n + refactor: util.mounts to handle errors (#5490)\n + refactor: util.get_proc_env to work with strs (#5490)\n + typing: fix check_untyped_defs in cloudinit.util (#5490)\n + test: Add missing assert to test_status.py (#5494)\n + test: Ensure mkcert executable in ftp tests (#5493)\n + test: pytestify and cleanup test_cc_mounts.py (#5459)\n + fix(vmware): Set IPv6 to dhcp when there is no IPv6 addr (#5471)\n [PengpengSun]\n + fix(openbsd): fix mtu on newline in hostname files (#5412) [Tobias Urdin]\n + feat(aosc): Add \u0027AOSC OS\u0027 support (#5310) [Yuanhang Sun]\n\n24.2:\n\n + test: Fix no default user in test_status.py (#5478)\n + fix: correct deprecated_version=22.2 for users.sudo\n + test: Add jsonschema guard in test_cc_ubuntu_pro.py (#5479)\n + fix(test): Fix pycloudlib types in integration tests (#5350)\n + fix(test): Fix ip printing for non-lxd instances (#5350)\n + chore(mypy): Drop unused missing import exclusions (#5350)\n + type: Add stub types for network v1/v2 config (#5350)\n + chore: Auto-format network jsonschema in ci (#5350)\n + fix(tox): Update tox.ini (#5350)\n + chore(typing): Remove type ignores and casts (#5350)\n + refactor(typing): Remove unused code paths (#5350)\n + fix(typing): Add / update type annotations (#5350)\n + fix(typing): Remove type annotation for unused variable (#5350)\n + fix(typing): Remove invalid type annotations (#5350)\n + ci(mypy): Set default follow_imports value (#5350)\n + test: Update integration tests to pass on focal (#5476)\n + tests: update ubuntu_pro test to account for info-level deprecations\n (#5475)\n + tests: update nocloud deprecation test for boundary version (#5474)\n + fix(rh_subscription): add string type to org (#5453)\n + tests: integration tests aware of features.DEPRECATION_INFO_BOUNDARY\n + tests: update keyserver PPA key fur curtin-dev (#5472)\n + test: Fix deprecation test failures (#5466)\n + chore: fix schema.py formatting (#5465)\n + fix: dont double-log deprecated INFOs (#5465)\n + fix(test): Mock version boundary (#5464)\n + fix(schema): Don\u0027t report changed keys as deprecated (#5464)\n + test: fix unit test openstack vlan mac_address (#5367)\n + fix: Ensure properties for bonded interfaces are properly translated\n (#5367) [Curt Moore]\n + fix(schema): permit deprecated hyphenated keys under users key (#5456)\n + fix: Do not add the vlan_mac_address field into the VLAN object (#5365)\n [Curt Moore]\n + doc(refactor): Convert module docs to new system (#5427) [Sally]\n + test: Add unit tests for features.DEPRECATION_INFO_BOUNDARY (#5411)\n + feat: Add deprecation boundary support to schema validator (#5411)\n + feat: Add deprecation boundary to logger (#5411)\n + fix: Gracefully handle missing files (#5397) [Curt Moore]\n + test(openstack): Test bond mac address (#5369)\n + fix(openstack): Fix bond mac_address (#5369) [Curt Moore]\n + test: Add ds-identify integration test coverage (#5394)\n + chore(cmdline): Update comments (#5458)\n + fix: Add get_connection_with_tls_context() for requests 2.32.2+ (#5435)\n [eaglegai]\n + fix(net): klibc ipconfig PROTO compatibility (#5437)\n [Alexsander de Souza] (LP: #2065787)\n + Support metalink in yum repository config (#5444) [Ani Sinha]\n + tests: hard-code curtin-dev ppa instead of canonical-kernel-team (#5450)\n + ci: PR update checklist GH- anchors to align w/ later template (#5449)\n + test: update validate error message in test_networking (#5436)\n + ci: Add PR checklist (#5446)\n + chore: fix W0105 in t/u/s/h/test_netlink.py (#5409)\n + chore(pyproject.toml): migrate to booleans (#5409)\n + typing: add check_untyped_defs (#5409)\n + fix(openstack): Append interface / scope_id for IPv6 link-local metadata\n address (#5419) [Christian Rohmann]\n + test: Update validation error in test_cli.py test (#5430)\n + test: Update schema validation error in integration test (#5429)\n + test: bump pycloudlib to get azure oracular images (#5428)\n + fix(azure): fix discrepancy for monotonic() vs time() (#5420)\n [Chris Patterson]\n + fix(pytest): Fix broken pytest gdb flag (#5415)\n + fix: Use monotonic time (#5423)\n + docs: Remove mention of resolv.conf (#5424)\n + perf(netplan): Improve network v1 -\u003e network v2 performance (#5391)\n + perf(set_passwords): Run module in Network stage (#5395)\n + fix(test): Remove temporary directory side effect (#5416)\n + Improve schema validator warning messages (#5404) [Ani Sinha]\n + feat(sysconfig): Add DNS from interface config to resolv.conf (#5401)\n [Ani Sinha]\n + typing: add no_implicit_optional lint (#5408)\n + doc: update examples to reflect alternative ways to provide `sudo`\n option (#5418) [Ani Sinha]\n + fix(jsonschema): Add missing sudo definition (#5418)\n + chore(doc): migrate cc modules i through r to templates (#5313)\n + chore(doc): migrate grub_dpkg to tmpl add changed/deprecation (#5313)\n + chore(json): migrate cc_apt_configure and json schema indents (#5313)\n + chore(doc): migrate ca_certs/chef to template, flatten schema (#5313)\n + chore(doc): migrate cc_byobu to templates (#5313)\n + chore(doc): migrate cc_bootcmd to templates (#5313)\n + fix(apt): Enable calling apt update multiple times (#5230)\n + chore(VMware): Modify section of instance-id in the customization config\n (#5356) [PengpengSun]\n + fix(treewide): Remove dead code (#5332) [Shreenidhi Shedi]\n + doc: network-config v2 ethernets are of type object (#5381) [Malte Poll]\n + Release 24.1.7 (#5375)\n + fix(azure): url_helper: specify User-Agent when using headers_cb with\n readurl() (#5298) [Ksenija Stanojevic]\n + fix: Stop attempting to resize ZFS in cc_growpart on Linux (#5370)\n + doc: update docs adding YAML 1.1 spec and jinja template references\n + fix(final_message): do not warn on datasourcenone when single ds\n + fix(growpart): correct growpart log message to include value of mode\n + feat(hotplug): disable hotplugd.socket (#5058)\n + feat(hotlug): trigger hotplug after cloud-init.service (#5058)\n + test: add function to push and enable systemd units (#5058)\n + test(util): fix wait_until_cloud_init exit code 2 (#5058)\n + test(hotplug): fix race getting ipv6 (#5271)\n + docs: Adjust CSS to increase font weight across the docs (#5363) [Sally]\n + fix(ec2): Correctly identify netplan renderer (#5361)\n + tests: fix expect logging from growpart on devent with partition (#5360)\n + test: Add v2 test coverage to test_net.py (#5247)\n + refactor: Simplify collect_logs() in logs.py (#5268)\n + fix: Ensure no subp from logs.py import (#5268)\n + tests: fix integration tests for ubuntu pro 32.3 release (#5351)\n + tests: add oracular\u0027s hello package for pkg upgrade test (#5354)\n + growpart: Fix behaviour for ZFS datasets (#5169) [Mina Gali\u0107]\n + device_part_info: do not recurse if we did not match anything (#5169)\n [Mina Gali\u0107]\n + feat(alpine): add support for Busybox adduser/addgroup (#5176)\n [dermotbradley]\n + ci: Move lint tip and py3-dev jobs to daily (#5347)\n + fix(netplan): treat netplan warnings on stderr as debug for cloud-init\n (#5348)\n + feat(disk_setup): Add support for nvme devices (#5263)\n + fix(log): Do not warn when doing requested operation (#5263)\n + Support sudoers in the \"/usr/usr merge\" location (#5161)\n [Robert Schweikert]\n + doc(nocloud): Document network-config file (#5204)\n + fix(netplan): Fix predictable interface rename issue (#5339)\n + cleanup: Don\u0027t execute code on import (#5295)\n + fix(net): Make duplicate route add succeed. (#5343)\n + fix(freebsd): correct configuration of IPv6 routes (#5291) [Th\u00e9o Bertin]\n + fix(azure): disable use-dns for secondary nics (#5314)\n + chore: fix lint failure (#5320)\n + Update pylint version to support python 3.12 (#5338) [Ani Sinha]\n + fix(tests): use regex to avoid focal whitespace in jinja debug test\n (#5335)\n + chore: Add docstrings and types to Version class (#5262)\n + ci(mypy): add type-jinja2 stubs (#5337)\n + tests(alpine): github trust lxc mounted source dir cloud-init-ro (#5329)\n + test: Add oracular release to integration tests (#5328)\n + Release 24.1.6 (#5326)\n + test: Fix failing test_ec2.py test (#5324)\n + fix: Check renderer for netplan-specific code (#5321)\n + docs: Removal of top-level --file breaking change (#5308)\n + fix: typo correction of delaycompress (#5317)\n + docs: Renderers/Activators have downstream overrides (#5322)\n + fix(ec2): Ensure metadata exists before configuring PBR (#5287)\n + fix(lxd): Properly handle unicode from LXD socket (#5309)\n + docs: Prefer \"artifact\" over \"artefact\" (#5311) [Arthur Le Maitre]\n + chore(doc): migrate cc_byobu to templates\n + chore(doc): migrate cc_bootcmd to templates\n + chore(doc): migrate apt_pipelining and apk_configure to templates\n + tests: in_place mount module-docs into lxd vm/container\n + feat(docs): generate rtd module schema from rtd/module-docs\n + feat: Set RH ssh key permissions when no \u0027ssh_keys\u0027 group (#5296)\n [Ani Sinha]\n + test: Avoid circular import in Azure tests (#5280)\n + test: Fix test_failing_userdata_modules_exit_codes (#5279)\n + chore: Remove CPY check from ruff (#5281)\n + chore: Clean up docstrings\n + chore(ruff): Bump to version 0.4.3\n + feat(systemd): Improve AlmaLinux OS and CloudLinux OS support (#5265)\n [Elkhan Mammadli]\n + feat(ca_certs): Add AlmaLinux OS and CloudLinux OS support (#5264)\n [Elkhan Mammadli]\n + docs: cc_apt_pipelining docstring typo fix (#5273) [Alex Ratner]\n + feat(azure): add request identifier to IMDS requests (#5218)\n [Ksenija Stanojevic]\n + test: Fix TestFTP integration test (#5237) [d1r3ct0r]\n + feat(ifconfig): prepare for CIDR output (#5272) [Mina Gali\u0107]\n + fix: stop manually dropping dhcp6 key in integration test (#5267)\n [Alec Warren]\n + test: Remove some CiTestCase tests (#5256)\n + fix: Warn when signal is handled (#5186)\n + fix(snapd): ubuntu do not snap refresh when snap absent (LP: #2064300)\n + feat(landscape-client): handle already registered client (#4784)\n [Fabian Lichtenegger-Lukas]\n + doc: Show how to debug external services blocking cloud-init (#5255)\n + fix(pdb): Enable running cloud-init under pdb (#5217)\n + chore: Update systemd description (#5250)\n + fix(time): Harden cloud-init to system clock changes\n + fix: Update analyze timestamp uptime\n + fix(schema): no network validation on netplan systems without API\n + fix(mount): Don\u0027t run cloud-init.service if cloud-init disabled (#5226)\n + fix(ntp): Fix AlmaLinux OS and CloudLinux OS support (#5235)\n [Elkhan Mammadli]\n + tests: force version of cloud-init from PPA regardless of version (#5251)\n + ci: Print isort diff (#5242)\n + test: Fix integration test dependencies (#5248)\n + fix(ec2): Fix broken uuid match with other-endianness (#5236)\n + fix(schema): allow networkv2 schema without top-level key (#5239)\n [Cat Red]\n + fix(cmd): Do not hardcode reboot command (#5208)\n + test: Run Alpine tests without network (#5220)\n + docs: Add base config reference from explanation (#5241)\n + docs: Remove preview from WSL tutorial (#5225)\n + chore: Remove broken maas code (#5219)\n + feat(WSL): Add support for Ubuntu Pro configs (#5116) [Ash]\n + chore: sync ChangeLog and version.py from 24.1.x (#5228)\n + bug(package_update): avoid snap refresh in images without snap command\n (LP: #2064132)\n + ci: Skip package build on tox runs (#5210)\n + chore: Fix test skip message\n + test(ec2): adopt pycloudlib public ip creation while launching instances\n + test(ec2): add ipv6 testing for multi-nic instances\n + test(ec2): adopt pycloudlib enable_ipv6 while launching instances\n + feat: tool to print diff between netplan and networkv2 schema (#5200)\n [Cat Red]\n + test: mock internet access in test_upgrade (#5212)\n + ci: Add timezone for alpine unit tests (#5216)\n + fix: Ensure dump timestamps parsed as UTC (#5214)\n + docs: Add WSL tutorial (#5206)\n + feature(schema): add networkv2 schema (#4892) [Cat Red]\n + Add alpine unittests to ci (#5121)\n + test: Fix invalid openstack datasource name (#4905)\n + test: Fix MAAS test and mark xfail (#4905)\n + chore(ds-identify): Update shellcheck ignores (#4905)\n + fix(ds-identify): Prevent various false positives and false negatives\n (#4905)\n + Use grep for faster parsing of cloud config in ds-identify (#4905)\n [Scott Moser] (LP: #2030729)\n + tests: validate netplan API YAML instead of strict content (#5195)\n + chore(templates): update ubuntu universe wording (#5199)\n + Deprecate the users ssh-authorized-keys property (#5162)\n [Anders Bj\u00f6rklund]\n + doc(nocloud): Describe ftp and ftp over tls implementation (#5193)\n + feat(net): provide network config to netplan.State for render (#4981)\n + docs: Add breaking datasource identification changes (#5171)\n + fix(openbsd): Update build-on-openbsd python dependencies (#5172)\n [Hyacinthe Cartiaux]\n + fix: Add subnet ipv4/ipv6 to network schema (#5191)\n + docs: Add deprecated system_info to schema (#5168)\n + docs: Add DataSourceNone documentation (#5165)\n + test: Skip test if console log is None (#5188)\n + fix(dhcp): Enable interactively running cloud-init init --local (#5166)\n + test: Update message for netplan apply dbus issue\n + test: install software-properties-common if absent during PPA setup\n + test: bump pycloudlib to use latest version\n + test: Update version of hello package installed on noble\n + test: universally ignore netplan apply dbus issue (#5178)\n + chore: Remove obsolete nose workaround\n + feat: Add support for FTP and FTP over TLS (#4834)\n + feat(opennebula): Add support for posix shell\n + test: Make analyze tests not depend on GNU date\n + test: Eliminate bash dependency from subp tests\n + docs: Add breaking changes section to reference docs (#5147) [Cat Red]\n + util: add log_level kwarg for logexc() (#5125) [Chris Patterson]\n + refactor: Make device info part of distro definition (#5067)\n + refactor: Distro-specific growpart code (#5067)\n + test(ec2): fix mocking with responses==0.9.0 (focal) (#5163)\n + chore(safeyaml): Remove unicode helper for Python2 (#5142)\n + Revert \"test: fix upgrade dhcp6 on ec2 (#5131)\" (#5148)\n + refactor(net): Reuse netops code\n + refactor(iproute2): Make expressions multi-line for legibility\n + feat(freebsd): support freebsd find part by gptid and ufsid (#5122)\n [jinkangkang]\n + feat: Determining route metric based on NIC name (#5070) [qidong.ld]\n + test: Enable profiling in integration tests (#5130)\n + dhcp: support configuring static routes for dhclient\u0027s unknown-121\n option (#5146) [Chris Patterson]\n + feat(azure): parse ProvisionGuestProxyAgent as bool (#5126)\n [Ksenija Stanojevic]\n + fix(url_helper): fix TCP connection leak on readurl() retries (#5144)\n [Chris Patterson]\n + test: pytest-ify t/u/sources/test_ec2.py\n + Revert \"ec2: Do not enable dhcp6 on EC2 (#5104)\" (#5145) [Major Hayden]\n + fix: Logging sensitive data\n + test: Mock ds-identify systemd path (#5119)\n + fix(dhcpcd): Make lease parsing more robust (#5129)\n + test: fix upgrade dhcp6 on ec2 (#5131)\n + net/dhcp: raise InvalidDHCPLeaseFileError on error parsing dhcpcd lease\n (#5128) [Chris Patterson]\n + fix: Fix runtime file locations for cloud-init (#4820)\n + ci: fix linkcheck.yml invalid yaml (#5123)\n + net/dhcp: bump dhcpcd timeout to 300s (#5127) [Chris Patterson]\n + ec2: Do not enable dhcp6 on EC2 (#5104) [Major Hayden]\n + fix: Fall back to cached local ds if no valid ds found (#4997)\n [PengpengSun]\n + ci: Make linkcheck a scheduled job (#5118)\n + net: Warn when interface rename fails\n + ephemeral(dhcpcd): Set dhcpcd interface down\n + Release 24.1.3\n + chore: Handle all level 1 TiCS security violations (#5103)\n + fix: Always use single datasource if specified (#5098)\n + fix(tests): Leaked mocks (#5097)\n + fix(rhel)!: Fix network boot order in upstream cloud-init\n + fix(rhel): Fix network ordering in sysconfig\n + feat: Use NetworkManager renderer by default in RHEL family\n + fix: Allow caret at the end of apt package (#5099)\n + test: Add missing mocks to prevent bleed through (#5082)\n [Robert Schweikert]\n + fix: Ensure network config in DataSourceOracle can be unpickled (#5073)\n + docs: set the home directory using homedir, not home (#5101)\n [Olivier Gayot] (LP: #2047796)\n + fix(cacerts): Correct configuration customizations for Photon (#5077)\n [Christopher McCann]\n + fix(test): Mock systemd fs path for non-systemd distros\n + fix(tests): Leaked subp.which mock\n + fix(networkd): add GatewayOnLink flag when necessary (#4996) [\u738b\u714e\u997c]\n + Release 24.1.2\n + test: fix `disable_sysfs_net` mock (#5065)\n + refactor: don\u0027t import subp function directly (#5065)\n + test: Remove side effects from tests (#5074)\n + refactor: Import log module rather than functions (#5074)\n + fix: Fix breaking changes in package install (#5069)\n + fix: Undeprecate \u0027network\u0027 in schema route definition (#5072)\n + refactor(ec2): simplify convert_ec2_metadata_network_config\n + fix(ec2): fix ipv6 policy routing\n + fix: document and add \u0027accept-ra\u0027 to network schema (#5060)\n + bug(maas): register the correct DatasourceMAASLocal in init-local\n (#5068) (LP: #2057763)\n + ds-identify: Improve ds-identify testing flexibility (#5047)\n + fix(ansible): Add verify_commit and inventory to ansible.pull schema\n (#5032) [Fionn Fitzmaurice]\n + doc: Explain breaking change in status code (#5049)\n + gpg: Handle temp directory containing files (#5063)\n + distro(freebsd): add_user: respect homedir (#5061) [Mina Gali\u0107]\n + doc: Install required dependencies (#5054)\n + networkd: Always respect accept-ra if set (#4928) [Phil Sphicas]\n + chore: ignore all cloud-init_*.tar.gz in .gitignore (#5059)\n + test: Don\u0027t assume ordering of ThreadPoolExecutor submissions (#5052)\n + feat: Add new distro \u0027azurelinux\u0027 for Microsoft Azure Linux. (#4931)\n [Dan Streetman]\n + fix(gpg): Make gpg resilient to host configuration changes (#5026)\n + Sync 24.1.1 changelog and version\n + DS VMware: Fix ipv6 addr converter from netinfo to netifaces (#5029)\n [PengpengSun]\n + packages/debian: remove dependency on isc-dhcp-client (#5041)\n [Chris Patterson]\n + test: Allow fake_filesystem to work with TemporaryDirectory (#5035)\n + tests: Don\u0027t wait for GCE instance teardown (#5037)\n + fix: Include DataSourceCloudStack attribute in unpickle test (#5039)\n + bug(vmware): initialize new DataSourceVMware attributes at unpickle\n (#5021) (LP: #2056439)\n + fix(apt): Don\u0027t warn on apt 822 source format (#5028)\n + fix(atomic_helper.py): ensure presence of parent directories (#4938)\n [Shreenidhi Shedi]\n + fix: Add \"broadcast\" to network v1 schema (#5034) (LP: #2056460)\n + pro: honor but warn on custom ubuntu_advantage in /etc/cloud/cloud.cfg\n (#5030)\n + net/dhcp: handle timeouts for dhcpcd (#5022) [Chris Patterson]\n + fix: Make wait_for_url respect explicit arguments\n + test: Fix scaleway retry assumptions\n + fix: Make DataSourceOracle more resilient to early network issues\n (#5025) (LP: #2056194)\n + chore(cmd-modules): fix exit code when --mode init (#5017)\n + feat: pylint: enable W0201 - attribute-defined-outside-init\n + refactor: Ensure no attributes defined outside __init__\n + chore: disable attribute-defined-outside-init check in tests\n + refactor: Use _unpickle rather than hasattr() in sources\n + chore: remove unused vendordata \"_pure\" variables\n + chore(cmd-modules): deprecate --mode init (#5005)\n + tests: drop CiTestCase and convert to pytest\n + bug(tests): mock reads of host\u0027s /sys/class/net via get_sys_class_path\n + fix: log correct disabled path in ds-identify (#5016)\n + tests: ec2 dont spend \u003e 1 second retrying 19 times when 3 times will do\n + tests: openstack mock expected ipv6 IMDS\n + bug(wait_for_url): when exceptions occur url is unset, use url_exc\n (LP: #2055077)\n + feat(run-container): Run from arbitrary commitish (#5015)\n + tests: Fix wsl test (#5008)\n + feat(ds-identify): Don\u0027t run unnecessary systemd-detect-virt (#4633)\n + chore(ephemeral): add debug log when bringing up ephemeral network\n (#5010) [Alec Warren]\n + release: sync changelog and version (#5011)\n + Cleanup test_net.py (#4840)\n + refactor: remove dependency on netifaces (#4634) [Cat Red]\n + feat: make lxc binary configurable (#5000)\n + docs: update 404 page for new doc site and bug link\n + test(aws): local network connectivity on multi-nics (#4982)\n + test: Make integration test output more useful (#4984)\n\nFrom 24.1.7\n\n + fix(ec2): Correctly identify netplan renderer (#5361)\n\nFrom 24.1.6\n\n + fix(ec2): Ensure metadata exists before configuring PBR (#5287)\n + fix: Check renderer for netplan-specific code (#5321)\n + test: Fix failing test_ec2.py test (#5324)\n\nFrom 24.1.5\n\n + fix(package_update): avoid snap refresh in images without snap command\n (LP: #2064132)\n\nFrom 24.1.4\n\n + fix(dhcpcd): Make lease parsing more robust (#5129)\n + net/dhcp: raise InvalidDHCPLeaseFileError on error parsing dhcpcd lease\n + (#5128) [Chris Patterson]\n + fix: Fix runtime file locations for cloud-init (#4820)\n + net/dhcp: bump dhcpcd timeout to 300s (#5127) [Chris Patterson]\n + net: Warn when interface rename fails\n + ephemeral(dhcpcd): Set dhcpcd interface down\n + test: Remove side effects from tests (#5074)\n + refactor: Import log module rather than functions (#5074)\n\nFrom 24.1.3\n\n + fix: Always use single datasource if specified (#5098)\n + fix: Allow caret at the end of apt package (#5099)\n\nFrom 24.1.2\n\n + test: Don\u0027t assume ordering of ThreadPoolExecutor submissions (#5052)\n + refactor(ec2): simplify convert_ec2_metadata_network_config\n + tests: drop CiTestCase and convert to pytest\n + bug(tests): mock reads of host\u0027s /sys/class/net via get_sys_class_path\n + fix: Fix breaking changes in package install (#5069)\n + fix: Undeprecate \u0027network\u0027 in schema route definition (#5072)\n + fix(ec2): fix ipv6 policy routing\n + fix: document and add \u0027accept-ra\u0027 to network schema (#5060)\n + bug(maas): register the correct DatasourceMAASLocal in init-local\n (#5068) (LP: #2057763)\n\nFrom 24.1.1\n\n + fix: Include DataSourceCloudStack attribute in unpickle test (#5039)\n + bug(vmware): initialize new DataSourceVMware attributes at unpickle (#5021)\n + fix(apt): Don\u0027t warn on apt 822 source format (#5028)\n + fix: Add \"broadcast\" to network v1 schema (#5034)\n + pro: honor but warn on custom ubuntu_advantage in /etc/cloud/cloud.cfg\n (#5030)\n + net/dhcp: handle timeouts for dhcpcd (#5022)\n + fix: Make wait_for_url respect explicit arguments\n + bug(wait_for_url): when exceptions occur url is unset, use url_exc\n + test: Fix scaleway retry assumptions\n + fix: Make DataSourceOracle more resilient to early network issues (#5025)\n + tests: Fix wsl test (#5008)\n\nFrom 24.1\n\n + fix: Don\u0027t warn on vendor directory (#4986)\n + apt: kill spawned keyboxd after gpg cmd interaction\n + tests: upgrade tests should only validate current boot log\n + net/dhcp: fix maybe_perform_dhcp_discovery check for interface=None\n [Chris Patterson]\n + doc(network-v2): fix section nesting levels\n + fix(tests): don\u0027t check for clean log on minimal image (#4965) [Cat Red]\n + fix(cc_resize): Don\u0027t warn if zpool command not found (#4969)\n (LP: #2055219)\n + feat(subp): Make invalid command warning more user-friendly (#4972)\n + docs: Remove statement about device path matching (#4966)\n + test: Fix xfail to check the dhcp client name (#4971)\n + tests: avoid console prompts when removing gpg on Noble\n + test: fix test_get_status_systemd_failure\n + fix: Remove hardcoded /var/lib/cloud hotplug path (#4940)\n + refactor: Refactor status.py (#4864)\n + test: Use correct lxd network-config keys (#4950)\n + test: limit temp dhcp6 changes to \u003c NOBLE (#4942)\n + test: allow downgrades when install debs (#4941)\n + tests: on noble, expect default /etc/apt/sources.list\n + tests: lxd_vm early boot status test ordered After=systemd-remount-fs\n (#4936)\n + tests: pro integration tests supply ubuntu_advantage until pro v32\n (#4935)\n + feat(hotplug): add cmd to enable hotplug (#4821)\n + test: fix test_combined_cloud_config_json (#4925)\n + test: xfail udhcpc on azure (#4924)\n + feat: Implement the WSL datasource (#4786) [Carlos Nihelton]\n + refactor(openrc): Improve the OpenRC files (#4916) [dermotbradley]\n + tests: use apt install instead of dpkg -i to install pkg deps\n + tests: inactive module rename ubuntu_advantage to ubuntu_pro\n + test: fix tmpdir in test_cc_apk_configure (#4914)\n + test: fix jsonschema version checking in pro test (#4915)\n + feat(dhcp): Make dhcpcd the default dhcp client (#4912)\n + feat(Alpine) cc_growpart.py: fix handling of /dev/mapper devices (#4876)\n [dermotbradley]\n + test: Retry longer in test_status.py integration test (#4910)\n + test: fix kernel override test (#4913)\n + chore: Rename sysvinit/gentoo directory to sysvinit/openrc (#4906)\n [dermotbradley]\n + doc: update ubuntu_advantage references to pro\n + chore: rename cc_ubuntu_advantage to cc_ubuntu_pro (SC-1555)\n + feat(ubuntu pro): deprecate ubuntu_pro key in favor of ubuntu_advantage\n + feat(schema): support ubuntu_pro key and deprecate ubuntu_advantage\n + test: fix verify_clean_log (#4903)\n + test: limit test_no_hotplug_triggered_by_docker to stable releases\n + tests: generalize warning Open vSwitch warning from netplan apply (#4894)\n + fix(hotplug): remove literal quotes in args\n + feat(apt): skip known /etc/apt/sources.list content\n + feat(apt): use APT deb822 source format by default\n + test(ubuntu-pro): change livepatch to esm-infra\n + doc(ec2): fix metadata urls (#4880)\n + fix: unpin jsonschema and update tests (#4882)\n + distro: add eject FreeBSD code path (#4838) [Mina Gali\u0107]\n + feat(ec2): add hotplug as a default network update event (#4799)\n + feat(ec2): support instances with repeated device-number (#4799)\n + feat(cc_install_hotplug): trigger hook on known ec2 drivers (#4799)\n + feat(ec2): support multi NIC/IP setups (#4799)\n + feat(hotplug): hook-hotplug is now POSIX shell add OpenRC init script\n [dermotbradley]\n + test: harden test_dhcp.py::test_noble_and_newer_force_client\n + test: fix test_combined_cloud_config_json (#4868)\n + feat(apport): Disable hook when disabled (#4874)\n + chore: Add pyright ignore comments (#4874)\n + bug(apport): Fix invalid typing (#4874)\n + refactor: Move general apport hook to main branch (#4874)\n + feat(bootspeed)!: cloud-config.service drop After=snapd.seeded\n + chore: update CI package build to oldest supported Ubuntu release focal\n (#4871)\n + test: fix test_cli.test_valid_userdata\n + feat: handle error when log file is empty (#4859) [Hasan]\n + test: fix test_ec2_ipv6\n + fix: Address TIOBE abstract interpretation issues (#4866)\n + feat(dhcp): Make udhcpc use same client id (#4830)\n + feat(dhcp): Support InfiniBand with dhcpcd (#4830)\n + feat(azure): Add ProvisionGuestProxyAgent OVF setting (#4860)\n [Ksenija Stanojevic]\n + test: Bring back dhcp6 integration test changes (#4855)\n + tests: add status --wait blocking test from early boot\n + tests: fix retry decorator to return the func value\n + docs: add create_hostname_file to all hostname user-data examples\n (#4727) [Cat Red]\n + fix: Fix typos (#4850) [Viktor Sz\u00e9pe]\n + feat(dhcpcd): Read dhcp option 245 for azure wireserver (#4835)\n + tests(dhcp): Add udhcpc client to test matrix (#4839)\n + fix: Add types to network v1 schema (#4841)\n + docs(vmware): fixed indentation on example userdata yaml (#4854)\n [Alec Warren]\n + tests: Remove invalid keyword from method call\n + fix: Handle systemctl when dbus not ready (#4842) (LP: #2046483)\n + fix(schema cli): avoid netplan validation on net-config version 1\n + tests: reduce expected reports due to dropped rightscale module\n + tests(net-config): add awareness of netplan on stable Ubuntu\n [Gilbert Gilb\u0027s]\n + feat: fall back to cdrom_id eject if eject is not available (#4769)\n [Cat Red]\n + fix(packages/bddeb): restrict debhelper-compat to 12 in focal (#4831)\n + tests: Add kernel commandline test (#4833)\n + fix: Ensure NetworkManager renderer works without gateway (#4829)\n + test: Correct log parsing in schema test (#4832)\n + refactor: Remove cc_rightscale_userdata (#4813)\n + refactor: Replace load_file with load_binary_file to simplify typing\n (#4823)\n + refactor: Add load_text_file function to simplify typing (#4823)\n + refactor: Change variable name for consistent typing (#4823)\n + feat(dhcp): Add support for dhcpcd (#4746)\n + refactor: Remove unused networking code (#4810)\n + test: Add more DNS net tests\n + BREAKING CHANGE: Stop adding network v2 DNS to global DNS\n + doc: update DataSource.default_update_events doc (#4815)\n + chore: do not modify instance attribute (#4815)\n + test: fix mocking leaks (#4815)\n + Revert \"ci: Pin pytest\u003c8.0.0. (#4816)\" (#4815)\n + test: Update tests for passlib (#4818)\n + fix(net-schema): no warn when skipping schema check on non-netplan\n + feat(SUSE): reboot marker file is written as /run/reboot-needed (#4788)\n [Robert Schweikert]\n + test: Cleanup unwanted logger setup calls (#4817)\n + refactor(cloudinit.util): Modernize error handling, add better warnings\n (#4812)\n + ci: Pin pytest\u003c8.0.0. (#4816)\n + fix(tests): fixing KeyError on integrations tests (#4811) [Cat Red]\n + tests: integration for network schema on netplan systems (#4767)\n + feat(schema): use netplan API to validate network-config (#4767)\n + chore: define CLOUDINIT_NETPLAN_FILE static var (#4767)\n + fix: cli schema config-file option report network-config type (#4767)\n + refactor(azure): replace BrokenAzureDataSource with reportable errors\n (#4807) [Chris Patterson]\n + Fix Alpine and Mariner /etc/hosts templates (#4780) [dermotbradley]\n + tests: revert #4792 as noble images no longer return 2 (#4809) [Cat Red]\n + tests: use client fixture instead of class_client in cleantest (#4806)\n + tests: enable ds-idenitfy xfail test LXD-kvm-not-MAAS-1 (#4808)\n + fix(tests): failing integration tests due to missing ua token (#4802)\n [Cat Red]\n + Revert \"Use grep for faster parsing of cloud config in ds-identify\n (#4327)\"\n + tests: Demonstrate ds-identify yaml parsing broken\n + tests: add exit 2 on noble from cloud-init status (#4792)\n + fix: linkcheck for ci to ignore scaleway anchor URL (#4793)\n + feat: Update cacerts to support VMware Photon (#4763)\n [Christopher McCann]\n + fix: netplan rendering integrations tests (#4795) [Cat Red]\n + azure: remove cloud-init.log reporting via KVP (#4715) [Chris Patterson]\n + feat(Alpine): Modify ds-identify for Alpine support and add OpenRC\n init.d script (#4785) [dermotbradley]\n + doc: Add DatasourceScaleway documentation (#4773) [Louis Bouchard]\n + fix: packaged logrotate file lacks suffix on ubuntu (#4790)\n + feat(logrotate): config flexibility more backups (#4790)\n + fix(clean): stop warning when running clean command (#4761) [d1r3ct0r]\n + feat: network schema v1 strict on nic name length 15 (#4774)\n + logrotate config (#4721) [Fabian Lichtenegger-Lukas]\n + test: Enable coverage in integration tests (#4682)\n + test: Move unit test helpers to global test helpers (#4682)\n + test: Remove snapshot option from install_new_cloud_init (#4682)\n + docs: fix cloud-init single param docs (#4682)\n + Alpine: fix location of dhclient leases file (#4782) [dermotbradley]\n + test(jsonschema): Pin jsonschema version (#4781)\n + refactor(IscDhclient): discover DHCP leases at distro-provided location\n (#4683) [Phsm Qwerty]\n + feat: datasource check for WSL (#4730) [Carlos Nihelton]\n + test: Update hostname integration tests (#4744)\n + test: Add mantic and noble releases to integration tests (#4744)\n + refactor: Ensure internal DNS state same for v1 and v2 (#4756)\n + feat: Add v2 route mtu rendering to NetworkManager (#4748)\n + tests: stable ubuntu releases will not exit 2 on warnings (#4757)\n + doc(ds-identify): Describe ds-identify irrespective of distro (#4742)\n + fix: relax NetworkManager renderer rules (#4745)\n + fix: fix growpart race (#4618)\n + feat: apply global DNS to interfaces in network-manager (#4723)\n [Florian Apolloner]\n + feat(apt): remove /etc/apt/sources.list when deb22 preferred (#4740)\n + chore: refactor schema data as enums and namedtuples (#4585)\n + feat(schema): improve CLI message on unprocessed data files (#4585)\n + fix(config): relocate /run to /var/run on BSD (canonical#4677)\n [Mina Gali\u0107]\n + fix(ds-identify): relocate /run on *BSD (#4677) [Mina Gali\u0107]\n + fix(sysvinit): make code a bit more consistent (#4677) [Mina Gali\u0107]\n + doc: Document how cloud-init is, not how it was (#4737)\n + tests: add expected exit 2 on noble from cloud-init status (#4738)\n + test(linkcheck): ignore github md and rst link headers (#4734)\n + test: Update webhook test due to removed cc_migrator module (#4726)\n + fix(ds-identify): Return code 2 is a valid result, use cached value\n + fix(cloudstack): Use parsed lease file for virtual router in cloudstack\n + fix(dhcp): Guard against FileNotFoundError and NameError exceptions\n + fix(apt_configure): disable sources.list if rendering deb822 (#4699)\n (LP: #2045086)\n + docs: Add link to contributing to docs (#4725) [Cat Red]\n + chore: remove commented code (#4722)\n + chore: Add log message when create_hostname_file key is false (#4724)\n [Cat Red]\n + fix: Correct v2 NetworkManager route rendering (#4637)\n + azure/imds: log http failures as warnings instead of info (#4714)\n [Chris Patterson]\n + fix(setup): Relocate libexec on OpenBSD (#4708) [Mina Gali\u0107]\n + feat(jinja): better jinja feedback and error catching (#4629)\n [Alec Warren]\n + test: Fix silent swallowing of unexpected subp error (#4702)\n + fix: Move cloud-final.service after time-sync.target (#4610)\n [Dave Jones] (LP: #1951639)\n + feat(log): Make logger name more useful for __init__.py\n + chore: Remove cc_migrator module (#4690)\n + fix(tests): make cmd/devel/tests work on non-GNU [Mina Gali\u0107]\n + chore: Remove cmdline from spelling list (#4670)\n + doc: Document boot status meaning (#4670)\n + doc: Set expectations for new datasources (#4670)\n + ci: Show linkcheck broken links in job output (#4670)\n + dmi: Add support for OpenBSD (#4654) [Mina Gali\u0107]\n + ds-identify: fake dmidecode support on OpenBSD (#4654) [Mina Gali\u0107]\n + ds-identify: add OpenBSD support in uname (#4654) [Mina Gali\u0107]\n + refactor: Ensure \u0027_cfg\u0027 in Init class is dict (#4674)\n + refactor: Make event scope required in stages.py (#4674)\n + refactor: Remove unused argument (#4674)\n + chore: Move from lintian to a sphinx spelling plugin (#3639)\n + fix(doc): Fix spelling errors found by sphinxcontrib-spelling (#3639)\n + ci: Add Python 3.13 (#4567)\n + Add AlexSv04047 to CLA signers file (#4671) [AlexSv04047]\n + fix(openbsd): services \u0026 build tool (#4660) [CodeBleu]\n + tests/unittests: add a new unit test for network manager net activator\n (#4672) [Ani Sinha]\n + Implement DataSourceCloudStack.get_hostname() (#4433) [Phsm Qwerty]\n + net/nm: check for presence of ifcfg files when nm connection files\n are absent (#4645) [Ani Sinha]\n + doc: Overhaul debugging documentation (#4578)\n + doc: Move dangerous commands to dev docs (#4578)\n + doc: Relocate file location docs (#4578)\n + doc: Remove the debugging page (#4578)\n + fix(util): Fix boottime to work on OpenBSD (#4667) [Mina Gali\u0107]\n + net: allow dhcp6 configuration from generate_fallback_configuration()\n [Ani Sinha]\n + net/network_manager: do not set \"may-fail\" to False for both ipv4 and\n ipv6 dhcp [Ani Sinha]\n + feat(subp): Measure subprocess command time (#4606)\n + fix(python3.13): Fix import error for passlib on Python 3.13 (#4669)\n + style(brpm/bddeb): add black and ruff for packages build scripts (#4666)\n + copr: remove TODO.rst from spec file\n + fix(packages/brpm): correct syntax error and typo\n + style(ruff): fix tip target\n + config: Module documentation updates (#4599)\n + refactor(subp): Remove redundant parameter \u0027env\u0027 (#4555)\n + refactor(subp): Remove unused parameter \u0027target\u0027 (#4555)\n + refactor: Remove \u0027target\u0027 boilerplate from cc_apt_configure (#4555)\n + refactor(subp): Re-add return type to subp() (#4555)\n + refactor(subp): Add type information to args (#4555)\n + refactor(subp): Use subprocess.DEVNULL (#4555)\n + refactor(subp): Remove parameter \u0027combine_capture\u0027 (#4555)\n + refactor(subp): Remove unused parameter \u0027status_cb\u0027 (#4555)\n + fix(cli): fix parsing of argparse subcommands (#4559)\n [Calvin Mwadime] (LP: #2040325)\n + chore!: drop support for dsa ssh hostkeys in docs and schema (#4456)\n + chore!: do not generate ssh dsa host keys (#4456) [shixuantong]\n\nFrom 23.4.4\n\n + fix(nocloud): smbios datasource definition\n + tests: Check that smbios seed works\n + fix(source): fix argument boundaries when parsing cmdline (#4825)\n\nFrom 23.4.3\n\n + fix: Handle systemctl when dbus not ready (#4842)\n (LP: #2046483)\n\nFrom 23.4.2\n\n + fix: Handle invalid user configuration gracefully (#4797)\n (LP: #2051147)\n\nFrom 23.4.1\n\n + fix: Handle systemctl commands when dbus not ready (#4681)\n\nFrom 23.4\n\n + tests: datasourcenone use client.restart to block until done (#4635)\n + tests: increase number of retries across reboot to 90 (#4651)\n + fix: Add schema for merge types (#4648)\n + feat: Allow aliyun ds to fetch data in init-local (#4590) [qidong.ld]\n + azure: report failure to eject as error instead of debug (#4643)\n [Chris Patterson]\n + bug(schema): write network-config if instance dir present (#4635)\n + test: fix schema fuzzing test (#4639)\n + Update build-on-openbsd dependencies (#4644) [CodeBleu]\n + fix(test): Fix expected log for ipv6-only ephemeral network (#4641)\n + refactor: Remove metaclass from network_state.py (#4638)\n + schema: non-root fallback to default paths on perm errors (# 4631)\n + fix: Don\u0027t loosen the permissions of the log file (#4628)\n + Revert \"logging: keep current file mode of log file if its stricter\n than the new mode (#4250)\"\n + ephemeral: Handle link up failure for both ipv4 and ipv6 (#4547)\n + fix(main): Don\u0027t call logging too early (#4595)\n + fix: Remove Ubuntu-specific kernel naming convention assertion (#4617)\n + fix(log): Do not implement handleError with a self parameter (#4617)\n + fix(log): Don\u0027t try to reuse stderr logger (#4617)\n + feat: Standardize logging output to stderr (#4617)\n + chore: Sever unmaintained TODO.rst (#4625)\n + test: Skip failing tests\n + distros: Add suse\n + test: Add default hello package version (#4614)\n + fix(net): Improve DHCPv4 SUSE code, add test\n + net: Fix DHCPv4 not enabled on SUSE in some cases [bin456789]\n + fix(schema): Warn if missing dependency (#4616)\n + fix(cli): main source cloud_config for schema validation (#4562)\n + feat(schema): annotation path for invalid top-level keys (#4562)\n + feat(schema): top-level additionalProperties: false (#4562)\n + test: ensure top-level properties tests will pass (#4562)\n + fix(schema): Add missing schema definitions (#4562)\n + test: Fix snap tests (#4562)\n + azure: Check for stale pps data from IMDS (#4596) [Ksenija Stanojevic]\n + test: Undo dhcp6 integration test changes (#4612)\n + azure: update diagnostic from warning level to debug [Chris Patterson]\n + azure/imds: remove limit for connection errors if route present (#4604)\n + [Chris Patterson]\n + [enhancement]: Add shellcheck to CI (#4488) [Aviral Singh]\n + chore: add conventional commits template (#4593)\n + Revert \"net: allow dhcp6 configuration from\n generate_fallback_configuration()\" (#4607)\n + azure: workaround to disable reporting IMDS failures on Azure Stack\n [Chris Patterson]\n + cc_apt_pipelining: Update docs, deprecate options (#4571)\n + test: add gh workflows on push to main, update status badges (#4597)\n + util: Remove function abs_join() (#4587)\n + url_helper: Remove unused function retry_on_url_exc() (#4587)\n + cc_resizefs: Add bcachefs resize support (#4594)\n + integration_tests: Support non-Ubuntu distros (#4586)\n + fix(cmdline): fix cmdline parsing with MAC containing cc:\n + azure/errors: include http code in reason for IMDS failure\n [Chris Patterson]\n + tests: cloud-init schema --system does not return exit code 2\n + github: allow pull request to specify desired rebase and merge\n + tests: fix integration test expectations of exit 2 on schema warning\n + tests: fix schema test expected cli output Valid schema \u003ctype\u003e\n + fix(schema cli): check raw userdata when processed cloud-config empty\n + azure: report failure to host if ephemeral DHCP secondary NIC (#4558)\n [Chris Patterson]\n + man: Document cloud-init error codes (#4500)\n + Add support for cloud-init \"degraded\" state (#4500)\n + status.json: Don\u0027t override detail key with error condition (#4500)\n + status: Remove duplicated data (#4500)\n + refactor: Rename exported_errors in status.json (#4500)\n + test: Remove stale status.json value (#4500)\n + tools/render-template: Make yaml loading opt-in, fix setup.py (#4564)\n + Add summit digest/trip report to docs (#4561) [Sally]\n + doc: Fix incorrect statement about `cloud-init analyze`\n + azure/imds: ensure new errors are logged immediately when retrying\n (#4468) [Chris Patterson]\n + Clarify boothook docs (#4543)\n + boothook: allow stdout/stderr to emit to cloud-init-output.log\n + summit-notes: add 2023 notes for reference in mailinglist/discourse\n + fix: added mock to stop leaking journalctl that slows down unit test\n (#4556) [Alec Warren]\n + tests: maas test for DataSourceMAASLocal get_data\n + maas tests: avoid using CiTest case and prefer pytest.tmpdir fixture\n + MAAS: Add datasource to init-local timeframe\n + Ensure all tests passed and/or are skipped\n + Support QEMU in integration tests\n + fix(read-dependencies): handle version specifiers containing [~!]\n + test: unpin pytest\n + schema: network-config optional network key. route uses oneOf (#4482)\n + schema: add cloud_init_deepest_matches for best error message (#4482)\n + network: warn invalid cfg add /run/cloud-init/network-config (#4482)\n + schema: add network-config support to schema subcommand (#4482)\n + Update version number and merge ChangeLog from 23.3.3 into main (#4553)\n + azure: check for primary interface when performing DHCP (#4465)\n [Chris Patterson]\n + Fix hypothesis failure\n + subp: add a log when skipping a file for execution for lack of exe\n permission (#4506) [Ani Sinha]\n + azure/imds: refactor max_connection_errors definition (#4467)\n [Chris Patterson]\n + chore: fix PR template rendering (#4526)\n + fix(cc_apt_configure): avoid unneeded call to apt-install (#4519)\n + comment difference between sysconfig and NetworkManager renderer (#4517)\n [Ani Sinha]\n + Set Debian\u0027s default locale to be c.UTF-8 (#4503) (LP: #2038945)\n + Convert test_debian.py to pytest (#4503)\n + doc: fix cloudstack link\n + doc: fix development/contributing.html references\n + doc: hide duplicated links\n + Revert \"ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen\n (#4281)\" (#4511) (LP: #2039453)\n + Fix the missing mcopy argument [Vladimir Pouzanov]\n + tests: Add logging fix (#4499)\n + Update upgrade test to account for dhcp6\n + Remove logging of PPID path (#4502)\n + Make Python 3.12 CI test non-experimental (#4498)\n + ds-identify: exit 2 on disabled state from marker or cmdline (#4399)\n + cloud-init-generator: Various performance optimizations (#4399)\n + systemd: Standardize cloud-init systemd enablement (#4399)\n + benchmark: benchmark cloud-init-generator independent of ds-identify\n (#4399)\n + tests/integration_tests: add cloud-init disablement coverage (#4399)\n + doc: Describe disabling cloud-init using an environment variable (#4399)\n + fix: cloud-init status --wait broken with KERNEL_CMDLINE (#4399)\n + azure/imds: retry on 429 errors for reprovisiondata (#4470)\n [Chris Patterson]\n + cmd: Don\u0027t write json status files for non-boot stages (#4478)\n + ds-identify: Allow disable service and override environment (#4485)\n [Mina Gali\u0107]\n + Update DataSourceNWCS.py (#4496) [shell-skrimp]\n + Add r00ta to CLA signers file\n + Fix override of systemd_locale_conf in rhel [Jacopo Rota]\n + ci(linkcheck): minor fixes (#4495)\n + integration test fix for deb822 URI format (#4492)\n + test: use a mantic-compatible tz in t/i/m/test_combined.py (#4494)\n + ua: shift CLI command from ua to pro for all interactions\n + pro: avoid double-dash when enabling inviddual services on CLI\n + net: allow dhcp6 configuration from generate_fallback_configuration()\n (#4474) [Ani Sinha]\n + tests: apt re.search to match alternative ordering of installed pkgs\n + apt: doc apt_pkg performance improvement over subp apt-config dump\n + Tidy up contributing docs (#4469) [Sally]\n + [enhancement]: Automatically linkcheck in CI (#4479) [Aviral Singh]\n + Revert allowing pro service warnings (#4483)\n + Export warning logs to status.json (#4455)\n + Fix regression in package installation (#4466)\n + schema: cloud-init schema in early boot or in dev environ (#4448)\n + schema: annotation of nested dicts lists in schema marks (#4448)\n + feat(apport): collect ubuntu-pro logs if ubuntu-advantage.log present\n (#4443)\n + apt_configure: add deb822 support for default sources file (#4437)\n + net: remove the word \"on instance boot\" from cloud-init generated config\n (#4457) [Ani Sinha]\n + style: Make cloudinit.log functions use snake case (#4449)\n + Don\u0027t recommend using cloud-init as a library (#4459)\n + vmware: Fall back to vmtoolsd if vmware-rpctool errs (#4444)\n [Andrew Kutz]\n + azure: add option to enable/disable secondary ip config (#4432)\n + [Ksenija Stanojevic]\n + Allow installing snaps via package_update_upgrade_install module (#4202)\n + docs: Add cloud-init overview/introduction (#4440) [Sally]\n + apt: install software-properties-common when absent but needed (#4441)\n + sources/Azure: Ignore system volume information folder while scanning\n for files in the ntfs resource disk (#4446) [Anh Vo]\n + refactor: Remove unnecessary __main__.py file\n + style: Drop vi format comments\n + cloudinit.log: Use more appropriate exception (#4435)\n + cloudinit.log: Don\u0027t configure NullHandler (#4435)\n + commit 6bbbfbbb030831c72b5aa2bba9cb8492f19d56f4\n + cloudinit.log: Remove unnecessary module function and variables (#4435)\n + cloudinit.log: Remove unused getLogger wrapper (#4435)\n + cloudinit.log: Standardize use of cloudinit\u0027s logging module (#4435)\n + Remove unnecessary logging wrapper in Cloud class (#4435)\n + integration test: allow pro service warnings (#4447)\n + integration tests: fix mount indentation (#4445)\n + sources/Azure: fix for conflicting reports to platform (#4434)\n [Chris Patterson]\n + docs: link the cloud-config validation service (#4442)\n + Fix pip-managed ansible on pip \u003c 23.0.1 (#4403)\n + Install gnupg if gpg not found (#4431)\n + Add \"phsm\" as contributor (#4429) [Phsm Qwerty]\n + cc_ubuntu_advantage: do not rely on uaclient.messages module (#4397)\n [Grant Orndorff]\n + tools/ds-identify: match Azure datasource\u0027s ds_detect() behavior (#4430)\n [Chris Patterson]\n + Refactor test_apt_source_v1.py to use pytest (#4427)\n + sources: do not override datasource detection if None is in list (#4426)\n [Chris Patterson]\n + feat: check for create_hostname_file key before writing /etc/hostname\n (SC-1588) (#4330) [Cat Red]\n + Pytestify apt config test modules (#4424)\n + upstream gentoo patch (#4422)\n + Work around no instance ip (#4419)\n + Fix typing issues in subp module (#4401)\n + net: fix ipv6_dhcpv6_stateful/stateless/slaac configuration for rhel\n (#4395) [Ani Sinha]\n + Release 23.3.1\n + apt: kill dirmngr/gpg-agent without gpgconf dependency (LP: #2034273)\n + integration tests: fix mount indentation (#4405)\n + Use grep for faster parsing of cloud config in ds-identify (#4327)\n [Scott Moser] (LP: #2030729)\n + doc: fix instructions on how to disable cloud-init from kernel command\n line (#4406) [Ani Sinha]\n + doc/vmware: Update contents relevant to disable_vmware_customization\n [PengpengSun]\n + Bring back flake8 for python 3.6 (#4394)\n + integration tests: Fix cgroup parsing (#4402)\n + summary: Update template parameter descriptions in docs [MJ Moshiri]\n + Log PPID for better debugging (#4398)\n + integration tests: don\u0027t clean when KEEP_* flags true (#4400)\n + clean: add a new option to clean generated config files [Ani Sinha]\n + pep-594: drop deprecated pipes module import\n\nFrom 23.3.3\n\n + Fix pip-managed ansible on pip \u003c 23.0.1 (#4403)\n\nFrom 23.3.2\n\n + Revert \"ds-identify/CloudStack: $DS_MAYBE if vm running on vmware/xen\"\n (#4281) (#4511) (LP: #2039453)\n\nFrom 23.3.1\n\n + apt: kill dirmngr/gpg-agent without gpgconf dependency (LP: #2034273)\n + integration tests: Fix cgroup parsing (#4402)\n\n- Add cloud-init-direxist.patch (bsc#1236720)\n + Make sure the directory exists, if not create it, before writing in that\n location.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-276",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20755-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20755-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520755-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20755-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041923.html"
},
{
"category": "self",
"summary": "SUSE Bug 1035106",
"url": "https://bugzilla.suse.com/1035106"
},
{
"category": "self",
"summary": "SUSE Bug 1047363",
"url": "https://bugzilla.suse.com/1047363"
},
{
"category": "self",
"summary": "SUSE Bug 1116767",
"url": "https://bugzilla.suse.com/1116767"
},
{
"category": "self",
"summary": "SUSE Bug 1121878",
"url": "https://bugzilla.suse.com/1121878"
},
{
"category": "self",
"summary": "SUSE Bug 1170154",
"url": "https://bugzilla.suse.com/1170154"
},
{
"category": "self",
"summary": "SUSE Bug 1174443",
"url": "https://bugzilla.suse.com/1174443"
},
{
"category": "self",
"summary": "SUSE Bug 1174444",
"url": "https://bugzilla.suse.com/1174444"
},
{
"category": "self",
"summary": "SUSE Bug 1181283",
"url": "https://bugzilla.suse.com/1181283"
},
{
"category": "self",
"summary": "SUSE Bug 1186004",
"url": "https://bugzilla.suse.com/1186004"
},
{
"category": "self",
"summary": "SUSE Bug 1192343",
"url": "https://bugzilla.suse.com/1192343"
},
{
"category": "self",
"summary": "SUSE Bug 1210277",
"url": "https://bugzilla.suse.com/1210277"
},
{
"category": "self",
"summary": "SUSE Bug 1214169",
"url": "https://bugzilla.suse.com/1214169"
},
{
"category": "self",
"summary": "SUSE Bug 1228414",
"url": "https://bugzilla.suse.com/1228414"
},
{
"category": "self",
"summary": "SUSE Bug 1233649",
"url": "https://bugzilla.suse.com/1233649"
},
{
"category": "self",
"summary": "SUSE Bug 1236720",
"url": "https://bugzilla.suse.com/1236720"
},
{
"category": "self",
"summary": "SUSE Bug 1237764",
"url": "https://bugzilla.suse.com/1237764"
},
{
"category": "self",
"summary": "SUSE Bug 1239715",
"url": "https://bugzilla.suse.com/1239715"
},
{
"category": "self",
"summary": "SUSE Bug 1245401",
"url": "https://bugzilla.suse.com/1245401"
},
{
"category": "self",
"summary": "SUSE Bug 1245403",
"url": "https://bugzilla.suse.com/1245403"
},
{
"category": "self",
"summary": "SUSE Bug 918952",
"url": "https://bugzilla.suse.com/918952"
},
{
"category": "self",
"summary": "SUSE Bug 919305",
"url": "https://bugzilla.suse.com/919305"
},
{
"category": "self",
"summary": "SUSE Bug 998103",
"url": "https://bugzilla.suse.com/998103"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1786 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-11584 page",
"url": "https://www.suse.com/security/cve/CVE-2024-11584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6174 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6174/"
}
],
"title": "Security update for cloud-init",
"tracking": {
"current_release_date": "2025-09-23T09:05:48Z",
"generator": {
"date": "2025-09-23T09:05:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20755-1",
"initial_release_date": "2025-09-23T09:05:48Z",
"revision_history": [
{
"date": "2025-09-23T09:05:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"product": {
"name": "cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"product_id": "cloud-init-25.1.3-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"product": {
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"product_id": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"product": {
"name": "cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"product_id": "cloud-init-25.1.3-slfo.1.1_1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"product": {
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"product_id": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"product": {
"name": "cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"product_id": "cloud-init-25.1.3-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"product": {
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"product_id": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"product": {
"name": "cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"product_id": "cloud-init-25.1.3-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64",
"product": {
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64",
"product_id": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cloud-init-25.1.3-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64"
},
"product_reference": "cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cloud-init-25.1.3-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le"
},
"product_reference": "cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cloud-init-25.1.3-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x"
},
"product_reference": "cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cloud-init-25.1.3-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64"
},
"product_reference": "cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64"
},
"product_reference": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le"
},
"product_reference": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x"
},
"product_reference": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
},
"product_reference": "cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-1786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1786"
}
],
"notes": [
{
"category": "general",
"text": "Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1786",
"url": "https://www.suse.com/security/cve/CVE-2023-1786"
},
{
"category": "external",
"summary": "SUSE Bug 1210277 for CVE-2023-1786",
"url": "https://bugzilla.suse.com/1210277"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-1786"
},
{
"cve": "CVE-2024-11584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-11584"
}
],
"notes": [
{
"category": "general",
"text": "cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the \"/run/cloud-init/hook-hotplug-cmd\" FIFO. An unprivileged user could trigger hotplug-hook commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-11584",
"url": "https://www.suse.com/security/cve/CVE-2024-11584"
},
{
"category": "external",
"summary": "SUSE Bug 1245403 for CVE-2024-11584",
"url": "https://bugzilla.suse.com/1245403"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-11584"
},
{
"cve": "CVE-2024-6174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6174"
}
],
"notes": [
{
"category": "general",
"text": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6174",
"url": "https://www.suse.com/security/cve/CVE-2024-6174"
},
{
"category": "external",
"summary": "SUSE Bug 1245401 for CVE-2024-6174",
"url": "https://bugzilla.suse.com/1245401"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-25.1.3-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:cloud-init-config-suse-25.1.3-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T09:05:48Z",
"details": "important"
}
],
"title": "CVE-2024-6174"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…