Ubuntu
ec2-instance-connect package

  1. Bug #1904741
  2. Activity log

Activity log for bug #1904741

Date Who What changed Old value New value Message
2020-11-18 13:28:42 Balint Reczey bug added bug
2020-11-18 14:38:51 Balint Reczey summary Please update to upstream release 1.1.13 Verify that domain returned from IMDS is an AWS domain
2020-11-18 14:45:46 Balint Reczey description TODO [Impact] The domain returned from IMDS is not verified if it was and AWS domain. [Test Cases] 0) Deploy an Amazon AWS instance with Instance Connect feature enabled 1) Connect to the instance using Instance Connect, for example by pressing the "Connect" button on the web UI. 2. Within a few ten seconds of connecting run (assuming using the ubuntu username): bash -x /usr/share/ec2-instance-connect/eic_curl_authorized_keys ubuntu 3) The debug output should show successful validation: ... ++ /usr/bin/curl -s -f -m 1 -H 'X-aws-ec2-metadata-token: ...XXX...==' http://169.254.169.254/latest/meta-data/services/domain/ + domain=amazonaws.com + domain_exit=0 + '[' 0 -ne 0 ']' + is_domain_valid=1 + for valid_domain in amazonaws.com amazonaws.com.cn c2s.ic.gov sc2s.sgov.gov + '[' amazonaws.com = amazonaws.com ']' + is_domain_valid=0 + break + '[' 0 -eq 1 ']' ++ /usr/bin/printf managed-ssh-signer.%s.%s us-east-2 amazonaws.com ... [Regression Potential] The validation code can fail preventing connection to the VM. Considering that this is a very small amount of code an looks OK this is unlikely. The validation could also falsely pass, but that would not be a regression since the validation was not there before.
2020-11-18 14:55:48 Balint Reczey summary Verify that domain returned from IMDS is an AWS domain Please update to 1.1.13 upstream release
2020-11-18 14:57:10 Balint Reczey summary Please update to 1.1.13 upstream release Verify that domain returned from IMDS is an AWS domain
2020-11-18 19:16:08 Launchpad Janitor ec2-instance-connect (Ubuntu): status New Fix Released
2020-11-19 10:26:01 Łukasz Zemczak ec2-instance-connect (Ubuntu Groovy): status New Fix Committed
2020-11-19 10:26:02 Łukasz Zemczak bug added subscriber Ubuntu Stable Release Updates Team
2020-11-19 10:26:03 Łukasz Zemczak bug added subscriber SRU Verification
2020-11-19 10:26:05 Łukasz Zemczak tags verification-needed verification-needed-groovy
2020-11-19 10:28:42 Łukasz Zemczak ec2-instance-connect (Ubuntu Focal): status New Fix Committed
2020-11-19 10:28:46 Łukasz Zemczak tags verification-needed verification-needed-groovy verification-needed verification-needed-focal verification-needed-groovy
2020-11-19 10:29:32 Łukasz Zemczak ec2-instance-connect (Ubuntu Bionic): status New Fix Committed
2020-11-19 10:29:35 Łukasz Zemczak tags verification-needed verification-needed-focal verification-needed-groovy verification-needed verification-needed-bionic verification-needed-focal verification-needed-groovy
2020-11-19 10:32:34 Łukasz Zemczak ec2-instance-connect (Ubuntu Xenial): status New Fix Committed
2020-11-19 10:32:37 Łukasz Zemczak tags verification-needed verification-needed-bionic verification-needed-focal verification-needed-groovy verification-needed verification-needed-bionic verification-needed-focal verification-needed-groovy verification-needed-xenial
2020-11-24 16:08:27 Balint Reczey tags verification-needed verification-needed-bionic verification-needed-focal verification-needed-groovy verification-needed-xenial verification-done verification-done-bionic verification-done-focal verification-done-groovy verification-done-xenial
2020-11-26 10:10:26 Łukasz Zemczak removed subscriber Ubuntu Stable Release Updates Team
2020-11-26 10:13:23 Launchpad Janitor ec2-instance-connect (Ubuntu Focal): status Fix Committed Fix Released
2020-11-26 10:15:24 Launchpad Janitor ec2-instance-connect (Ubuntu Bionic): status Fix Committed Fix Released
2020-11-26 10:16:07 Launchpad Janitor ec2-instance-connect (Ubuntu Xenial): status Fix Committed Fix Released
2020-11-26 10:20:31 Launchpad Janitor ec2-instance-connect (Ubuntu Groovy): status Fix Committed Fix Released