{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "libgraphite2-3:armhf", "libharfbuzz0b:armhf", "libjs-sphinxdoc", "linux-headers-6.18.0-8", "linux-headers-6.18.0-8-generic", "linux-image-6.18.0-8-generic", "linux-modules-6.18.0-8-generic", "linux-tools-6.18.0-8", "linux-tools-6.18.0-8-generic" ], "removed": [ "linux-headers-6.17.0-8", "linux-headers-6.17.0-8-generic", "linux-image-6.17.0-8-generic", "linux-modules-6.17.0-8-generic", "linux-tools-6.17.0-8", "linux-tools-6.17.0-8-generic" ], "diff": [ "bash-completion", "bpftool", "cpio", "dhcpcd-base", "distro-info-data", "ed", "exfatprogs", "fuse3", "fwupd", "gcc-15-base:armhf", "gir1.2-girepository-3.0:armhf", "gir1.2-glib-2.0:armhf", "iso-codes", "kpartx", "libatomic1:armhf", "libclang-cpp21", "libclang1-20", "libedit2:armhf", "libfreetype6:armhf", "libfribidi0:armhf", "libftdi1-2:armhf", "libfuse3-4:armhf", "libfwupd3:armhf", "libgcc-s1:armhf", "libgirepository-2.0-0:armhf", "libglib2.0-0t64:armhf", "libglib2.0-bin", "libglib2.0-data", "libicu78:armhf", "libjemalloc2:armhf", "libllvm20:armhf", "libllvm21:armhf", "liblzma5:armhf", "libmpathcmd0", "libmpathpersist0", "libmultipath0", "libncurses6:armhf", "libncursesw6:armhf", "libnss3:armhf", "libnvme1t64", "libpng16-16t64:armhf", "libpolkit-agent-1-0:armhf", "libpolkit-gobject-1-0:armhf", "libqmi-glib5:armhf", "libqmi-proxy", "libqmi-utils", "libsodium23:armhf", "libstdc++6:armhf", "libtinfo6:armhf", "libxdmcp6:armhf", "libxmuu1:armhf", "linux-headers-generic", "linux-headers-virtual", "linux-image-virtual", "linux-libc-dev:armhf", "linux-tools-common", "linux-virtual", "lsb-release", "manpages", "manpages-dev", "mawk", "media-types", "multipath-tools", "ncurses-base", "ncurses-bin", "ncurses-term", "pci.ids", "polkitd", "python3-attr", "python3-autocommand", "python3-bcrypt", "python3-blinker", "python3-boto3", "python3-botocore", "python3-certifi", "python3-dateutil", "python3-hamcrest", "python3-inflect", "python3-jwt", "python3-lazr.uri", "python3-oauthlib", "python3-packaging", "python3-passlib", "python3-pexpect", "python3-pyparsing", "python3-s3transfer", "python3-six", "python3-software-properties", "python3-twisted", "python3-typeguard", "python3-typing-extensions", "python3-yaml", "python3-zipp", "python3-zope.interface", "sensible-utils", "software-properties-common", "tzdata", "u-boot-tools", "ubuntu-kernel-accessories", "ubuntu-minimal", "ubuntu-server", "ubuntu-standard", "xz-utils" ] } }, "diff": { "deb": [ { "name": "bash-completion", "from_version": { "source_package_name": "bash-completion", "source_package_version": "1:2.16.0-8", "version": "1:2.16.0-8" }, "to_version": { "source_package_name": "bash-completion", "source_package_version": "1:2.16.0-8build1", "version": "1:2.16.0-8build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "bash-completion", "version": "1:2.16.0-8build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:38:56 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "bpftool", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "7.7.0+6.17.0-8.8" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "7.7.0+6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "cpio", "from_version": { "source_package_name": "cpio", "source_package_version": "2.15+dfsg-2ubuntu1", "version": "2.15+dfsg-2ubuntu1" }, "to_version": { "source_package_name": "cpio", "source_package_version": "2.15+dfsg-2.1", "version": "2.15+dfsg-2.1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Non-maintainer upload.", " * Apply upstream patch to fix FTBFS with gcc-15. (Closes: #1096467)", "" ], "package": "cpio", "version": "2.15+dfsg-2.1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Sun, 21 Dec 2025 13:24:40 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "dhcpcd-base", "from_version": { "source_package_name": "dhcpcd", "source_package_version": "1:10.3.0-2", "version": "1:10.3.0-2" }, "to_version": { "source_package_name": "dhcpcd", "source_package_version": "1:10.3.0-3", "version": "1:10.3.0-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * [control]", " = Simplify bin:dhcpcd's long description (Closes: #1121452).", " * [patches]", " + Uncomment 'ntp_servers' in dhcpcd.conf (Closes: #1123962).", "" ], "package": "dhcpcd", "version": "1:10.3.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Martin-Éric Racine ", "date": "Thu, 25 Dec 2025 11:16:42 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "distro-info-data", "from_version": { "source_package_name": "distro-info-data", "source_package_version": "0.68", "version": "0.68" }, "to_version": { "source_package_name": "distro-info-data", "source_package_version": "0.68build1", "version": "0.68build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "distro-info-data", "version": "0.68build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:39:48 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ed", "from_version": { "source_package_name": "ed", "source_package_version": "1.22.2-1", "version": "1.22.2-1" }, "to_version": { "source_package_name": "ed", "source_package_version": "1.22.3-1", "version": "1.22.3-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 1.22.3", " * d/control: Declare Standards-Version 4.7.3 (no changes needed)", " * d/control: Drop Priority field", " * d/control: Drop Rules-Requires-Root: no", " * d/copyright: Bump copyright years", "" ], "package": "ed", "version": "1.22.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Lev Lamberov ", "date": "Thu, 01 Jan 2026 22:35:09 +0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "exfatprogs", "from_version": { "source_package_name": "exfatprogs", "source_package_version": "1.3.0-1", "version": "1.3.0-1" }, "to_version": { "source_package_name": "exfatprogs", "source_package_version": "1.3.1-1", "version": "1.3.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", " Disables building of defrag utility due to reported data loss.", " * d/control: Remove the defrag utility from the description.", "" ], "package": "exfatprogs", "version": "1.3.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Hoexter ", "date": "Tue, 16 Dec 2025 13:39:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "fuse3", "from_version": { "source_package_name": "fuse3", "source_package_version": "3.17.4-1", "version": "3.17.4-1" }, "to_version": { "source_package_name": "fuse3", "source_package_version": "3.18.1-1", "version": "3.18.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", " * Update library symbols for this release.", "" ], "package": "fuse3", "version": "3.18.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Sun, 21 Dec 2025 18:06:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "fwupd", "from_version": { "source_package_name": "fwupd", "source_package_version": "2.0.18-1", "version": "2.0.18-1" }, "to_version": { "source_package_name": "fwupd", "source_package_version": "2.0.19-1", "version": "2.0.19-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version (2.0.19)", "" ], "package": "fwupd", "version": "2.0.19-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Sat, 20 Dec 2025 22:13:58 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "gcc-15-base:armhf", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-girepository-3.0:armhf", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-glib-2.0:armhf", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "iso-codes", "from_version": { "source_package_name": "iso-codes", "source_package_version": "4.19.0-1", "version": "4.19.0-1" }, "to_version": { "source_package_name": "iso-codes", "source_package_version": "4.20.1-1", "version": "4.20.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 4.20.1", " * Remove Priority: optional from d/control", " * Update Standards-Version to 4.7.3", " * Update d/copyright", " * Use wrap-and-sort -astkb", " * Add meson to Build-Depends-Indep", "" ], "package": "iso-codes", "version": "4.20.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Dr. Tobias Quathamer ", "date": "Thu, 01 Jan 2026 22:38:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "kpartx", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libatomic1:armhf", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libclang-cpp21", "from_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.6-3ubuntu1", "version": "1:21.1.6-3ubuntu1" }, "to_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.7-1ubuntu2", "version": "1:21.1.7-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild against new OCAML ABIs.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Wed, 10 Dec 2025 15:19:27 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Regenerate the control file.", " - Use RVA23U64 profile in clang (LP #2116086).", " - d/rules: Remove i386 from CLANG_GRPC_ARCHS (not built on i386).", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 11:15:55 +0100" }, { "cves": [], "log": [ "", " * LLVM 21.1.7 release.", "", " * Update symbols files for hurd-amd64.", " * clang-21-tools, llvm-21-tools: Use dh_python3 substvars.", " * liblldb-21: Move the .so symlink to the liblldb-21-dev package.", " * Add myself as uploader for 21.", " * d/rules: Remove unnecessary use of the CURDIR macro.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 22:34:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libclang1-20", "from_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu2", "version": "1:20.1.8-2ubuntu2" }, "to_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu4", "version": "1:20.1.8-2ubuntu4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild against new OCAML ABIs.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Wed, 10 Dec 2025 15:22:31 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian, remaining changes:", " - d/p/series: Apply the ubuntu-clang-use-RVA23U64-profile patch.", " - Regenerate the control file.", " - Again, stop building packages built by LLVM 21.", " * Adjust breaks/replaces for clang-scan-deps move. Addresses: #1121175.", " * Clarify the libunwind package descriptions, that it is not compatible", " with glibc.", " * Fix syntax for OR-ed build profiles.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 14:05:03 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libedit2:armhf", "from_version": { "source_package_name": "libedit", "source_package_version": "3.1-20250104-1build1", "version": "3.1-20250104-1build1" }, "to_version": { "source_package_name": "libedit", "source_package_version": "3.1-20251016-1", "version": "3.1-20251016-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to include updated RISC-V base ISA RVA23", "" ], "package": "libedit", "version": "3.1-20250104-1build1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Heinrich Schuchardt ", "date": "Fri, 05 Sep 2025 17:32:20 +0000" } ], "notes": null, "is_version_downgrade": true }, { "name": "libfreetype6:armhf", "from_version": { "source_package_name": "freetype", "source_package_version": "2.13.3+dfsg-1build1", "version": "2.13.3+dfsg-1build1" }, "to_version": { "source_package_name": "freetype", "source_package_version": "2.14.1+dfsg-1", "version": "2.14.1+dfsg-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 2.14.1:", " - Enable dynamic loading of the HarfBuzz library, avoiding the", " well-known circular dependency problem.", " * debian/control:", " - Raise Standards-Version to 4.7.3, removing the Priority field.", " - Build-Depend on libharfbuzz-dev.", " - Drop Rules-Requires-Root (no longer needed).", " - libfreetype-dev: Depend on libharfbuzz-dev.", " * debian/copyright:", " - Update for FreeType 2.14.0.", " - Update for 2025.", " - Fix whitespace formatting.", " * debian/patches: Refresh ftoption.patch.", " * debian/rules: Enable linking with HarfBuzz.", " * debian/tests/libfreetype-dev: Disable static autopkgtest.", " * debian/watch: Convert to Version 5 format.", "" ], "package": "freetype", "version": "2.14.1+dfsg-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Hugh McMaster ", "date": "Fri, 26 Dec 2025 21:52:18 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfribidi0:armhf", "from_version": { "source_package_name": "fribidi", "source_package_version": "1.0.16-4", "version": "1.0.16-4" }, "to_version": { "source_package_name": "fribidi", "source_package_version": "1.0.16-5", "version": "1.0.16-5" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * d/p/generate_man1.patch: Build manpage verbosely.", " Thanks to Helmut Grohne ", " * d/rules: run help2man on a native build pass.", " Thanks to Helmut Grohne ", "" ], "package": "fribidi", "version": "1.0.16-5", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Mon, 15 Dec 2025 02:09:51 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libftdi1-2:armhf", "from_version": { "source_package_name": "libftdi1", "source_package_version": "1.5-12", "version": "1.5-12" }, "to_version": { "source_package_name": "libftdi1", "source_package_version": "1.6~rc1-1", "version": "1.6~rc1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release candidate", " * Remove all patches, all merged upstream", " * Update symbols file", " * Update libftdipp1 symbols file to catch an architecture specific", " internal c++ symbol", " * Update debian/copyright", " * Update debian/watch to version 5", " * Stop forcing CMAKE_POLICY_VERSION_MINIMUM, new upstream version is", " compatible with CMake 4", " * debian/control: drop Rules-Requires-Root field, now obsolete", " * debian/control: drop Priority field, optional is now the default", " * Bump Standards-Version to 4.7.3 (no changes)", "" ], "package": "libftdi1", "version": "1.6~rc1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Sat, 03 Jan 2026 13:52:23 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfuse3-4:armhf", "from_version": { "source_package_name": "fuse3", "source_package_version": "3.17.4-1", "version": "3.17.4-1" }, "to_version": { "source_package_name": "fuse3", "source_package_version": "3.18.1-1", "version": "3.18.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", " * Update library symbols for this release.", "" ], "package": "fuse3", "version": "3.18.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Sun, 21 Dec 2025 18:06:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfwupd3:armhf", "from_version": { "source_package_name": "fwupd", "source_package_version": "2.0.18-1", "version": "2.0.18-1" }, "to_version": { "source_package_name": "fwupd", "source_package_version": "2.0.19-1", "version": "2.0.19-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version (2.0.19)", "" ], "package": "fwupd", "version": "2.0.19-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Sat, 20 Dec 2025 22:13:58 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgcc-s1:armhf", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgirepository-2.0-0:armhf", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-0t64:armhf", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-bin", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-data", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libicu78:armhf", "from_version": { "source_package_name": "icu", "source_package_version": "78.1-1ubuntu1", "version": "78.1-1ubuntu1" }, "to_version": { "source_package_name": "icu", "source_package_version": "78.1-2ubuntu2", "version": "78.1-2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Cherry-pick ICU-23252.patch and ICU-23278.patch", " from 78.1 branch, to fix nodejs build failures", " https://github.com/nodejs/node/pull/60523", "" ], "package": "icu", "version": "78.1-2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Mon, 15 Dec 2025 17:12:36 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - d/p/disable-precision-fpmath-tests-on-i386.patch: add a patch to disable", " precision checking tests on i386 where an imprecise FPU hardware is used", "" ], "package": "icu", "version": "78.1-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Mon, 15 Dec 2025 10:05:26 +0100" }, { "cves": [], "log": [ "", " * Backport fix for ICU-23261: correctly propagate errors to the caller.", " * Update watch file.", "" ], "package": "icu", "version": "78.1-2", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Mon, 08 Dec 2025 16:14:04 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libjemalloc2:armhf", "from_version": { "source_package_name": "jemalloc", "source_package_version": "5.3.0-3build1", "version": "5.3.0-3build1" }, "to_version": { "source_package_name": "jemalloc", "source_package_version": "5.3.0-4", "version": "5.3.0-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Do not assume altivec on powerpc. (Closes: #1105139)", " * Remove kfreebsd-* from debian/rules, as these ports have long been dead", " and removed fromd Debian ports.", " * Update debian/watch to version 5.", " * Remove Priority: optional, as this is the dpkg default nowadays.", " * Bump Standards-Version to 4.7.3, no further changes needed.", "" ], "package": "jemalloc", "version": "5.3.0-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Faidon Liambotis ", "date": "Fri, 02 Jan 2026 13:34:30 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libllvm20:armhf", "from_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu2", "version": "1:20.1.8-2ubuntu2" }, "to_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu4", "version": "1:20.1.8-2ubuntu4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild against new OCAML ABIs.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Wed, 10 Dec 2025 15:22:31 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian, remaining changes:", " - d/p/series: Apply the ubuntu-clang-use-RVA23U64-profile patch.", " - Regenerate the control file.", " - Again, stop building packages built by LLVM 21.", " * Adjust breaks/replaces for clang-scan-deps move. Addresses: #1121175.", " * Clarify the libunwind package descriptions, that it is not compatible", " with glibc.", " * Fix syntax for OR-ed build profiles.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 14:05:03 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libllvm21:armhf", "from_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.6-3ubuntu1", "version": "1:21.1.6-3ubuntu1" }, "to_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.7-1ubuntu2", "version": "1:21.1.7-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild against new OCAML ABIs.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Wed, 10 Dec 2025 15:19:27 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Regenerate the control file.", " - Use RVA23U64 profile in clang (LP #2116086).", " - d/rules: Remove i386 from CLANG_GRPC_ARCHS (not built on i386).", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 11:15:55 +0100" }, { "cves": [], "log": [ "", " * LLVM 21.1.7 release.", "", " * Update symbols files for hurd-amd64.", " * clang-21-tools, llvm-21-tools: Use dh_python3 substvars.", " * liblldb-21: Move the .so symlink to the liblldb-21-dev package.", " * Add myself as uploader for 21.", " * d/rules: Remove unnecessary use of the CURDIR macro.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 22:34:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "liblzma5:armhf", "from_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.1-2", "version": "5.8.1-2" }, "to_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.2-1", "version": "5.8.2-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Import 5.8.2", " - Add a workaround for Red Hat Enterprise Linux 9 kernel bug", " (Closes: #1121085).", "" ], "package": "xz-utils", "version": "5.8.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sebastian Andrzej Siewior ", "date": "Fri, 26 Dec 2025 19:52:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmpathcmd0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmpathpersist0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmultipath0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libncurses6:armhf", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libncursesw6:armhf", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnss3:armhf", "from_version": { "source_package_name": "nss", "source_package_version": "2:3.117-1", "version": "2:3.117-1" }, "to_version": { "source_package_name": "nss", "source_package_version": "2:3.119-1", "version": "2:3.119-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", "" ], "package": "nss", "version": "2:3.119-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mike Hommey ", "date": "Wed, 10 Dec 2025 09:23:00 +0900" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnvme1t64", "from_version": { "source_package_name": "libnvme", "source_package_version": "1.16.1-1", "version": "1.16.1-1" }, "to_version": { "source_package_name": "libnvme", "source_package_version": "1.16.1-2", "version": "1.16.1-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fixing FTCBFS by multiarchify Python build-depends and exporting cross", " sysconfig name, thanks to Helmut Grohne (Closes:", " #1123695).", "" ], "package": "libnvme", "version": "1.16.1-2", "urgency": "medium", "distributions": "sid", "launchpad_bugs_fixed": [], "author": "Daniel Baumann ", "date": "Sat, 20 Dec 2025 04:19:31 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpng16-16t64:armhf", "from_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.51-1", "version": "1.6.51-1" }, "to_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.53-1", "version": "1.6.53-1" }, "cves": [ { "cve": "CVE-2025-66293", "url": "https://ubuntu.com/security/CVE-2025-66293", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.", "cve_priority": "medium", "cve_public_date": "2025-12-03 21:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 1.6.53.", "" ], "package": "libpng1.6", "version": "1.6.53-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Tobias Frost ", "date": "Sun, 07 Dec 2025 11:32:41 +0100" }, { "cves": [ { "cve": "CVE-2025-66293", "url": "https://ubuntu.com/security/CVE-2025-66293", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.", "cve_priority": "medium", "cve_public_date": "2025-12-03 21:15:00 UTC" } ], "log": [ "", " * New upstream versoin 1.6.52", " - CVE-2025-66293 - Out of bound read (Closes: #1121877)", "" ], "package": "libpng1.6", "version": "1.6.52-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Tobias Frost ", "date": "Thu, 04 Dec 2025 06:24:43 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpolkit-agent-1-0:armhf", "from_version": { "source_package_name": "policykit-1", "source_package_version": "126-2", "version": "126-2" }, "to_version": { "source_package_name": "policykit-1", "source_package_version": "127-1", "version": "127-1" }, "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "log": [ "", " [ Michael Biebl ]", " * Drop debian/clean", "", " [ Simon McVittie ]", " * d/control: Mark gir1.2-polkit-1.0 as Multi-Arch: same", " * d/control: Mark -dev packages as Multi-Arch: same", " * d/control: Use dpkg-build-api v1 instead of Rules-Requires-Root", " * Standards-Version: 4.7.2 (no changes required)", " * d/salsa-ci.yml: Use recommended recipe", "", " [ Luca Boccassi ]", " * Update upstream source from tag 'upstream/127'", " (Closes: #1109334, #1119670, #1094078, #1110748)", " (CVE-2025-7519)", " * Add build dependency on mount for unit tests", " * Install new polkitd.conf and manpage", " * polkitd: start polkit-agent-helper.socket on install/upgrade", " * polkitd: drop postinst workarounds for pre-bookworm", " * polkitd: drop adduser and rely exclusively on sd-sysusers", " * polkitd: do not change perms of /etc/polkit-1/rules.d in postinst and", " rely on tmpfiles.d", " * polkitd: do not set SUID on polkit-agent-helper-1 under systemd", " * Update symbols file for v127", "" ], "package": "policykit-1", "version": "127-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Luca Boccassi ", "date": "Wed, 17 Dec 2025 18:35:00 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpolkit-gobject-1-0:armhf", "from_version": { "source_package_name": "policykit-1", "source_package_version": "126-2", "version": "126-2" }, "to_version": { "source_package_name": "policykit-1", "source_package_version": "127-1", "version": "127-1" }, "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "log": [ "", " [ Michael Biebl ]", " * Drop debian/clean", "", " [ Simon McVittie ]", " * d/control: Mark gir1.2-polkit-1.0 as Multi-Arch: same", " * d/control: Mark -dev packages as Multi-Arch: same", " * d/control: Use dpkg-build-api v1 instead of Rules-Requires-Root", " * Standards-Version: 4.7.2 (no changes required)", " * d/salsa-ci.yml: Use recommended recipe", "", " [ Luca Boccassi ]", " * Update upstream source from tag 'upstream/127'", " (Closes: #1109334, #1119670, #1094078, #1110748)", " (CVE-2025-7519)", " * Add build dependency on mount for unit tests", " * Install new polkitd.conf and manpage", " * polkitd: start polkit-agent-helper.socket on install/upgrade", " * polkitd: drop postinst workarounds for pre-bookworm", " * polkitd: drop adduser and rely exclusively on sd-sysusers", " * polkitd: do not change perms of /etc/polkit-1/rules.d in postinst and", " rely on tmpfiles.d", " * polkitd: do not set SUID on polkit-agent-helper-1 under systemd", " * Update symbols file for v127", "" ], "package": "policykit-1", "version": "127-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Luca Boccassi ", "date": "Wed, 17 Dec 2025 18:35:00 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libqmi-glib5:armhf", "from_version": { "source_package_name": "libqmi", "source_package_version": "1.36.0-2", "version": "1.36.0-2" }, "to_version": { "source_package_name": "libqmi", "source_package_version": "1.37.95-1", "version": "1.37.95-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118881)", " * d/copyright: drop reference to old FSF address.", " Replace it with the usual link to http://www.gnu.org/licenses/.", "" ], "package": "libqmi", "version": "1.36.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:13 +0100" } ], "notes": null, "is_version_downgrade": true }, { "name": "libqmi-proxy", "from_version": { "source_package_name": "libqmi", "source_package_version": "1.36.0-2", "version": "1.36.0-2" }, "to_version": { "source_package_name": "libqmi", "source_package_version": "1.37.95-1", "version": "1.37.95-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118881)", " * d/copyright: drop reference to old FSF address.", " Replace it with the usual link to http://www.gnu.org/licenses/.", "" ], "package": "libqmi", "version": "1.36.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:13 +0100" } ], "notes": null, "is_version_downgrade": true }, { "name": "libqmi-utils", "from_version": { "source_package_name": "libqmi", "source_package_version": "1.36.0-2", "version": "1.36.0-2" }, "to_version": { "source_package_name": "libqmi", "source_package_version": "1.37.95-1", "version": "1.37.95-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118881)", " * d/copyright: drop reference to old FSF address.", " Replace it with the usual link to http://www.gnu.org/licenses/.", "" ], "package": "libqmi", "version": "1.36.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:13 +0100" } ], "notes": null, "is_version_downgrade": true }, { "name": "libsodium23:armhf", "from_version": { "source_package_name": "libsodium", "source_package_version": "1.0.18-1build4", "version": "1.0.18-1build4" }, "to_version": { "source_package_name": "libsodium", "source_package_version": "1.0.18-2", "version": "1.0.18-2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libsodium", "version": "1.0.18-1build4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 13:46:42 +0100" }, { "cves": [], "log": [ "", " * No change rebuild for 64-bit time_t and frame pointers.", "" ], "package": "libsodium", "version": "1.0.18-1build3", "urgency": "high", "distributions": "noble", "launchpad_bugs_fixed": [], "author": "Julian Andres Klode ", "date": "Mon, 08 Apr 2024 18:07:25 +0200" }, { "cves": [], "log": [ "", " * No change rebuild for ppc64el baseline bump.", "" ], "package": "libsodium", "version": "1.0.18-1build2", "urgency": "high", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Julian Andres Klode ", "date": "Thu, 24 Mar 2022 17:13:48 +0100" }, { "cves": [], "log": [ "", " * No-change rebuild to build packages with zstd compression.", "" ], "package": "libsodium", "version": "1.0.18-1build1", "urgency": "medium", "distributions": "impish", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Thu, 07 Oct 2021 12:18:21 +0200" } ], "notes": null, "is_version_downgrade": true }, { "name": "libstdc++6:armhf", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtinfo6:armhf", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libxdmcp6:armhf", "from_version": { "source_package_name": "libxdmcp", "source_package_version": "1:1.1.5-1build1", "version": "1:1.1.5-1build1" }, "to_version": { "source_package_name": "libxdmcp", "source_package_version": "1:1.1.5-2", "version": "1:1.1.5-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload", "", " [ Dylan Aïssi ]", " * debian/copyright: Convert to machine-readable format", "", " [ Jeremy Bícha ]", " * Use Build-Depends: lynx instead of w3m", " * Add debian/gbp.conf", " * Bump debhelper-compat to 13", "" ], "package": "libxdmcp", "version": "1:1.1.5-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 23 Dec 2025 20:39:07 -0500" }, { "cves": [], "log": [ "", " * Non-maintainer upload.", " * Drop unnecessary Build-Depends: w3m. (closes: #1123915)", "" ], "package": "libxdmcp", "version": "1:1.1.5-1.1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Bastian Germann ", "date": "Wed, 24 Dec 2025 00:22:02 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libxmuu1:armhf", "from_version": { "source_package_name": "libxmu", "source_package_version": "2:1.1.3-3build3", "version": "2:1.1.3-3build3" }, "to_version": { "source_package_name": "libxmu", "source_package_version": "2:1.1.3-4", "version": "2:1.1.3-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload", "", " [ Debian Janitor ]", " * Remove constraints unnecessary since buster (oldstable):", " + Build-Depends: Drop versioned constraint on libx11-dev, libxext-dev,", " libxt-dev, xorg-sgml-doctools and xutils-dev.", " * Use secure URI in debian/watch", " * Update standards version to 4.7.3", " * Opportunistically check upstream PGP signatures", "", " [ Emilio Pozuelo Monfort ]", " * Move doc build-deps to Build-Depends-Indep. Thanks Samuel Thibault.", " Closes: #1055368.", "", " [ Jeremy Bícha ]", " * Add debian/gbp.conf", "" ], "package": "libxmu", "version": "2:1.1.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 24 Dec 2025 19:51:25 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-generic", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 1786013, 1786013, 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.18.0-8.8", "" ], "package": "linux-meta", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:30 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-7.7", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", "", " * Miscellaneous Ubuntu changes", " - [packaging] rename to linux-meta", "" ], "package": "linux-meta", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:28:41 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-6.6", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:53:24 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-5.5", "" ], "package": "linux-meta-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:24:31 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-4.4", "" ], "package": "linux-meta-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 13:08:42 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-3.3", "" ], "package": "linux-meta-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:16:21 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-2.2", "" ], "package": "linux-meta-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:43:07 +0200" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-1.1", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", " - [Packaging] update variants", "", " * Miscellaneous Ubuntu changes", " - move to 6.18", " - move to resolute", "" ], "package": "linux-meta-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 10:42:36 +0200" }, { "cves": [], "log": [ "", " * Empty entry", "" ], "package": "linux-meta-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 15 Oct 2025 11:55:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 1786013, 1786013, 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.18.0-8.8", "" ], "package": "linux-meta", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:30 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-7.7", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", "", " * Miscellaneous Ubuntu changes", " - [packaging] rename to linux-meta", "" ], "package": "linux-meta", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:28:41 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-6.6", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:53:24 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-5.5", "" ], "package": "linux-meta-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:24:31 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-4.4", "" ], "package": "linux-meta-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 13:08:42 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-3.3", "" ], "package": "linux-meta-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:16:21 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-2.2", "" ], "package": "linux-meta-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:43:07 +0200" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-1.1", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", " - [Packaging] update variants", "", " * Miscellaneous Ubuntu changes", " - move to 6.18", " - move to resolute", "" ], "package": "linux-meta-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 10:42:36 +0200" }, { "cves": [], "log": [ "", " * Empty entry", "" ], "package": "linux-meta-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 15 Oct 2025 11:55:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 1786013, 1786013, 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.18.0-8.8", "" ], "package": "linux-meta", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:30 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-7.7", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", "", " * Miscellaneous Ubuntu changes", " - [packaging] rename to linux-meta", "" ], "package": "linux-meta", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:28:41 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-6.6", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:53:24 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-5.5", "" ], "package": "linux-meta-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:24:31 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-4.4", "" ], "package": "linux-meta-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 13:08:42 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-3.3", "" ], "package": "linux-meta-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:16:21 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-2.2", "" ], "package": "linux-meta-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:43:07 +0200" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-1.1", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", " - [Packaging] update variants", "", " * Miscellaneous Ubuntu changes", " - move to 6.18", " - move to resolute", "" ], "package": "linux-meta-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 10:42:36 +0200" }, { "cves": [], "log": [ "", " * Empty entry", "" ], "package": "linux-meta-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 15 Oct 2025 11:55:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-libc-dev:armhf", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-common", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 1786013, 1786013, 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.18.0-8.8", "" ], "package": "linux-meta", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:30 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-7.7", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", "", " * Miscellaneous Ubuntu changes", " - [packaging] rename to linux-meta", "" ], "package": "linux-meta", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:28:41 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-6.6", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:53:24 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-5.5", "" ], "package": "linux-meta-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:24:31 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-4.4", "" ], "package": "linux-meta-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 13:08:42 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-3.3", "" ], "package": "linux-meta-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:16:21 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-2.2", "" ], "package": "linux-meta-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:43:07 +0200" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-1.1", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", " - [Packaging] update variants", "", " * Miscellaneous Ubuntu changes", " - move to 6.18", " - move to resolute", "" ], "package": "linux-meta-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 10:42:36 +0200" }, { "cves": [], "log": [ "", " * Empty entry", "" ], "package": "linux-meta-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 15 Oct 2025 11:55:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "lsb-release", "from_version": { "source_package_name": "lsb-release-minimal", "source_package_version": "12.1-2", "version": "12.1-2" }, "to_version": { "source_package_name": "lsb-release-minimal", "source_package_version": "12.1-2build1", "version": "12.1-2build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "lsb-release-minimal", "version": "12.1-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:47:11 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "manpages", "from_version": { "source_package_name": "manpages", "source_package_version": "6.16-1", "version": "6.16-1" }, "to_version": { "source_package_name": "manpages", "source_package_version": "6.16-1build1", "version": "6.16-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "manpages", "version": "6.16-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:47:53 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "manpages-dev", "from_version": { "source_package_name": "manpages", "source_package_version": "6.16-1", "version": "6.16-1" }, "to_version": { "source_package_name": "manpages", "source_package_version": "6.16-1build1", "version": "6.16-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "manpages", "version": "6.16-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:47:53 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "mawk", "from_version": { "source_package_name": "mawk", "source_package_version": "1.3.4.20250131-1build1", "version": "1.3.4.20250131-1build1" }, "to_version": { "source_package_name": "mawk", "source_package_version": "1.3.4.20250131-2", "version": "1.3.4.20250131-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * debian/watch: Update to version 5.", " * debian/upstream/metadata: Add fields for bug tracker and documentation.", " * debian/control: Bump Standards-Version to 4.7.2.", "" ], "package": "mawk", "version": "1.3.4.20250131-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Boyuan Yang ", "date": "Sun, 21 Dec 2025 10:20:03 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "media-types", "from_version": { "source_package_name": "media-types", "source_package_version": "14.0.0", "version": "14.0.0" }, "to_version": { "source_package_name": "media-types", "source_package_version": "14.0.0build1", "version": "14.0.0build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "media-types", "version": "14.0.0build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:48:01 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "multipath-tools", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-base", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-bin", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-term", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "pci.ids", "from_version": { "source_package_name": "pci.ids", "source_package_version": "0.0~2025.11.04-1", "version": "0.0~2025.11.04-1" }, "to_version": { "source_package_name": "pci.ids", "source_package_version": "0.0~2025.12.16-1", "version": "0.0~2025.12.16-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", "" ], "package": "pci.ids", "version": "0.0~2025.12.16-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Wed, 17 Dec 2025 04:12:46 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "polkitd", "from_version": { "source_package_name": "policykit-1", "source_package_version": "126-2", "version": "126-2" }, "to_version": { "source_package_name": "policykit-1", "source_package_version": "127-1", "version": "127-1" }, "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "log": [ "", " [ Michael Biebl ]", " * Drop debian/clean", "", " [ Simon McVittie ]", " * d/control: Mark gir1.2-polkit-1.0 as Multi-Arch: same", " * d/control: Mark -dev packages as Multi-Arch: same", " * d/control: Use dpkg-build-api v1 instead of Rules-Requires-Root", " * Standards-Version: 4.7.2 (no changes required)", " * d/salsa-ci.yml: Use recommended recipe", "", " [ Luca Boccassi ]", " * Update upstream source from tag 'upstream/127'", " (Closes: #1109334, #1119670, #1094078, #1110748)", " (CVE-2025-7519)", " * Add build dependency on mount for unit tests", " * Install new polkitd.conf and manpage", " * polkitd: start polkit-agent-helper.socket on install/upgrade", " * polkitd: drop postinst workarounds for pre-bookworm", " * polkitd: drop adduser and rely exclusively on sd-sysusers", " * polkitd: do not change perms of /etc/polkit-1/rules.d in postinst and", " rely on tmpfiles.d", " * polkitd: do not set SUID on polkit-agent-helper-1 under systemd", " * Update symbols file for v127", "" ], "package": "policykit-1", "version": "127-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Luca Boccassi ", "date": "Wed, 17 Dec 2025 18:35:00 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-attr", "from_version": { "source_package_name": "python-attrs", "source_package_version": "25.4.0-1", "version": "25.4.0-1" }, "to_version": { "source_package_name": "python-attrs", "source_package_version": "25.4.0-1build1", "version": "25.4.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-attrs", "version": "25.4.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:20 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-autocommand", "from_version": { "source_package_name": "python-autocommand", "source_package_version": "2.2.2-3", "version": "2.2.2-3" }, "to_version": { "source_package_name": "python-autocommand", "source_package_version": "2.2.2-4", "version": "2.2.2-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Patches: fix tests for Python 3.14. (Closes: #1123196)", "" ], "package": "python-autocommand", "version": "2.2.2-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeroen Ploemen ", "date": "Wed, 17 Dec 2025 10:35:26 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-bcrypt", "from_version": { "source_package_name": "python-bcrypt", "source_package_version": "5.0.0-2", "version": "5.0.0-2" }, "to_version": { "source_package_name": "python-bcrypt", "source_package_version": "5.0.0-3", "version": "5.0.0-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Breaks: python3-passlib (<< 1.9.3-1~) (closes: #1122147).", "" ], "package": "python-bcrypt", "version": "5.0.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 08 Dec 2025 17:17:36 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-blinker", "from_version": { "source_package_name": "blinker", "source_package_version": "1.9.0-2", "version": "1.9.0-2" }, "to_version": { "source_package_name": "blinker", "source_package_version": "1.9.0-2build1", "version": "1.9.0-2build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "blinker", "version": "1.9.0-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:39:10 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-boto3", "from_version": { "source_package_name": "python-boto3", "source_package_version": "1.40.72-1", "version": "1.40.72-1" }, "to_version": { "source_package_name": "python-boto3", "source_package_version": "1.40.72-1build1", "version": "1.40.72-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-boto3", "version": "1.40.72-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:30 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-botocore", "from_version": { "source_package_name": "python-botocore", "source_package_version": "1.40.72+repack-1", "version": "1.40.72+repack-1" }, "to_version": { "source_package_name": "python-botocore", "source_package_version": "1.40.72+repack-1build1", "version": "1.40.72+repack-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-botocore", "version": "1.40.72+repack-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:38 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-certifi", "from_version": { "source_package_name": "python-certifi", "source_package_version": "2025.11.12+ds-1", "version": "2025.11.12+ds-1" }, "to_version": { "source_package_name": "python-certifi", "source_package_version": "2025.11.12+ds-1build1", "version": "2025.11.12+ds-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-certifi", "version": "2025.11.12+ds-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:46 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-dateutil", "from_version": { "source_package_name": "python-dateutil", "source_package_version": "2.9.0-4", "version": "2.9.0-4" }, "to_version": { "source_package_name": "python-dateutil", "source_package_version": "2.9.0-4build1", "version": "2.9.0-4build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-dateutil", "version": "2.9.0-4build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:52:12 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-hamcrest", "from_version": { "source_package_name": "pyhamcrest", "source_package_version": "2.1.0-1", "version": "2.1.0-1" }, "to_version": { "source_package_name": "pyhamcrest", "source_package_version": "2.1.0-3", "version": "2.1.0-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Drop obsolete python3-setuptools build-dep, this build with \"hatch\"", " * Bump Standards-Version to 4.7.3, drop Priority: tag", " * Rewrite d/watch in v5 format", " * Salsa: Disable useless jobs & use canonical filename for config", "" ], "package": "pyhamcrest", "version": "2.1.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Alexandre Detiste ", "date": "Thu, 01 Jan 2026 18:22:42 +0100" }, { "cves": [], "log": [ "", " * Team upload.", " * Use `asyncio.new_event_loop` in tests for compatibility with Python 3.14", " (closes: #1123171).", " * Switch to autopkgtest-pkg-pybuild.", " * Explicitly select unittest runner.", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", "" ], "package": "pyhamcrest", "version": "2.1.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 01 Jan 2026 16:50:48 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-inflect", "from_version": { "source_package_name": "python-inflect", "source_package_version": "7.5.0-1", "version": "7.5.0-1" }, "to_version": { "source_package_name": "python-inflect", "source_package_version": "7.5.0-1build1", "version": "7.5.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-inflect", "version": "7.5.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:53:27 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-jwt", "from_version": { "source_package_name": "pyjwt", "source_package_version": "2.10.1-3", "version": "2.10.1-3" }, "to_version": { "source_package_name": "pyjwt", "source_package_version": "2.10.1-3build1", "version": "2.10.1-3build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "pyjwt", "version": "2.10.1-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:49:47 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-lazr.uri", "from_version": { "source_package_name": "lazr.uri", "source_package_version": "1.0.6-7", "version": "1.0.6-7" }, "to_version": { "source_package_name": "lazr.uri", "source_package_version": "1.0.6-7build1", "version": "1.0.6-7build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "lazr.uri", "version": "1.0.6-7build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 23 Dec 2025 14:03:54 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-oauthlib", "from_version": { "source_package_name": "python-oauthlib", "source_package_version": "3.3.1-1", "version": "3.3.1-1" }, "to_version": { "source_package_name": "python-oauthlib", "source_package_version": "3.3.1-1build1", "version": "3.3.1-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-oauthlib", "version": "3.3.1-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:53:42 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-packaging", "from_version": { "source_package_name": "python-packaging", "source_package_version": "25.0-1", "version": "25.0-1" }, "to_version": { "source_package_name": "python-packaging", "source_package_version": "25.0-2", "version": "25.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", "", " [ Helmut Grohne ]", " * Mark all packages M-A: foreign (closes: #1122261).", "" ], "package": "python-packaging", "version": "25.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Tue, 30 Dec 2025 01:55:09 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-passlib", "from_version": { "source_package_name": "python-passlib", "source_package_version": "1.7.4-6ubuntu1", "version": "1.7.4-6ubuntu1" }, "to_version": { "source_package_name": "python-passlib", "source_package_version": "1.9.3-1ubuntu1", "version": "1.9.3-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * Merge from Debian unstable. Remaining changes:", " [ Simon Quigley ]", " - Demote the runtime dependency on python3-legacycrypt to Suggests,", " to temporarily fix the component mismatch.", "" ], "package": "python-passlib", "version": "1.9.3-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Rik Mills ", "date": "Sun, 21 Dec 2025 20:12:18 +0000" }, { "cves": [], "log": [ "", " * Team upload.", " * New upstream version 1.9.3. Closes: #1120188.", " * Change upstream. Closes: #1099184.", " * Standards-Version 4.7.2, no change", " * Drop all patches", " * Update Depends, add !nocheck build profile where applicable", " * Builds docs with sphinx", "" ], "package": "python-passlib", "version": "1.9.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jérémy Lal ", "date": "Sat, 06 Dec 2025 17:33:13 +0100" }, { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-passlib", "version": "1.7.4-6ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:55:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pexpect", "from_version": { "source_package_name": "pexpect", "source_package_version": "4.9-3", "version": "4.9-3" }, "to_version": { "source_package_name": "pexpect", "source_package_version": "4.9-4", "version": "4.9-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Tests: Avoid the multiprocessing forkserver method (closes: #1123159).", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", "" ], "package": "pexpect", "version": "4.9-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 01 Jan 2026 18:34:44 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pyparsing", "from_version": { "source_package_name": "pyparsing", "source_package_version": "3.1.3-1", "version": "3.1.3-1" }, "to_version": { "source_package_name": "pyparsing", "source_package_version": "3.1.3-1build1", "version": "3.1.3-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "pyparsing", "version": "3.1.3-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:49:29 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-s3transfer", "from_version": { "source_package_name": "python-s3transfer", "source_package_version": "0.14.0-1", "version": "0.14.0-1" }, "to_version": { "source_package_name": "python-s3transfer", "source_package_version": "0.14.0-1build1", "version": "0.14.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-s3transfer", "version": "0.14.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:54:23 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-six", "from_version": { "source_package_name": "six", "source_package_version": "1.17.0-2", "version": "1.17.0-2" }, "to_version": { "source_package_name": "six", "source_package_version": "1.17.0-2build1", "version": "1.17.0-2build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "six", "version": "1.17.0-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:58:07 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-software-properties", "from_version": { "source_package_name": "software-properties", "source_package_version": "0.118", "version": "0.118" }, "to_version": { "source_package_name": "software-properties", "source_package_version": "0.119", "version": "0.119" }, "cves": [], "launchpad_bugs_fixed": [ 2136009 ], "changes": [ { "cves": [], "log": [ "", " * gtk: Add X11 fallback for dialog hinting (LP: #2136009).", "" ], "package": "software-properties", "version": "0.119", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136009 ], "author": "Charles ", "date": "Tue, 16 Dec 2025 16:35:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-twisted", "from_version": { "source_package_name": "twisted", "source_package_version": "25.5.0-4", "version": "25.5.0-4" }, "to_version": { "source_package_name": "twisted", "source_package_version": "25.5.0-5", "version": "25.5.0-5" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Backport upstream fixes for Python 3.14 (closes: #1122044).", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", "" ], "package": "twisted", "version": "25.5.0-5", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Wed, 10 Dec 2025 11:41:58 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-typeguard", "from_version": { "source_package_name": "python-typeguard", "source_package_version": "4.4.2-1", "version": "4.4.2-1" }, "to_version": { "source_package_name": "python-typeguard", "source_package_version": "4.4.4-1build1", "version": "4.4.4-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-typeguard", "version": "4.4.4-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:54:30 -0500" }, { "cves": [], "log": [ "", " * Team upload.", " * New upstream release.", "" ], "package": "python-typeguard", "version": "4.4.4-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 18 Aug 2025 15:37:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-typing-extensions", "from_version": { "source_package_name": "python-typing-extensions", "source_package_version": "4.15.0-1ubuntu1", "version": "4.15.0-1ubuntu1" }, "to_version": { "source_package_name": "python-typing-extensions", "source_package_version": "4.15.0-2", "version": "4.15.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix test on Python 3.14 (closes: #1123325).", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", " * Standards-Version: 4.7.2.", "" ], "package": "python-typing-extensions", "version": "4.15.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Wed, 17 Dec 2025 00:12:02 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-yaml", "from_version": { "source_package_name": "pyyaml", "source_package_version": "6.0.2-2", "version": "6.0.2-2" }, "to_version": { "source_package_name": "pyyaml", "source_package_version": "6.0.3-1", "version": "6.0.3-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 6.0.3", " * d/control: standards-version 4.7.3, drop rules-requires-root", " * d/patches: drop distutils patch (obsolete), re-enable fatal_test_failures for legacy testsuite", " * d/watch: upgrade to version 5", "" ], "package": "pyyaml", "version": "6.0.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Gordon Ball ", "date": "Sun, 28 Dec 2025 00:52:19 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-zipp", "from_version": { "source_package_name": "python-zipp", "source_package_version": "3.23.0-1", "version": "3.23.0-1" }, "to_version": { "source_package_name": "python-zipp", "source_package_version": "3.23.0-1build1", "version": "3.23.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-zipp", "version": "3.23.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:55:03 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-zope.interface", "from_version": { "source_package_name": "zope.interface", "source_package_version": "8.1-1", "version": "8.1-1" }, "to_version": { "source_package_name": "zope.interface", "source_package_version": "8.1.1-1", "version": "8.1.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * d/watch:", " - Upgrade to v5.", " - Exclude pre-releases.", " * New upstream release.", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", "" ], "package": "zope.interface", "version": "8.1.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 01 Jan 2026 18:46:29 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "sensible-utils", "from_version": { "source_package_name": "sensible-utils", "source_package_version": "0.0.26", "version": "0.0.26" }, "to_version": { "source_package_name": "sensible-utils", "source_package_version": "0.0.26build1", "version": "0.0.26build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "sensible-utils", "version": "0.0.26build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:57:59 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "software-properties-common", "from_version": { "source_package_name": "software-properties", "source_package_version": "0.118", "version": "0.118" }, "to_version": { "source_package_name": "software-properties", "source_package_version": "0.119", "version": "0.119" }, "cves": [], "launchpad_bugs_fixed": [ 2136009 ], "changes": [ { "cves": [], "log": [ "", " * gtk: Add X11 fallback for dialog hinting (LP: #2136009).", "" ], "package": "software-properties", "version": "0.119", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136009 ], "author": "Charles ", "date": "Tue, 16 Dec 2025 16:35:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "tzdata", "from_version": { "source_package_name": "tzdata", "source_package_version": "2025b-5ubuntu1", "version": "2025b-5ubuntu1" }, "to_version": { "source_package_name": "tzdata", "source_package_version": "2025c-3ubuntu1", "version": "2025c-3ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable. Remaining changes:", " - Ship 2025b ICU timezone data which are utilized by PHP in tzdata-icu", " - Add autopkgtest test case for ICU timezone data", " - Point Vcs-Browser/Git to Launchpad", "" ], "package": "tzdata", "version": "2025c-3ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Thu, 18 Dec 2025 17:56:18 +0100" }, { "cves": [], "log": [ "", " * Also remove /etc/timezone on upgrades from Ubuntu 25.10 \"questing\" older", "" ], "package": "tzdata", "version": "2025c-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Thu, 18 Dec 2025 16:55:15 +0100" }, { "cves": [], "log": [ "", " * Remove /etc/timezone on upgrade (Closes: #605834, #813226, #822733)", "" ], "package": "tzdata", "version": "2025c-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Mon, 15 Dec 2025 23:51:19 +0100" }, { "cves": [], "log": [ "", " * New upstream version 2025c", " * Update French debconf translation.", " Thanks to Baptiste Jammet (Closes: #1118004)", " * Drop No-leap-second-on-2025-12-31.patch (merged upstream)", " * Update Swedish debconf translation.", " Thanks to Martin Bagge (Closes: #1122575)", " * debian/control: drop Rules-Requires-Root field, now obsolete", " * debian/watch: update to version 5", " * Add autopkgtest test case for 2025c release", "" ], "package": "tzdata", "version": "2025c-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Thu, 11 Dec 2025 20:40:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "u-boot-tools", "from_version": { "source_package_name": "u-boot", "source_package_version": "2025.01-3ubuntu4", "version": "2025.01-3ubuntu4" }, "to_version": { "source_package_name": "u-boot", "source_package_version": "2025.10-0ubuntu1", "version": "2025.10-0ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2121690, 2134326, 2091618 ], "changes": [ { "cves": [], "log": [ "", " [ Heinrich Schuchardt ]", " * New upstream release", " - Refreshed patches:", " - d/p/rpi-config-tweaks.patch", " - d/p/qemu/efi-secure-boot.patch", " - d/p/sitara/Don-t-attempt-to-build-final-firmware-images.patch", " - Updated d/copyright to remove redundant patterns and fix lintian", " notices", " * Removed patches obsoleted/merged by upstream:", " - d/p/riscv64/starfive/*", " - d/p/riscv64/star64/*", " - d/p/riscv64/mpfs-icicle-kit_fdtfile.patch", " - d/p/use-cryptographically-safe-RNG.patch", " * Added patches to support for StarFive VisionFive Lite and Milk-V Mars CM", " (LP: #2121690):", " - d/p/riscv64/starfive/0001-riscv-dts-starfive-prune-redundant-jh7110-common-ove.patch", " - d/p/riscv64/starfive/0002-riscv-dts-starfive-sync-visionfive2-overrides-with-u.patch", " - d/p/riscv64/starfive/0003-riscv-dts-starfive-visionfive2-depend-on-SYS_CPU-aut.patch", " - d/p/riscv64/starfive/0004-configs-starfive-Use-visionfive2-DEVICE_TREE_INCLUDE.patch", " - d/p/riscv64/starfive/0005-starfive-avoid-NULL-dereference-in-fdt_check_header.patch", " - d/p/riscv64/starfive/0006-eeprom-starfive-Simplify-get_ddr_size_from_eeprom.patch", " - d/p/riscv64/starfive/0007-eeprom-starfive-Correct-get_pcb_revision_from_eeprom.patch", " - d/p/riscv64/starfive/0008-eeprom-starfive-Support-eeprom-data-format-v3.patch", " - d/p/riscv64/starfive/0009-pcie-starfive-Add-a-optional-power-gpio-support.patch", " - d/p/riscv64/starfive/0010-configs-visionfive2-Add-VisionFive-2-Lite-DT-to-OF_L.patch", " - d/p/riscv64/starfive/0011-board-starfive-spl-Support-VisionFive-2-Lite.patch", " - d/p/riscv64/starfive/0012-board-starfive-visionfive2-Add-VisionFive-2-Lite-fdt.patch", " - d/p/riscv64/starfive/0013-riscv-dts-starfive-prune-redundant-jh7110-overrides.patch", " - d/p/riscv64/starfive/0014-board-starfive-visionfive2-Add-Milk-V-Mars-CM-and-Ma.patch", " - d/p/riscv64/starfive/0015-configs-starfive-Add-Milk-V-Mars-CM-and-Mars-CM-Lite.patch", " - d/p/riscv64/starfive/0016-Update-device-trees-from-Linux.patch", " - d/p/riscv64/starfive/0017-starfive-add-bootph-pre-ram-to-MMC1-clk-pins.patch", " - d/p/riscv64/starfive/0018-starfive-add-starfive-jh7110-compatible-property-val.patch", " * Added patch to fix FTBFS with binutils 2.45 (LP: #2134326):", " - d/p/fix-objcopy-target.patch", "", " [ Dave Jones ]", " * d/p/rpi-squashfs.patch: Enable squashfs support on rpi and amd64/arm64", " QEMU builds for internal image testing (LP: #2091618)", "" ], "package": "u-boot", "version": "2025.10-0ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2121690, 2134326, 2091618 ], "author": "Heinrich Schuchardt ", "date": "Wed, 19 Nov 2025 18:26:40 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-kernel-accessories", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-minimal", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-server", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-standard", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "xz-utils", "from_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.1-2", "version": "5.8.1-2" }, "to_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.2-1", "version": "5.8.2-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Import 5.8.2", " - Add a workaround for Red Hat Enterprise Linux 9 kernel bug", " (Closes: #1121085).", "" ], "package": "xz-utils", "version": "5.8.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sebastian Andrzej Siewior ", "date": "Fri, 26 Dec 2025 19:52:09 +0100" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "libgraphite2-3:armhf", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "graphite2", "source_package_version": "1.3.14-2ubuntu1", "version": "1.3.14-2ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2069722 ], "changes": [ { "cves": [], "log": [ "", " * Fix autopkgtests following dpkg changes (LP: #2069722)", "" ], "package": "graphite2", "version": "1.3.14-2ubuntu1", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2069722 ], "author": "Alessandro Astone ", "date": "Fri, 21 Jun 2024 10:24:15 +0200" }, { "cves": [], "log": [ "", " * No change rebuild for 64-bit time_t and frame pointers.", "" ], "package": "graphite2", "version": "1.3.14-2build1", "urgency": "high", "distributions": "noble", "launchpad_bugs_fixed": [], "author": "Julian Andres Klode ", "date": "Mon, 08 Apr 2024 17:58:36 +0200" }, { "cves": [], "log": [ "", " [ Debian Janitor ]", " * Use secure URI in Homepage field.", " * Update standards version to 4.5.0, no changes needed.", " * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,", " Repository-Browse.", " * Remove constraints unnecessary since stretch:", " + Build-Depends: Drop versioned constraint on dh-exec.", " * Remove constraints unnecessary since buster (oldstable):", " + Build-Depends: Drop versioned constraint on dpkg-dev and python3.", "", " [ Rene Engelhard ]", " * debian/patches/do-not-require-future.diff: as name says", " (closes: #1058584)", " * debian/patches/spell-out-lesser-and-greater.diff,", " debian/patches/no-explicit-dot-font-settings.diff,", " debian/patches/explicit-pdflatex.diff: fix documentation build", " (closes: #1052740)", "" ], "package": "graphite2", "version": "1.3.14-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Rene Engelhard ", "date": "Sun, 24 Dec 2023 11:38:53 +0100" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false }, { "name": "libharfbuzz0b:armhf", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "harfbuzz", "source_package_version": "12.2.0-1", "version": "12.2.0-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release", " * d/control: drop dh-sequence-movetousr from build-deps (Closes: #1122764)", "" ], "package": "harfbuzz", "version": "12.2.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Fri, 12 Dec 2025 17:49:44 +0100" }, { "cves": [], "log": [ "", " * New upstream release", " * Drop redundant Rules-Requires-Root field", " * d/libharfbuzz0b.symbols: update symbols", "" ], "package": "harfbuzz", "version": "12.1.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Wed, 01 Oct 2025 16:54:22 +0200" }, { "cves": [], "log": [ "", " * New upstream release", " * d/libharfbuzz-gobject0.lintian-overrides: add wildcards for arch & lib", " version", " * d/control: update build-dep: libgirepository1.0-dev =>", " gobject-introspection (>= 1.80)", "" ], "package": "harfbuzz", "version": "11.5.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Wed, 17 Sep 2025 16:13:26 +0200" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false }, { "name": "libjs-sphinxdoc", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "sphinx", "source_package_version": "8.2.3-11", "version": "8.2.3-11" }, "cves": [], "launchpad_bugs_fixed": [ 2133023 ], "changes": [ { "cves": [], "log": [ "", " * Depend on libgvplugin-neato-layout and libgvplugin-pango for the tests", " (closes: #1122119, thanks László Böszörményi).", "" ], "package": "sphinx", "version": "8.2.3-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Dmitry Shachnev ", "date": "Sun, 07 Dec 2025 20:20:57 +0300" }, { "cves": [], "log": [ "", " * Backport upstream commits to fix tests with Python 3.14 (LP: #2133023).", "" ], "package": "sphinx", "version": "8.2.3-10", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2133023 ], "author": "Dmitry Shachnev ", "date": "Wed, 26 Nov 2025 20:54:23 +0300" }, { "cves": [], "log": [ "", " * Backport upstream patch to fix PDF build of French documents with", " footnotes (closes: #1114478).", "" ], "package": "sphinx", "version": "8.2.3-9", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Dmitry Shachnev ", "date": "Sat, 15 Nov 2025 15:07:35 +0300" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false }, { "name": "linux-headers-6.18.0-8", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": "linux-headers-6.18.0-8 version '6.18.0-8.8' (source package linux version '6.18.0-8.8') was added. linux-headers-6.18.0-8 version '6.18.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-8. As such we can use the source package version of the removed package, '6.17.0-8.8', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-headers-6.18.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": "linux-headers-6.18.0-8-generic version '6.18.0-8.8' (source package linux version '6.18.0-8.8') was added. linux-headers-6.18.0-8-generic version '6.18.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-8. As such we can use the source package version of the removed package, '6.17.0-8.8', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-image-6.18.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": "linux-image-6.18.0-8-generic version '6.18.0-8.8' (source package linux version '6.18.0-8.8') was added. linux-image-6.18.0-8-generic version '6.18.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-8. As such we can use the source package version of the removed package, '6.17.0-8.8', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-modules-6.18.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": "linux-modules-6.18.0-8-generic version '6.18.0-8.8' (source package linux version '6.18.0-8.8') was added. linux-modules-6.18.0-8-generic version '6.18.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-8. As such we can use the source package version of the removed package, '6.17.0-8.8', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-tools-6.18.0-8", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": "linux-tools-6.18.0-8 version '6.18.0-8.8' (source package linux version '6.18.0-8.8') was added. linux-tools-6.18.0-8 version '6.18.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-8. As such we can use the source package version of the removed package, '6.17.0-8.8', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-tools-6.18.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": "linux-tools-6.18.0-8-generic version '6.18.0-8.8' (source package linux version '6.18.0-8.8') was added. linux-tools-6.18.0-8-generic version '6.18.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-8. As such we can use the source package version of the removed package, '6.17.0-8.8', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [ { "name": "linux-headers-6.17.0-8", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-6.17.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-6.17.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-modules-6.17.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-6.17.0-8", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-6.17.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "notes": "Changelog diff for Ubuntu 26.04 resolute image from daily image serial 20251216 to 20251219", "from_series": "resolute", "to_series": "resolute", "from_serial": "20251216", "to_serial": "20251219", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }