## eg '== GNU C Library buffer overflow in __nss_hostname_digits_dots() (CVE-2015-0235 aka GHOST) =='
== <UPSTREAM NAME> <VULNERABILITY TYPE> in <CODE SECTION> (CVE-YYYY-NNNN [aka <NAME IN MEDIA>]) ==

## Description. Should contain a high level description and optional low level description along with how the vulnerability can be exploited and the result of exploitation
It was [[<PUBLIC URL> | discovered]] that .... An attacker could use this issue to ..., resulting in ....

## Versions section should include:
## - version fixed in upstream
## - version first introduced in upstream (if applicable)
## - version fixed in Ubuntu
## - reference to the USN
This issue was fixed in <UPSTREAM NAME> in <UPSTREAM VERSION>. Ubuntu <LIST OF UBUNTU VERSIONS> were affected. To address the issue, ensure that [[https://launchpad.net/ubuntu/+source/<source>/<version>|<source> <version>]] (Ubuntu <UBUNTU RELEASE>)... is/are installed. These updates were announced in [[http://www.ubuntu.com/usn/<USN>|USN XXX-N]].

## Timeline. Should include at a minimum:
## - when Ubuntu was notified
## - when USN was issued

==== Timeline ====
 * YYYY MMM DD: <RECEIVED NOTIFICATION OF ISSUE>
 * YYYY MMM DD: <ISSUE BECAME PUBLIC>
 * YYYY MMM DD: <UPDATED UBUNTU DEBS BECAME AVAILABLE>
 * YYYY MMM DD: <UPDATED UBUNTU CLOUD IMAGES BECAME AVAILABLE>

## <INCLUDE THIS SECTION IF NEW PUBLIC RELEASES FOR CLOUD IMAGES ARE NEEDED>
==== Public Cloud Image updates ====
 * Amazon AWS: <IN PROGRESS>
 * Windows Azure: <IN PROGRESS>
 * Google Compute Engine:  <IN PROGRESS>
 * Ubuntu Core Images: <IN PROGRESS>

Cloud Images dailies will start appearing within 4 hours of the USN announcement. At the direction of the security team, the Cloud Image Team will start manually releasing new images to the public cloud. 

----
CategoryTemplate