{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "libgraphite2-3:riscv64", "libharfbuzz0b:riscv64", "libjs-sphinxdoc" ], "removed": [], "diff": [ "bash-completion", "bpftool", "cpio", "dhcpcd-base", "distro-info-data", "ed", "exfatprogs", "fuse3", "fwupd", "gcc-15-base:riscv64", "gir1.2-girepository-3.0:riscv64", "gir1.2-glib-2.0:riscv64", "iso-codes", "kpartx", "libatomic1:riscv64", "libclang-cpp21", "libclang1-20", "libedit2:riscv64", "libfreetype6:riscv64", "libfribidi0:riscv64", "libftdi1-2:riscv64", "libfuse3-4:riscv64", "libfwupd3:riscv64", "libgcc-s1:riscv64", "libgirepository-2.0-0:riscv64", "libglib2.0-0t64:riscv64", "libglib2.0-bin", "libglib2.0-data", "libicu78:riscv64", "libjemalloc2:riscv64", "libllvm20:riscv64", "libllvm21:riscv64", "liblzma5:riscv64", "libmpathcmd0", "libmpathpersist0", "libmultipath0", "libncurses6:riscv64", "libncursesw6:riscv64", "libnss3:riscv64", "libnvme1t64", "libpng16-16t64:riscv64", "libpolkit-agent-1-0:riscv64", "libpolkit-gobject-1-0:riscv64", "libqmi-glib5:riscv64", "libqmi-proxy", "libqmi-utils", "libsodium23:riscv64", "libstdc++6:riscv64", "libtinfo6:riscv64", "libxdmcp6:riscv64", "libxmuu1:riscv64", "linux-libc-dev:riscv64", "linux-perf", "linux-tools-common", "lsb-release", "manpages", "manpages-dev", "mawk", "media-types", "multipath-tools", "ncurses-base", "ncurses-bin", "ncurses-term", "pci.ids", "polkitd", "python3-attr", "python3-autocommand", "python3-bcrypt", "python3-blinker", "python3-boto3", "python3-botocore", "python3-certifi", "python3-dateutil", "python3-hamcrest", "python3-inflect", "python3-jwt", "python3-lazr.uri", "python3-oauthlib", "python3-packaging", "python3-passlib", "python3-pexpect", "python3-pyparsing", "python3-s3transfer", "python3-six", "python3-software-properties", "python3-twisted", "python3-typeguard", "python3-typing-extensions", "python3-yaml", "python3-zipp", "python3-zope.interface", "sensible-utils", "software-properties-common", "tzdata", "ubuntu-kernel-accessories", "ubuntu-minimal", "ubuntu-server", "ubuntu-standard", "xz-utils" ] } }, "diff": { "deb": [ { "name": "bash-completion", "from_version": { "source_package_name": "bash-completion", "source_package_version": "1:2.16.0-8", "version": "1:2.16.0-8" }, "to_version": { "source_package_name": "bash-completion", "source_package_version": "1:2.16.0-8build1", "version": "1:2.16.0-8build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "bash-completion", "version": "1:2.16.0-8build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:38:56 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "bpftool", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "7.7.0+6.17.0-8.8" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "7.7.0+6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "cpio", "from_version": { "source_package_name": "cpio", "source_package_version": "2.15+dfsg-2ubuntu1", "version": "2.15+dfsg-2ubuntu1" }, "to_version": { "source_package_name": "cpio", "source_package_version": "2.15+dfsg-2.1", "version": "2.15+dfsg-2.1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Non-maintainer upload.", " * Apply upstream patch to fix FTBFS with gcc-15. (Closes: #1096467)", "" ], "package": "cpio", "version": "2.15+dfsg-2.1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Sun, 21 Dec 2025 13:24:40 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "dhcpcd-base", "from_version": { "source_package_name": "dhcpcd", "source_package_version": "1:10.3.0-2", "version": "1:10.3.0-2" }, "to_version": { "source_package_name": "dhcpcd", "source_package_version": "1:10.3.0-3", "version": "1:10.3.0-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * [control]", " = Simplify bin:dhcpcd's long description (Closes: #1121452).", " * [patches]", " + Uncomment 'ntp_servers' in dhcpcd.conf (Closes: #1123962).", "" ], "package": "dhcpcd", "version": "1:10.3.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Martin-Éric Racine ", "date": "Thu, 25 Dec 2025 11:16:42 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "distro-info-data", "from_version": { "source_package_name": "distro-info-data", "source_package_version": "0.68", "version": "0.68" }, "to_version": { "source_package_name": "distro-info-data", "source_package_version": "0.68build1", "version": "0.68build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "distro-info-data", "version": "0.68build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:39:48 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ed", "from_version": { "source_package_name": "ed", "source_package_version": "1.22.2-1", "version": "1.22.2-1" }, "to_version": { "source_package_name": "ed", "source_package_version": "1.22.3-1", "version": "1.22.3-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 1.22.3", " * d/control: Declare Standards-Version 4.7.3 (no changes needed)", " * d/control: Drop Priority field", " * d/control: Drop Rules-Requires-Root: no", " * d/copyright: Bump copyright years", "" ], "package": "ed", "version": "1.22.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Lev Lamberov ", "date": "Thu, 01 Jan 2026 22:35:09 +0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "exfatprogs", "from_version": { "source_package_name": "exfatprogs", "source_package_version": "1.3.0-1", "version": "1.3.0-1" }, "to_version": { "source_package_name": "exfatprogs", "source_package_version": "1.3.1-1", "version": "1.3.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", " Disables building of defrag utility due to reported data loss.", " * d/control: Remove the defrag utility from the description.", "" ], "package": "exfatprogs", "version": "1.3.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Hoexter ", "date": "Tue, 16 Dec 2025 13:39:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "fuse3", "from_version": { "source_package_name": "fuse3", "source_package_version": "3.17.4-1", "version": "3.17.4-1" }, "to_version": { "source_package_name": "fuse3", "source_package_version": "3.18.1-1", "version": "3.18.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", " * Update library symbols for this release.", "" ], "package": "fuse3", "version": "3.18.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Sun, 21 Dec 2025 18:06:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "fwupd", "from_version": { "source_package_name": "fwupd", "source_package_version": "2.0.18-1", "version": "2.0.18-1" }, "to_version": { "source_package_name": "fwupd", "source_package_version": "2.0.19-1", "version": "2.0.19-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version (2.0.19)", "" ], "package": "fwupd", "version": "2.0.19-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Sat, 20 Dec 2025 22:13:58 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "gcc-15-base:riscv64", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-girepository-3.0:riscv64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-glib-2.0:riscv64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "iso-codes", "from_version": { "source_package_name": "iso-codes", "source_package_version": "4.19.0-1", "version": "4.19.0-1" }, "to_version": { "source_package_name": "iso-codes", "source_package_version": "4.20.1-1", "version": "4.20.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 4.20.1", " * Remove Priority: optional from d/control", " * Update Standards-Version to 4.7.3", " * Update d/copyright", " * Use wrap-and-sort -astkb", " * Add meson to Build-Depends-Indep", "" ], "package": "iso-codes", "version": "4.20.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Dr. Tobias Quathamer ", "date": "Thu, 01 Jan 2026 22:38:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "kpartx", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libatomic1:riscv64", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libclang-cpp21", "from_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.6-3ubuntu1", "version": "1:21.1.6-3ubuntu1" }, "to_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.7-1ubuntu2", "version": "1:21.1.7-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild against new OCAML ABIs.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Wed, 10 Dec 2025 15:19:27 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Regenerate the control file.", " - Use RVA23U64 profile in clang (LP #2116086).", " - d/rules: Remove i386 from CLANG_GRPC_ARCHS (not built on i386).", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 11:15:55 +0100" }, { "cves": [], "log": [ "", " * LLVM 21.1.7 release.", "", " * Update symbols files for hurd-amd64.", " * clang-21-tools, llvm-21-tools: Use dh_python3 substvars.", " * liblldb-21: Move the .so symlink to the liblldb-21-dev package.", " * Add myself as uploader for 21.", " * d/rules: Remove unnecessary use of the CURDIR macro.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 22:34:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libclang1-20", "from_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu2", "version": "1:20.1.8-2ubuntu2" }, "to_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu4", "version": "1:20.1.8-2ubuntu4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild against new OCAML ABIs.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Wed, 10 Dec 2025 15:22:31 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian, remaining changes:", " - d/p/series: Apply the ubuntu-clang-use-RVA23U64-profile patch.", " - Regenerate the control file.", " - Again, stop building packages built by LLVM 21.", " * Adjust breaks/replaces for clang-scan-deps move. Addresses: #1121175.", " * Clarify the libunwind package descriptions, that it is not compatible", " with glibc.", " * Fix syntax for OR-ed build profiles.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 14:05:03 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libedit2:riscv64", "from_version": { "source_package_name": "libedit", "source_package_version": "3.1-20250104-1build1", "version": "3.1-20250104-1build1" }, "to_version": { "source_package_name": "libedit", "source_package_version": "3.1-20251016-1", "version": "3.1-20251016-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to include updated RISC-V base ISA RVA23", "" ], "package": "libedit", "version": "3.1-20250104-1build1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Heinrich Schuchardt ", "date": "Fri, 05 Sep 2025 17:32:20 +0000" } ], "notes": null, "is_version_downgrade": true }, { "name": "libfreetype6:riscv64", "from_version": { "source_package_name": "freetype", "source_package_version": "2.13.3+dfsg-1build1", "version": "2.13.3+dfsg-1build1" }, "to_version": { "source_package_name": "freetype", "source_package_version": "2.14.1+dfsg-1", "version": "2.14.1+dfsg-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 2.14.1:", " - Enable dynamic loading of the HarfBuzz library, avoiding the", " well-known circular dependency problem.", " * debian/control:", " - Raise Standards-Version to 4.7.3, removing the Priority field.", " - Build-Depend on libharfbuzz-dev.", " - Drop Rules-Requires-Root (no longer needed).", " - libfreetype-dev: Depend on libharfbuzz-dev.", " * debian/copyright:", " - Update for FreeType 2.14.0.", " - Update for 2025.", " - Fix whitespace formatting.", " * debian/patches: Refresh ftoption.patch.", " * debian/rules: Enable linking with HarfBuzz.", " * debian/tests/libfreetype-dev: Disable static autopkgtest.", " * debian/watch: Convert to Version 5 format.", "" ], "package": "freetype", "version": "2.14.1+dfsg-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Hugh McMaster ", "date": "Fri, 26 Dec 2025 21:52:18 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfribidi0:riscv64", "from_version": { "source_package_name": "fribidi", "source_package_version": "1.0.16-4", "version": "1.0.16-4" }, "to_version": { "source_package_name": "fribidi", "source_package_version": "1.0.16-5", "version": "1.0.16-5" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * d/p/generate_man1.patch: Build manpage verbosely.", " Thanks to Helmut Grohne ", " * d/rules: run help2man on a native build pass.", " Thanks to Helmut Grohne ", "" ], "package": "fribidi", "version": "1.0.16-5", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Mon, 15 Dec 2025 02:09:51 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libftdi1-2:riscv64", "from_version": { "source_package_name": "libftdi1", "source_package_version": "1.5-12", "version": "1.5-12" }, "to_version": { "source_package_name": "libftdi1", "source_package_version": "1.6~rc1-1", "version": "1.6~rc1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release candidate", " * Remove all patches, all merged upstream", " * Update symbols file", " * Update libftdipp1 symbols file to catch an architecture specific", " internal c++ symbol", " * Update debian/copyright", " * Update debian/watch to version 5", " * Stop forcing CMAKE_POLICY_VERSION_MINIMUM, new upstream version is", " compatible with CMake 4", " * debian/control: drop Rules-Requires-Root field, now obsolete", " * debian/control: drop Priority field, optional is now the default", " * Bump Standards-Version to 4.7.3 (no changes)", "" ], "package": "libftdi1", "version": "1.6~rc1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Sat, 03 Jan 2026 13:52:23 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfuse3-4:riscv64", "from_version": { "source_package_name": "fuse3", "source_package_version": "3.17.4-1", "version": "3.17.4-1" }, "to_version": { "source_package_name": "fuse3", "source_package_version": "3.18.1-1", "version": "3.18.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", " * Update library symbols for this release.", "" ], "package": "fuse3", "version": "3.18.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Sun, 21 Dec 2025 18:06:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfwupd3:riscv64", "from_version": { "source_package_name": "fwupd", "source_package_version": "2.0.18-1", "version": "2.0.18-1" }, "to_version": { "source_package_name": "fwupd", "source_package_version": "2.0.19-1", "version": "2.0.19-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version (2.0.19)", "" ], "package": "fwupd", "version": "2.0.19-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Sat, 20 Dec 2025 22:13:58 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgcc-s1:riscv64", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgirepository-2.0-0:riscv64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-0t64:riscv64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-bin", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-data", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libicu78:riscv64", "from_version": { "source_package_name": "icu", "source_package_version": "78.1-1ubuntu1", "version": "78.1-1ubuntu1" }, "to_version": { "source_package_name": "icu", "source_package_version": "78.1-2ubuntu2", "version": "78.1-2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Cherry-pick ICU-23252.patch and ICU-23278.patch", " from 78.1 branch, to fix nodejs build failures", " https://github.com/nodejs/node/pull/60523", "" ], "package": "icu", "version": "78.1-2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Mon, 15 Dec 2025 17:12:36 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - d/p/disable-precision-fpmath-tests-on-i386.patch: add a patch to disable", " precision checking tests on i386 where an imprecise FPU hardware is used", "" ], "package": "icu", "version": "78.1-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Mon, 15 Dec 2025 10:05:26 +0100" }, { "cves": [], "log": [ "", " * Backport fix for ICU-23261: correctly propagate errors to the caller.", " * Update watch file.", "" ], "package": "icu", "version": "78.1-2", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Mon, 08 Dec 2025 16:14:04 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libjemalloc2:riscv64", "from_version": { "source_package_name": "jemalloc", "source_package_version": "5.3.0-3build1", "version": "5.3.0-3build1" }, "to_version": { "source_package_name": "jemalloc", "source_package_version": "5.3.0-4", "version": "5.3.0-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Do not assume altivec on powerpc. (Closes: #1105139)", " * Remove kfreebsd-* from debian/rules, as these ports have long been dead", " and removed fromd Debian ports.", " * Update debian/watch to version 5.", " * Remove Priority: optional, as this is the dpkg default nowadays.", " * Bump Standards-Version to 4.7.3, no further changes needed.", "" ], "package": "jemalloc", "version": "5.3.0-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Faidon Liambotis ", "date": "Fri, 02 Jan 2026 13:34:30 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libllvm20:riscv64", "from_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu2", "version": "1:20.1.8-2ubuntu2" }, "to_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu4", "version": "1:20.1.8-2ubuntu4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild against new OCAML ABIs.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Wed, 10 Dec 2025 15:22:31 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian, remaining changes:", " - d/p/series: Apply the ubuntu-clang-use-RVA23U64-profile patch.", " - Regenerate the control file.", " - Again, stop building packages built by LLVM 21.", " * Adjust breaks/replaces for clang-scan-deps move. Addresses: #1121175.", " * Clarify the libunwind package descriptions, that it is not compatible", " with glibc.", " * Fix syntax for OR-ed build profiles.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 14:05:03 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libllvm21:riscv64", "from_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.6-3ubuntu1", "version": "1:21.1.6-3ubuntu1" }, "to_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.7-1ubuntu2", "version": "1:21.1.7-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild against new OCAML ABIs.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Wed, 10 Dec 2025 15:19:27 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Regenerate the control file.", " - Use RVA23U64 profile in clang (LP #2116086).", " - d/rules: Remove i386 from CLANG_GRPC_ARCHS (not built on i386).", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 11:15:55 +0100" }, { "cves": [], "log": [ "", " * LLVM 21.1.7 release.", "", " * Update symbols files for hurd-amd64.", " * clang-21-tools, llvm-21-tools: Use dh_python3 substvars.", " * liblldb-21: Move the .so symlink to the liblldb-21-dev package.", " * Add myself as uploader for 21.", " * d/rules: Remove unnecessary use of the CURDIR macro.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.7-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 22:34:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "liblzma5:riscv64", "from_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.1-2", "version": "5.8.1-2" }, "to_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.2-1", "version": "5.8.2-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Import 5.8.2", " - Add a workaround for Red Hat Enterprise Linux 9 kernel bug", " (Closes: #1121085).", "" ], "package": "xz-utils", "version": "5.8.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sebastian Andrzej Siewior ", "date": "Fri, 26 Dec 2025 19:52:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmpathcmd0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmpathpersist0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmultipath0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libncurses6:riscv64", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libncursesw6:riscv64", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnss3:riscv64", "from_version": { "source_package_name": "nss", "source_package_version": "2:3.117-1", "version": "2:3.117-1" }, "to_version": { "source_package_name": "nss", "source_package_version": "2:3.119-1", "version": "2:3.119-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", "" ], "package": "nss", "version": "2:3.119-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mike Hommey ", "date": "Wed, 10 Dec 2025 09:23:00 +0900" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnvme1t64", "from_version": { "source_package_name": "libnvme", "source_package_version": "1.16.1-1", "version": "1.16.1-1" }, "to_version": { "source_package_name": "libnvme", "source_package_version": "1.16.1-2", "version": "1.16.1-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fixing FTCBFS by multiarchify Python build-depends and exporting cross", " sysconfig name, thanks to Helmut Grohne (Closes:", " #1123695).", "" ], "package": "libnvme", "version": "1.16.1-2", "urgency": "medium", "distributions": "sid", "launchpad_bugs_fixed": [], "author": "Daniel Baumann ", "date": "Sat, 20 Dec 2025 04:19:31 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpng16-16t64:riscv64", "from_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.51-1", "version": "1.6.51-1" }, "to_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.53-1", "version": "1.6.53-1" }, "cves": [ { "cve": "CVE-2025-66293", "url": "https://ubuntu.com/security/CVE-2025-66293", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.", "cve_priority": "medium", "cve_public_date": "2025-12-03 21:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 1.6.53.", "" ], "package": "libpng1.6", "version": "1.6.53-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Tobias Frost ", "date": "Sun, 07 Dec 2025 11:32:41 +0100" }, { "cves": [ { "cve": "CVE-2025-66293", "url": "https://ubuntu.com/security/CVE-2025-66293", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.", "cve_priority": "medium", "cve_public_date": "2025-12-03 21:15:00 UTC" } ], "log": [ "", " * New upstream versoin 1.6.52", " - CVE-2025-66293 - Out of bound read (Closes: #1121877)", "" ], "package": "libpng1.6", "version": "1.6.52-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Tobias Frost ", "date": "Thu, 04 Dec 2025 06:24:43 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpolkit-agent-1-0:riscv64", "from_version": { "source_package_name": "policykit-1", "source_package_version": "126-2", "version": "126-2" }, "to_version": { "source_package_name": "policykit-1", "source_package_version": "127-1", "version": "127-1" }, "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "log": [ "", " [ Michael Biebl ]", " * Drop debian/clean", "", " [ Simon McVittie ]", " * d/control: Mark gir1.2-polkit-1.0 as Multi-Arch: same", " * d/control: Mark -dev packages as Multi-Arch: same", " * d/control: Use dpkg-build-api v1 instead of Rules-Requires-Root", " * Standards-Version: 4.7.2 (no changes required)", " * d/salsa-ci.yml: Use recommended recipe", "", " [ Luca Boccassi ]", " * Update upstream source from tag 'upstream/127'", " (Closes: #1109334, #1119670, #1094078, #1110748)", " (CVE-2025-7519)", " * Add build dependency on mount for unit tests", " * Install new polkitd.conf and manpage", " * polkitd: start polkit-agent-helper.socket on install/upgrade", " * polkitd: drop postinst workarounds for pre-bookworm", " * polkitd: drop adduser and rely exclusively on sd-sysusers", " * polkitd: do not change perms of /etc/polkit-1/rules.d in postinst and", " rely on tmpfiles.d", " * polkitd: do not set SUID on polkit-agent-helper-1 under systemd", " * Update symbols file for v127", "" ], "package": "policykit-1", "version": "127-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Luca Boccassi ", "date": "Wed, 17 Dec 2025 18:35:00 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpolkit-gobject-1-0:riscv64", "from_version": { "source_package_name": "policykit-1", "source_package_version": "126-2", "version": "126-2" }, "to_version": { "source_package_name": "policykit-1", "source_package_version": "127-1", "version": "127-1" }, "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "log": [ "", " [ Michael Biebl ]", " * Drop debian/clean", "", " [ Simon McVittie ]", " * d/control: Mark gir1.2-polkit-1.0 as Multi-Arch: same", " * d/control: Mark -dev packages as Multi-Arch: same", " * d/control: Use dpkg-build-api v1 instead of Rules-Requires-Root", " * Standards-Version: 4.7.2 (no changes required)", " * d/salsa-ci.yml: Use recommended recipe", "", " [ Luca Boccassi ]", " * Update upstream source from tag 'upstream/127'", " (Closes: #1109334, #1119670, #1094078, #1110748)", " (CVE-2025-7519)", " * Add build dependency on mount for unit tests", " * Install new polkitd.conf and manpage", " * polkitd: start polkit-agent-helper.socket on install/upgrade", " * polkitd: drop postinst workarounds for pre-bookworm", " * polkitd: drop adduser and rely exclusively on sd-sysusers", " * polkitd: do not change perms of /etc/polkit-1/rules.d in postinst and", " rely on tmpfiles.d", " * polkitd: do not set SUID on polkit-agent-helper-1 under systemd", " * Update symbols file for v127", "" ], "package": "policykit-1", "version": "127-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Luca Boccassi ", "date": "Wed, 17 Dec 2025 18:35:00 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libqmi-glib5:riscv64", "from_version": { "source_package_name": "libqmi", "source_package_version": "1.36.0-2", "version": "1.36.0-2" }, "to_version": { "source_package_name": "libqmi", "source_package_version": "1.37.95-1", "version": "1.37.95-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118881)", " * d/copyright: drop reference to old FSF address.", " Replace it with the usual link to http://www.gnu.org/licenses/.", "" ], "package": "libqmi", "version": "1.36.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:13 +0100" } ], "notes": null, "is_version_downgrade": true }, { "name": "libqmi-proxy", "from_version": { "source_package_name": "libqmi", "source_package_version": "1.36.0-2", "version": "1.36.0-2" }, "to_version": { "source_package_name": "libqmi", "source_package_version": "1.37.95-1", "version": "1.37.95-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118881)", " * d/copyright: drop reference to old FSF address.", " Replace it with the usual link to http://www.gnu.org/licenses/.", "" ], "package": "libqmi", "version": "1.36.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:13 +0100" } ], "notes": null, "is_version_downgrade": true }, { "name": "libqmi-utils", "from_version": { "source_package_name": "libqmi", "source_package_version": "1.36.0-2", "version": "1.36.0-2" }, "to_version": { "source_package_name": "libqmi", "source_package_version": "1.37.95-1", "version": "1.37.95-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118881)", " * d/copyright: drop reference to old FSF address.", " Replace it with the usual link to http://www.gnu.org/licenses/.", "" ], "package": "libqmi", "version": "1.36.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:13 +0100" } ], "notes": null, "is_version_downgrade": true }, { "name": "libsodium23:riscv64", "from_version": { "source_package_name": "libsodium", "source_package_version": "1.0.18-1build4", "version": "1.0.18-1build4" }, "to_version": { "source_package_name": "libsodium", "source_package_version": "1.0.18-2", "version": "1.0.18-2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libsodium", "version": "1.0.18-1build4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 13:46:42 +0100" }, { "cves": [], "log": [ "", " * No change rebuild for 64-bit time_t and frame pointers.", "" ], "package": "libsodium", "version": "1.0.18-1build3", "urgency": "high", "distributions": "noble", "launchpad_bugs_fixed": [], "author": "Julian Andres Klode ", "date": "Mon, 08 Apr 2024 18:07:25 +0200" }, { "cves": [], "log": [ "", " * No change rebuild for ppc64el baseline bump.", "" ], "package": "libsodium", "version": "1.0.18-1build2", "urgency": "high", "distributions": "jammy", "launchpad_bugs_fixed": [], "author": "Julian Andres Klode ", "date": "Thu, 24 Mar 2022 17:13:48 +0100" }, { "cves": [], "log": [ "", " * No-change rebuild to build packages with zstd compression.", "" ], "package": "libsodium", "version": "1.0.18-1build1", "urgency": "medium", "distributions": "impish", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Thu, 07 Oct 2021 12:18:21 +0200" } ], "notes": null, "is_version_downgrade": true }, { "name": "libstdc++6:riscv64", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtinfo6:riscv64", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libxdmcp6:riscv64", "from_version": { "source_package_name": "libxdmcp", "source_package_version": "1:1.1.5-1build1", "version": "1:1.1.5-1build1" }, "to_version": { "source_package_name": "libxdmcp", "source_package_version": "1:1.1.5-2", "version": "1:1.1.5-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload", "", " [ Dylan Aïssi ]", " * debian/copyright: Convert to machine-readable format", "", " [ Jeremy Bícha ]", " * Use Build-Depends: lynx instead of w3m", " * Add debian/gbp.conf", " * Bump debhelper-compat to 13", "" ], "package": "libxdmcp", "version": "1:1.1.5-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 23 Dec 2025 20:39:07 -0500" }, { "cves": [], "log": [ "", " * Non-maintainer upload.", " * Drop unnecessary Build-Depends: w3m. (closes: #1123915)", "" ], "package": "libxdmcp", "version": "1:1.1.5-1.1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Bastian Germann ", "date": "Wed, 24 Dec 2025 00:22:02 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libxmuu1:riscv64", "from_version": { "source_package_name": "libxmu", "source_package_version": "2:1.1.3-3build3", "version": "2:1.1.3-3build3" }, "to_version": { "source_package_name": "libxmu", "source_package_version": "2:1.1.3-4", "version": "2:1.1.3-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload", "", " [ Debian Janitor ]", " * Remove constraints unnecessary since buster (oldstable):", " + Build-Depends: Drop versioned constraint on libx11-dev, libxext-dev,", " libxt-dev, xorg-sgml-doctools and xutils-dev.", " * Use secure URI in debian/watch", " * Update standards version to 4.7.3", " * Opportunistically check upstream PGP signatures", "", " [ Emilio Pozuelo Monfort ]", " * Move doc build-deps to Build-Depends-Indep. Thanks Samuel Thibault.", " Closes: #1055368.", "", " [ Jeremy Bícha ]", " * Add debian/gbp.conf", "" ], "package": "libxmu", "version": "2:1.1.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 24 Dec 2025 19:51:25 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-libc-dev:riscv64", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-perf", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-common", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "lsb-release", "from_version": { "source_package_name": "lsb-release-minimal", "source_package_version": "12.1-2", "version": "12.1-2" }, "to_version": { "source_package_name": "lsb-release-minimal", "source_package_version": "12.1-2build1", "version": "12.1-2build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "lsb-release-minimal", "version": "12.1-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:47:11 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "manpages", "from_version": { "source_package_name": "manpages", "source_package_version": "6.16-1", "version": "6.16-1" }, "to_version": { "source_package_name": "manpages", "source_package_version": "6.16-1build1", "version": "6.16-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "manpages", "version": "6.16-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:47:53 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "manpages-dev", "from_version": { "source_package_name": "manpages", "source_package_version": "6.16-1", "version": "6.16-1" }, "to_version": { "source_package_name": "manpages", "source_package_version": "6.16-1build1", "version": "6.16-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "manpages", "version": "6.16-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:47:53 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "mawk", "from_version": { "source_package_name": "mawk", "source_package_version": "1.3.4.20250131-1build1", "version": "1.3.4.20250131-1build1" }, "to_version": { "source_package_name": "mawk", "source_package_version": "1.3.4.20250131-2", "version": "1.3.4.20250131-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * debian/watch: Update to version 5.", " * debian/upstream/metadata: Add fields for bug tracker and documentation.", " * debian/control: Bump Standards-Version to 4.7.2.", "" ], "package": "mawk", "version": "1.3.4.20250131-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Boyuan Yang ", "date": "Sun, 21 Dec 2025 10:20:03 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "media-types", "from_version": { "source_package_name": "media-types", "source_package_version": "14.0.0", "version": "14.0.0" }, "to_version": { "source_package_name": "media-types", "source_package_version": "14.0.0build1", "version": "14.0.0build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "media-types", "version": "14.0.0build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:48:01 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "multipath-tools", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu2", "version": "0.12.0-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2135118 ], "changes": [ { "cves": [], "log": [ "", " * d/{rules,control}: enable testsuite (LP: #2135118)", " - d/p/testsuite-no-lto: disable lto to workaround testsuite symbol wrapping", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2135118 ], "author": "Jonas Jelten ", "date": "Fri, 12 Dec 2025 11:59:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-base", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-bin", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-term", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "pci.ids", "from_version": { "source_package_name": "pci.ids", "source_package_version": "0.0~2025.11.04-1", "version": "0.0~2025.11.04-1" }, "to_version": { "source_package_name": "pci.ids", "source_package_version": "0.0~2025.12.16-1", "version": "0.0~2025.12.16-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", "" ], "package": "pci.ids", "version": "0.0~2025.12.16-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Wed, 17 Dec 2025 04:12:46 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "polkitd", "from_version": { "source_package_name": "policykit-1", "source_package_version": "126-2", "version": "126-2" }, "to_version": { "source_package_name": "policykit-1", "source_package_version": "127-1", "version": "127-1" }, "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-7519", "url": "https://ubuntu.com/security/CVE-2025-7519", "cve_description": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.", "cve_priority": "low", "cve_public_date": "2025-07-14 14:15:00 UTC" } ], "log": [ "", " [ Michael Biebl ]", " * Drop debian/clean", "", " [ Simon McVittie ]", " * d/control: Mark gir1.2-polkit-1.0 as Multi-Arch: same", " * d/control: Mark -dev packages as Multi-Arch: same", " * d/control: Use dpkg-build-api v1 instead of Rules-Requires-Root", " * Standards-Version: 4.7.2 (no changes required)", " * d/salsa-ci.yml: Use recommended recipe", "", " [ Luca Boccassi ]", " * Update upstream source from tag 'upstream/127'", " (Closes: #1109334, #1119670, #1094078, #1110748)", " (CVE-2025-7519)", " * Add build dependency on mount for unit tests", " * Install new polkitd.conf and manpage", " * polkitd: start polkit-agent-helper.socket on install/upgrade", " * polkitd: drop postinst workarounds for pre-bookworm", " * polkitd: drop adduser and rely exclusively on sd-sysusers", " * polkitd: do not change perms of /etc/polkit-1/rules.d in postinst and", " rely on tmpfiles.d", " * polkitd: do not set SUID on polkit-agent-helper-1 under systemd", " * Update symbols file for v127", "" ], "package": "policykit-1", "version": "127-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Luca Boccassi ", "date": "Wed, 17 Dec 2025 18:35:00 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-attr", "from_version": { "source_package_name": "python-attrs", "source_package_version": "25.4.0-1", "version": "25.4.0-1" }, "to_version": { "source_package_name": "python-attrs", "source_package_version": "25.4.0-1build1", "version": "25.4.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-attrs", "version": "25.4.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:20 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-autocommand", "from_version": { "source_package_name": "python-autocommand", "source_package_version": "2.2.2-3", "version": "2.2.2-3" }, "to_version": { "source_package_name": "python-autocommand", "source_package_version": "2.2.2-4", "version": "2.2.2-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Patches: fix tests for Python 3.14. (Closes: #1123196)", "" ], "package": "python-autocommand", "version": "2.2.2-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeroen Ploemen ", "date": "Wed, 17 Dec 2025 10:35:26 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-bcrypt", "from_version": { "source_package_name": "python-bcrypt", "source_package_version": "5.0.0-2", "version": "5.0.0-2" }, "to_version": { "source_package_name": "python-bcrypt", "source_package_version": "5.0.0-3", "version": "5.0.0-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Breaks: python3-passlib (<< 1.9.3-1~) (closes: #1122147).", "" ], "package": "python-bcrypt", "version": "5.0.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 08 Dec 2025 17:17:36 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-blinker", "from_version": { "source_package_name": "blinker", "source_package_version": "1.9.0-2", "version": "1.9.0-2" }, "to_version": { "source_package_name": "blinker", "source_package_version": "1.9.0-2build1", "version": "1.9.0-2build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "blinker", "version": "1.9.0-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:39:10 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-boto3", "from_version": { "source_package_name": "python-boto3", "source_package_version": "1.40.72-1", "version": "1.40.72-1" }, "to_version": { "source_package_name": "python-boto3", "source_package_version": "1.40.72-1build1", "version": "1.40.72-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-boto3", "version": "1.40.72-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:30 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-botocore", "from_version": { "source_package_name": "python-botocore", "source_package_version": "1.40.72+repack-1", "version": "1.40.72+repack-1" }, "to_version": { "source_package_name": "python-botocore", "source_package_version": "1.40.72+repack-1build1", "version": "1.40.72+repack-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-botocore", "version": "1.40.72+repack-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:38 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-certifi", "from_version": { "source_package_name": "python-certifi", "source_package_version": "2025.11.12+ds-1", "version": "2025.11.12+ds-1" }, "to_version": { "source_package_name": "python-certifi", "source_package_version": "2025.11.12+ds-1build1", "version": "2025.11.12+ds-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-certifi", "version": "2025.11.12+ds-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:46 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-dateutil", "from_version": { "source_package_name": "python-dateutil", "source_package_version": "2.9.0-4", "version": "2.9.0-4" }, "to_version": { "source_package_name": "python-dateutil", "source_package_version": "2.9.0-4build1", "version": "2.9.0-4build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-dateutil", "version": "2.9.0-4build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:52:12 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-hamcrest", "from_version": { "source_package_name": "pyhamcrest", "source_package_version": "2.1.0-1", "version": "2.1.0-1" }, "to_version": { "source_package_name": "pyhamcrest", "source_package_version": "2.1.0-3", "version": "2.1.0-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Drop obsolete python3-setuptools build-dep, this build with \"hatch\"", " * Bump Standards-Version to 4.7.3, drop Priority: tag", " * Rewrite d/watch in v5 format", " * Salsa: Disable useless jobs & use canonical filename for config", "" ], "package": "pyhamcrest", "version": "2.1.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Alexandre Detiste ", "date": "Thu, 01 Jan 2026 18:22:42 +0100" }, { "cves": [], "log": [ "", " * Team upload.", " * Use `asyncio.new_event_loop` in tests for compatibility with Python 3.14", " (closes: #1123171).", " * Switch to autopkgtest-pkg-pybuild.", " * Explicitly select unittest runner.", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", "" ], "package": "pyhamcrest", "version": "2.1.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 01 Jan 2026 16:50:48 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-inflect", "from_version": { "source_package_name": "python-inflect", "source_package_version": "7.5.0-1", "version": "7.5.0-1" }, "to_version": { "source_package_name": "python-inflect", "source_package_version": "7.5.0-1build1", "version": "7.5.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-inflect", "version": "7.5.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:53:27 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-jwt", "from_version": { "source_package_name": "pyjwt", "source_package_version": "2.10.1-3", "version": "2.10.1-3" }, "to_version": { "source_package_name": "pyjwt", "source_package_version": "2.10.1-3build1", "version": "2.10.1-3build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "pyjwt", "version": "2.10.1-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:49:47 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-lazr.uri", "from_version": { "source_package_name": "lazr.uri", "source_package_version": "1.0.6-7", "version": "1.0.6-7" }, "to_version": { "source_package_name": "lazr.uri", "source_package_version": "1.0.6-7build1", "version": "1.0.6-7build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "lazr.uri", "version": "1.0.6-7build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 23 Dec 2025 14:03:54 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-oauthlib", "from_version": { "source_package_name": "python-oauthlib", "source_package_version": "3.3.1-1", "version": "3.3.1-1" }, "to_version": { "source_package_name": "python-oauthlib", "source_package_version": "3.3.1-1build1", "version": "3.3.1-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-oauthlib", "version": "3.3.1-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:53:42 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-packaging", "from_version": { "source_package_name": "python-packaging", "source_package_version": "25.0-1", "version": "25.0-1" }, "to_version": { "source_package_name": "python-packaging", "source_package_version": "25.0-2", "version": "25.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", "", " [ Helmut Grohne ]", " * Mark all packages M-A: foreign (closes: #1122261).", "" ], "package": "python-packaging", "version": "25.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Tue, 30 Dec 2025 01:55:09 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-passlib", "from_version": { "source_package_name": "python-passlib", "source_package_version": "1.7.4-6ubuntu1", "version": "1.7.4-6ubuntu1" }, "to_version": { "source_package_name": "python-passlib", "source_package_version": "1.9.3-1ubuntu1", "version": "1.9.3-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * Merge from Debian unstable. Remaining changes:", " [ Simon Quigley ]", " - Demote the runtime dependency on python3-legacycrypt to Suggests,", " to temporarily fix the component mismatch.", "" ], "package": "python-passlib", "version": "1.9.3-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Rik Mills ", "date": "Sun, 21 Dec 2025 20:12:18 +0000" }, { "cves": [], "log": [ "", " * Team upload.", " * New upstream version 1.9.3. Closes: #1120188.", " * Change upstream. Closes: #1099184.", " * Standards-Version 4.7.2, no change", " * Drop all patches", " * Update Depends, add !nocheck build profile where applicable", " * Builds docs with sphinx", "" ], "package": "python-passlib", "version": "1.9.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jérémy Lal ", "date": "Sat, 06 Dec 2025 17:33:13 +0100" }, { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-passlib", "version": "1.7.4-6ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:55:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pexpect", "from_version": { "source_package_name": "pexpect", "source_package_version": "4.9-3", "version": "4.9-3" }, "to_version": { "source_package_name": "pexpect", "source_package_version": "4.9-4", "version": "4.9-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Tests: Avoid the multiprocessing forkserver method (closes: #1123159).", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", "" ], "package": "pexpect", "version": "4.9-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 01 Jan 2026 18:34:44 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pyparsing", "from_version": { "source_package_name": "pyparsing", "source_package_version": "3.1.3-1", "version": "3.1.3-1" }, "to_version": { "source_package_name": "pyparsing", "source_package_version": "3.1.3-1build1", "version": "3.1.3-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "pyparsing", "version": "3.1.3-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:49:29 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-s3transfer", "from_version": { "source_package_name": "python-s3transfer", "source_package_version": "0.14.0-1", "version": "0.14.0-1" }, "to_version": { "source_package_name": "python-s3transfer", "source_package_version": "0.14.0-1build1", "version": "0.14.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-s3transfer", "version": "0.14.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:54:23 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-six", "from_version": { "source_package_name": "six", "source_package_version": "1.17.0-2", "version": "1.17.0-2" }, "to_version": { "source_package_name": "six", "source_package_version": "1.17.0-2build1", "version": "1.17.0-2build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "six", "version": "1.17.0-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:58:07 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-software-properties", "from_version": { "source_package_name": "software-properties", "source_package_version": "0.118", "version": "0.118" }, "to_version": { "source_package_name": "software-properties", "source_package_version": "0.119", "version": "0.119" }, "cves": [], "launchpad_bugs_fixed": [ 2136009 ], "changes": [ { "cves": [], "log": [ "", " * gtk: Add X11 fallback for dialog hinting (LP: #2136009).", "" ], "package": "software-properties", "version": "0.119", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136009 ], "author": "Charles ", "date": "Tue, 16 Dec 2025 16:35:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-twisted", "from_version": { "source_package_name": "twisted", "source_package_version": "25.5.0-4", "version": "25.5.0-4" }, "to_version": { "source_package_name": "twisted", "source_package_version": "25.5.0-5", "version": "25.5.0-5" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Backport upstream fixes for Python 3.14 (closes: #1122044).", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", "" ], "package": "twisted", "version": "25.5.0-5", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Wed, 10 Dec 2025 11:41:58 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-typeguard", "from_version": { "source_package_name": "python-typeguard", "source_package_version": "4.4.2-1", "version": "4.4.2-1" }, "to_version": { "source_package_name": "python-typeguard", "source_package_version": "4.4.4-1build1", "version": "4.4.4-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-typeguard", "version": "4.4.4-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:54:30 -0500" }, { "cves": [], "log": [ "", " * Team upload.", " * New upstream release.", "" ], "package": "python-typeguard", "version": "4.4.4-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 18 Aug 2025 15:37:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-typing-extensions", "from_version": { "source_package_name": "python-typing-extensions", "source_package_version": "4.15.0-1ubuntu1", "version": "4.15.0-1ubuntu1" }, "to_version": { "source_package_name": "python-typing-extensions", "source_package_version": "4.15.0-2", "version": "4.15.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix test on Python 3.14 (closes: #1123325).", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", " * Standards-Version: 4.7.2.", "" ], "package": "python-typing-extensions", "version": "4.15.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Wed, 17 Dec 2025 00:12:02 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-yaml", "from_version": { "source_package_name": "pyyaml", "source_package_version": "6.0.2-2", "version": "6.0.2-2" }, "to_version": { "source_package_name": "pyyaml", "source_package_version": "6.0.3-1", "version": "6.0.3-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 6.0.3", " * d/control: standards-version 4.7.3, drop rules-requires-root", " * d/patches: drop distutils patch (obsolete), re-enable fatal_test_failures for legacy testsuite", " * d/watch: upgrade to version 5", "" ], "package": "pyyaml", "version": "6.0.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Gordon Ball ", "date": "Sun, 28 Dec 2025 00:52:19 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-zipp", "from_version": { "source_package_name": "python-zipp", "source_package_version": "3.23.0-1", "version": "3.23.0-1" }, "to_version": { "source_package_name": "python-zipp", "source_package_version": "3.23.0-1build1", "version": "3.23.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-zipp", "version": "3.23.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:55:03 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-zope.interface", "from_version": { "source_package_name": "zope.interface", "source_package_version": "8.1-1", "version": "8.1-1" }, "to_version": { "source_package_name": "zope.interface", "source_package_version": "8.1.1-1", "version": "8.1.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * d/watch:", " - Upgrade to v5.", " - Exclude pre-releases.", " * New upstream release.", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", "" ], "package": "zope.interface", "version": "8.1.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 01 Jan 2026 18:46:29 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "sensible-utils", "from_version": { "source_package_name": "sensible-utils", "source_package_version": "0.0.26", "version": "0.0.26" }, "to_version": { "source_package_name": "sensible-utils", "source_package_version": "0.0.26build1", "version": "0.0.26build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "sensible-utils", "version": "0.0.26build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:57:59 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "software-properties-common", "from_version": { "source_package_name": "software-properties", "source_package_version": "0.118", "version": "0.118" }, "to_version": { "source_package_name": "software-properties", "source_package_version": "0.119", "version": "0.119" }, "cves": [], "launchpad_bugs_fixed": [ 2136009 ], "changes": [ { "cves": [], "log": [ "", " * gtk: Add X11 fallback for dialog hinting (LP: #2136009).", "" ], "package": "software-properties", "version": "0.119", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136009 ], "author": "Charles ", "date": "Tue, 16 Dec 2025 16:35:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "tzdata", "from_version": { "source_package_name": "tzdata", "source_package_version": "2025b-5ubuntu1", "version": "2025b-5ubuntu1" }, "to_version": { "source_package_name": "tzdata", "source_package_version": "2025c-3ubuntu1", "version": "2025c-3ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable. Remaining changes:", " - Ship 2025b ICU timezone data which are utilized by PHP in tzdata-icu", " - Add autopkgtest test case for ICU timezone data", " - Point Vcs-Browser/Git to Launchpad", "" ], "package": "tzdata", "version": "2025c-3ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Thu, 18 Dec 2025 17:56:18 +0100" }, { "cves": [], "log": [ "", " * Also remove /etc/timezone on upgrades from Ubuntu 25.10 \"questing\" older", "" ], "package": "tzdata", "version": "2025c-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Thu, 18 Dec 2025 16:55:15 +0100" }, { "cves": [], "log": [ "", " * Remove /etc/timezone on upgrade (Closes: #605834, #813226, #822733)", "" ], "package": "tzdata", "version": "2025c-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Mon, 15 Dec 2025 23:51:19 +0100" }, { "cves": [], "log": [ "", " * New upstream version 2025c", " * Update French debconf translation.", " Thanks to Baptiste Jammet (Closes: #1118004)", " * Drop No-leap-second-on-2025-12-31.patch (merged upstream)", " * Update Swedish debconf translation.", " Thanks to Martin Bagge (Closes: #1122575)", " * debian/control: drop Rules-Requires-Root field, now obsolete", " * debian/watch: update to version 5", " * Add autopkgtest test case for 2025c release", "" ], "package": "tzdata", "version": "2025c-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Thu, 11 Dec 2025 20:40:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-kernel-accessories", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-minimal", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-server", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-standard", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "xz-utils", "from_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.1-2", "version": "5.8.1-2" }, "to_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.2-1", "version": "5.8.2-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Import 5.8.2", " - Add a workaround for Red Hat Enterprise Linux 9 kernel bug", " (Closes: #1121085).", "" ], "package": "xz-utils", "version": "5.8.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sebastian Andrzej Siewior ", "date": "Fri, 26 Dec 2025 19:52:09 +0100" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "libgraphite2-3:riscv64", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "graphite2", "source_package_version": "1.3.14-2ubuntu1", "version": "1.3.14-2ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2069722 ], "changes": [ { "cves": [], "log": [ "", " * Fix autopkgtests following dpkg changes (LP: #2069722)", "" ], "package": "graphite2", "version": "1.3.14-2ubuntu1", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2069722 ], "author": "Alessandro Astone ", "date": "Fri, 21 Jun 2024 10:24:15 +0200" }, { "cves": [], "log": [ "", " * No change rebuild for 64-bit time_t and frame pointers.", "" ], "package": "graphite2", "version": "1.3.14-2build1", "urgency": "high", "distributions": "noble", "launchpad_bugs_fixed": [], "author": "Julian Andres Klode ", "date": "Mon, 08 Apr 2024 17:58:36 +0200" }, { "cves": [], "log": [ "", " [ Debian Janitor ]", " * Use secure URI in Homepage field.", " * Update standards version to 4.5.0, no changes needed.", " * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,", " Repository-Browse.", " * Remove constraints unnecessary since stretch:", " + Build-Depends: Drop versioned constraint on dh-exec.", " * Remove constraints unnecessary since buster (oldstable):", " + Build-Depends: Drop versioned constraint on dpkg-dev and python3.", "", " [ Rene Engelhard ]", " * debian/patches/do-not-require-future.diff: as name says", " (closes: #1058584)", " * debian/patches/spell-out-lesser-and-greater.diff,", " debian/patches/no-explicit-dot-font-settings.diff,", " debian/patches/explicit-pdflatex.diff: fix documentation build", " (closes: #1052740)", "" ], "package": "graphite2", "version": "1.3.14-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Rene Engelhard ", "date": "Sun, 24 Dec 2023 11:38:53 +0100" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false }, { "name": "libharfbuzz0b:riscv64", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "harfbuzz", "source_package_version": "12.2.0-1", "version": "12.2.0-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release", " * d/control: drop dh-sequence-movetousr from build-deps (Closes: #1122764)", "" ], "package": "harfbuzz", "version": "12.2.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Fri, 12 Dec 2025 17:49:44 +0100" }, { "cves": [], "log": [ "", " * New upstream release", " * Drop redundant Rules-Requires-Root field", " * d/libharfbuzz0b.symbols: update symbols", "" ], "package": "harfbuzz", "version": "12.1.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Wed, 01 Oct 2025 16:54:22 +0200" }, { "cves": [], "log": [ "", " * New upstream release", " * d/libharfbuzz-gobject0.lintian-overrides: add wildcards for arch & lib", " version", " * d/control: update build-dep: libgirepository1.0-dev =>", " gobject-introspection (>= 1.80)", "" ], "package": "harfbuzz", "version": "11.5.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Wed, 17 Sep 2025 16:13:26 +0200" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false }, { "name": "libjs-sphinxdoc", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "sphinx", "source_package_version": "8.2.3-11", "version": "8.2.3-11" }, "cves": [], "launchpad_bugs_fixed": [ 2133023 ], "changes": [ { "cves": [], "log": [ "", " * Depend on libgvplugin-neato-layout and libgvplugin-pango for the tests", " (closes: #1122119, thanks László Böszörményi).", "" ], "package": "sphinx", "version": "8.2.3-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Dmitry Shachnev ", "date": "Sun, 07 Dec 2025 20:20:57 +0300" }, { "cves": [], "log": [ "", " * Backport upstream commits to fix tests with Python 3.14 (LP: #2133023).", "" ], "package": "sphinx", "version": "8.2.3-10", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2133023 ], "author": "Dmitry Shachnev ", "date": "Wed, 26 Nov 2025 20:54:23 +0300" }, { "cves": [], "log": [ "", " * Backport upstream patch to fix PDF build of French documents with", " footnotes (closes: #1114478).", "" ], "package": "sphinx", "version": "8.2.3-9", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Dmitry Shachnev ", "date": "Sat, 15 Nov 2025 15:07:35 +0300" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 26.04 resolute image from daily image serial 20251216 to 20251219", "from_series": "resolute", "to_series": "resolute", "from_serial": "20251216", "to_serial": "20251219", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }