{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "amd64-microcode", "apport", "apport-core-dump-handler", "cloud-init", "libpam-modules", "libpam-modules-bin", "libpam-runtime", "libpam-systemd", "libpam0g", "libpython3.12-minimal", "libpython3.12-stdlib", "libsystemd-shared", "libsystemd0", "libudev1", "openssh-client", "openssh-server", "openssh-sftp-server", "python3-apport", "python3-problem-report", "python3-requests", "python3.12", "python3.12-minimal", "systemd", "systemd-dev", "systemd-resolved", "systemd-sysv", "systemd-timesyncd", "udev" ] } }, "diff": { "deb": [ { "name": "amd64-microcode", "from_version": { "source_package_name": "amd64-microcode", "source_package_version": "3.20231019.1ubuntu2.1", "version": "3.20231019.1ubuntu2.1" }, "to_version": { "source_package_name": "amd64-microcode", "source_package_version": "3.20250311.1ubuntu0.24.04.1", "version": "3.20250311.1ubuntu0.24.04.1" }, "cves": [ { "cve": "CVE-2024-56161", "url": "https://ubuntu.com/security/CVE-2024-56161", "cve_description": "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.", "cve_priority": "medium", "cve_public_date": "2025-02-03 18:15:00 UTC" }, { "cve": "CVE-2023-20584", "url": "https://ubuntu.com/security/CVE-2023-20584", "cve_description": "IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.", "cve_priority": "medium", "cve_public_date": "2024-08-13 17:15:00 UTC" }, { "cve": "CVE-2023-31356", "url": "https://ubuntu.com/security/CVE-2023-31356", "cve_description": "Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.", "cve_priority": "medium", "cve_public_date": "2024-08-13 17:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-56161", "url": "https://ubuntu.com/security/CVE-2024-56161", "cve_description": "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.", "cve_priority": "medium", "cve_public_date": "2025-02-03 18:15:00 UTC" }, { "cve": "CVE-2023-20584", "url": "https://ubuntu.com/security/CVE-2023-20584", "cve_description": "IOMMU improperly handles certain special address ranges with invalid device table entries (DTEs), which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest integrity.", "cve_priority": "medium", "cve_public_date": "2024-08-13 17:15:00 UTC" }, { "cve": "CVE-2023-31356", "url": "https://ubuntu.com/security/CVE-2023-31356", "cve_description": "Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity.", "cve_priority": "medium", "cve_public_date": "2024-08-13 17:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Update package data from linux-firmware 20250311", " - New AMD microcodes (20241121):", " Family=0x17 Model=0x60 Stepping=0x01: Patch=0x0860010d", " Family=0x17 Model=0x68 Stepping=0x01: Patch=0x08608108", " Family=0x17 Model=0x71 Stepping=0x00: Patch=0x08701034", " Family=0x19 Model=0x08 Stepping=0x02: Patch=0x0a00820c", " Family=0x19 Model=0x18 Stepping=0x01: Patch=0x0a108108", " Family=0x19 Model=0x21 Stepping=0x00: Patch=0x0a20102d", " Family=0x19 Model=0x21 Stepping=0x02: Patch=0x0a201210", " Family=0x19 Model=0x44 Stepping=0x01: Patch=0x0a404107", " Family=0x19 Model=0x50 Stepping=0x00: Patch=0x0a500011", " Family=0x19 Model=0x61 Stepping=0x02: Patch=0x0a601209", " Family=0x19 Model=0x74 Stepping=0x01: Patch=0x0a704107", " Family=0x19 Model=0x75 Stepping=0x02: Patch=0x0a705206", " Family=0x19 Model=0x78 Stepping=0x00: Patch=0x0a708007", " Family=0x19 Model=0x7c Stepping=0x00: Patch=0x0a70c005", " - Updated microcodes:", " Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a0000a", " - New SEV firmware (20250221):", " Family 19h models a0h-afh: version 1.55 build 39", " Family 1ah models 00h-0fh: version 1.55 build 54", " - Updated SEV firmware:", " Family 17h models 30h-3fh: version 0.24 build 20", " Family 19h models 00h-0fh: version 1.55 build 29", " Family 19h models 10h-1fh: version 1.55 build 39", " - CVE-2024-56161 (AMD-SB-3019)", " Update remote attestation to be compatible with AMD systems with", " up-to-date firmware (i.e. which fixes \"EntrySign\"), and update", " AMD-SEV for AMD-SB-3019 mitigations.", " - CVE-2023-20584 (AMD-SB-3003)", " IOMMU improperly handles certain special address ranges with", " invalid device table entries (DTEs), which may allow an attacker", " with privileges and a compromised Hypervisor to induce DTE faults", " to bypass RMP checks in SEV-SNP, potentially leading to a loss of", " guest integrity.", " - CVE-2023-31356 (AMD-SB-3003)", " Incomplete system memory cleanup in SEV firmware could allow a", " privileged attacker to corrupt guest private memory, potentially", " resulting in a loss of data integrity.", " * Adds amdtee firmware", " * Remaining changes:", " - initramfs-tools hook (debian/initramfs.hook):", " + Default to 'early' instead of 'auto' when building with", " MODULES=most", " + Do not override preset defaults from auto-exported conf", " snippets loaded by initramfs-tools.", "" ], "package": "amd64-microcode", "version": "3.20250311.1ubuntu0.24.04.1", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Eduardo Barretto ", "date": "Wed, 28 May 2025 18:22:22 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "apport", "from_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.6", "version": "2.28.1-0ubuntu3.6" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.7", "version": "2.28.1-0ubuntu3.7" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.28.1-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 15:59:08 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "apport-core-dump-handler", "from_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.6", "version": "2.28.1-0ubuntu3.6" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.7", "version": "2.28.1-0ubuntu3.7" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.28.1-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 15:59:08 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-init", "from_version": { "source_package_name": "cloud-init", "source_package_version": "24.4.1-0ubuntu0~24.04.3", "version": "24.4.1-0ubuntu0~24.04.3" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "25.1.2-0ubuntu0~24.04.1", "version": "25.1.2-0ubuntu0~24.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2104165, 2100963 ], "changes": [ { "cves": [], "log": [ "", " * Upstream snapshot based on 25.1.2. (LP: #2104165).", " List of changes from upstream can be found at", " https://raw.githubusercontent.com/canonical/cloud-init/25.1.2/ChangeLog", "" ], "package": "cloud-init", "version": "25.1.2-0ubuntu0~24.04.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2104165 ], "author": "James Falcon ", "date": "Mon, 19 May 2025 15:00:58 -0500" }, { "cves": [], "log": [ "", " * Drop cpicks which are now upstream:", " - cpick-d75840be-fix-retry-AWS-hotplug-for-async-IMDS-5995", " - cpick-84806336-chore-Add-feature-flag-for-manual-network-waiting", " - d/p/cpick-c60771d8-test-pytestify-test_url_helper.py", " - d/p/cpick-8810a2dc-test-Remove-CiTestCase-from-test_url_helper.py", " - d/p/cpick-582f16c1-test-add-OauthUrlHelper-tests", " - d/p/cpick-9311e066-fix-Update-OauthUrlHelper-to-use-readurl-exception_cb", " * refresh patches", " - d/p/deprecation-version-boundary.patch", " - d/p/grub-dpkg-support.patch", " - d/p/no-nocloud-network.patch", " - d/p/no-single-process.patch", " * sort hunks within all patches (--sort on quilt refresh)", " * Upstream snapshot based on 25.1.1.", " List of changes from upstream can be found at", " https://raw.githubusercontent.com/canonical/cloud-init/25.1.1/ChangeLog", "" ], "package": "cloud-init", "version": "25.1.1-0ubuntu1~24.04.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [], "author": "Chad Smith ", "date": "Tue, 25 Mar 2025 11:02:28 -0600" }, { "cves": [], "log": [ "", " * cherry-pick fixes for MAAS traceback (LP: #2100963)", " - cherry-pick c60771d8: test: pytestify test_url_helper.py", " - cherry-pick 8810a2dc: test: Remove CiTestCase from", " test_url_helper.py", " - cherry-pick 582f16c1: test: add OauthUrlHelper tests", " - cherry-pick 9311e066: fix: Update OauthUrlHelper to use readurl", " exception_cb", "" ], "package": "cloud-init", "version": "24.4.1-0ubuntu0~20.04.2", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2100963 ], "author": "James Falcon ", "date": "Thu, 13 Mar 2025 11:28:57 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam-modules", "from_version": { "source_package_name": "pam", "source_package_version": "1.5.3-5ubuntu5.1", "version": "1.5.3-5ubuntu5.1" }, "to_version": { "source_package_name": "pam", "source_package_version": "1.5.3-5ubuntu5.4", "version": "1.5.3-5ubuntu5.4" }, "cves": [ { "cve": "CVE-2025-6020", "url": "https://ubuntu.com/security/CVE-2025-6020", "cve_description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "cve_priority": "medium", "cve_public_date": "2025-06-17 13:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2087827 ], "changes": [ { "cves": [ { "cve": "CVE-2025-6020", "url": "https://ubuntu.com/security/CVE-2025-6020", "cve_description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "cve_priority": "medium", "cve_public_date": "2025-06-17 13:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: privilege escalation via pam_namespace", " - debian/patches/pam_namespace_170.patch: sync pam_namespace module to", " version 1.7.0.", " - debian/patches/pam_namespace_post170-*.patch: add post-1.7.0 changes", " from upstream git tree.", " - debian/patches/pam_namespace_revert_abi.patch: revert ABI change to", " prevent unintended issues in running daemons.", " - debian/patches/CVE-2025-6020-1.patch: fix potential privilege", " escalation.", " - debian/patches/CVE-2025-6020-2.patch: add flags to indicate path", " safety.", " - debian/patches/CVE-2025-6020-3.patch: secure_opendir: do not look at", " the group ownership.", " - debian/patches/pam_namespace_o_directory.patch: removed, included in", " patch cluster above.", " - CVE-2025-6020", "" ], "package": "pam", "version": "1.5.3-5ubuntu5.4", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 12 Jun 2025 10:45:28 -0400" }, { "cves": [], "log": [ "", " * d/p/031_pam_include: fix loading from /usr/lib/pam.d (LP: #2087827)", "" ], "package": "pam", "version": "1.5.3-5ubuntu5.2", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2087827 ], "author": "Simon Chopin ", "date": "Mon, 26 May 2025 16:34:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam-modules-bin", "from_version": { "source_package_name": "pam", "source_package_version": "1.5.3-5ubuntu5.1", "version": "1.5.3-5ubuntu5.1" }, "to_version": { "source_package_name": "pam", "source_package_version": "1.5.3-5ubuntu5.4", "version": "1.5.3-5ubuntu5.4" }, "cves": [ { "cve": "CVE-2025-6020", "url": "https://ubuntu.com/security/CVE-2025-6020", "cve_description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "cve_priority": "medium", "cve_public_date": "2025-06-17 13:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2087827 ], "changes": [ { "cves": [ { "cve": "CVE-2025-6020", "url": "https://ubuntu.com/security/CVE-2025-6020", "cve_description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "cve_priority": "medium", "cve_public_date": "2025-06-17 13:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: privilege escalation via pam_namespace", " - debian/patches/pam_namespace_170.patch: sync pam_namespace module to", " version 1.7.0.", " - debian/patches/pam_namespace_post170-*.patch: add post-1.7.0 changes", " from upstream git tree.", " - debian/patches/pam_namespace_revert_abi.patch: revert ABI change to", " prevent unintended issues in running daemons.", " - debian/patches/CVE-2025-6020-1.patch: fix potential privilege", " escalation.", " - debian/patches/CVE-2025-6020-2.patch: add flags to indicate path", " safety.", " - debian/patches/CVE-2025-6020-3.patch: secure_opendir: do not look at", " the group ownership.", " - debian/patches/pam_namespace_o_directory.patch: removed, included in", " patch cluster above.", " - CVE-2025-6020", "" ], "package": "pam", "version": "1.5.3-5ubuntu5.4", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 12 Jun 2025 10:45:28 -0400" }, { "cves": [], "log": [ "", " * d/p/031_pam_include: fix loading from /usr/lib/pam.d (LP: #2087827)", "" ], "package": "pam", "version": "1.5.3-5ubuntu5.2", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2087827 ], "author": "Simon Chopin ", "date": "Mon, 26 May 2025 16:34:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam-runtime", "from_version": { "source_package_name": "pam", "source_package_version": "1.5.3-5ubuntu5.1", "version": "1.5.3-5ubuntu5.1" }, "to_version": { "source_package_name": "pam", "source_package_version": "1.5.3-5ubuntu5.4", "version": "1.5.3-5ubuntu5.4" }, "cves": [ { "cve": "CVE-2025-6020", "url": "https://ubuntu.com/security/CVE-2025-6020", "cve_description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "cve_priority": "medium", "cve_public_date": "2025-06-17 13:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2087827 ], "changes": [ { "cves": [ { "cve": "CVE-2025-6020", "url": "https://ubuntu.com/security/CVE-2025-6020", "cve_description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "cve_priority": "medium", "cve_public_date": "2025-06-17 13:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: privilege escalation via pam_namespace", " - debian/patches/pam_namespace_170.patch: sync pam_namespace module to", " version 1.7.0.", " - debian/patches/pam_namespace_post170-*.patch: add post-1.7.0 changes", " from upstream git tree.", " - debian/patches/pam_namespace_revert_abi.patch: revert ABI change to", " prevent unintended issues in running daemons.", " - debian/patches/CVE-2025-6020-1.patch: fix potential privilege", " escalation.", " - debian/patches/CVE-2025-6020-2.patch: add flags to indicate path", " safety.", " - debian/patches/CVE-2025-6020-3.patch: secure_opendir: do not look at", " the group ownership.", " - debian/patches/pam_namespace_o_directory.patch: removed, included in", " patch cluster above.", " - CVE-2025-6020", "" ], "package": "pam", "version": "1.5.3-5ubuntu5.4", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 12 Jun 2025 10:45:28 -0400" }, { "cves": [], "log": [ "", " * d/p/031_pam_include: fix loading from /usr/lib/pam.d (LP: #2087827)", "" ], "package": "pam", "version": "1.5.3-5ubuntu5.2", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2087827 ], "author": "Simon Chopin ", "date": "Mon, 26 May 2025 16:34:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam-systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam0g", "from_version": { "source_package_name": "pam", "source_package_version": "1.5.3-5ubuntu5.1", "version": "1.5.3-5ubuntu5.1" }, "to_version": { "source_package_name": "pam", "source_package_version": "1.5.3-5ubuntu5.4", "version": "1.5.3-5ubuntu5.4" }, "cves": [ { "cve": "CVE-2025-6020", "url": "https://ubuntu.com/security/CVE-2025-6020", "cve_description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "cve_priority": "medium", "cve_public_date": "2025-06-17 13:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2087827 ], "changes": [ { "cves": [ { "cve": "CVE-2025-6020", "url": "https://ubuntu.com/security/CVE-2025-6020", "cve_description": "A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.", "cve_priority": "medium", "cve_public_date": "2025-06-17 13:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: privilege escalation via pam_namespace", " - debian/patches/pam_namespace_170.patch: sync pam_namespace module to", " version 1.7.0.", " - debian/patches/pam_namespace_post170-*.patch: add post-1.7.0 changes", " from upstream git tree.", " - debian/patches/pam_namespace_revert_abi.patch: revert ABI change to", " prevent unintended issues in running daemons.", " - debian/patches/CVE-2025-6020-1.patch: fix potential privilege", " escalation.", " - debian/patches/CVE-2025-6020-2.patch: add flags to indicate path", " safety.", " - debian/patches/CVE-2025-6020-3.patch: secure_opendir: do not look at", " the group ownership.", " - debian/patches/pam_namespace_o_directory.patch: removed, included in", " patch cluster above.", " - CVE-2025-6020", "" ], "package": "pam", "version": "1.5.3-5ubuntu5.4", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 12 Jun 2025 10:45:28 -0400" }, { "cves": [], "log": [ "", " * d/p/031_pam_include: fix loading from /usr/lib/pam.d (LP: #2087827)", "" ], "package": "pam", "version": "1.5.3-5ubuntu5.2", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2087827 ], "author": "Simon Chopin ", "date": "Mon, 26 May 2025 16:34:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.12-minimal", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.5", "version": "3.12.3-1ubuntu0.5" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.6", "version": "3.12.3-1ubuntu0.6" }, "cves": [ { "cve": "CVE-2025-1795", "url": "https://ubuntu.com/security/CVE-2025-1795", "cve_description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "cve_priority": "low", "cve_public_date": "2025-02-28 19:15:00 UTC" }, { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-1795", "url": "https://ubuntu.com/security/CVE-2025-1795", "cve_description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "cve_priority": "low", "cve_public_date": "2025-02-28 19:15:00 UTC" }, { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: incorrect address list folding", " - debian/patches/CVE-2025-1795-2.patch: fix AttributeError in the email", " module in Lib/email/_header_value_parser.py,", " Lib/test/test_email/test__header_value_parser.py.", " - CVE-2025-1795", " * SECURITY UPDATE: DoS via bytes.decode with unicode_escape", " - debian/patches/CVE-2025-4516.patch: fix use-after-free in the", " unicode-escape decoder with an error handler in", " Include/cpython/bytesobject.h, Include/cpython/unicodeobject.h,", " Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,", " Objects/bytesobject.c, Objects/unicodeobject.c,", " Parser/string_parser.c.", " - CVE-2025-4516", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.6", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 May 2025 14:50:19 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.12-stdlib", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.5", "version": "3.12.3-1ubuntu0.5" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.6", "version": "3.12.3-1ubuntu0.6" }, "cves": [ { "cve": "CVE-2025-1795", "url": "https://ubuntu.com/security/CVE-2025-1795", "cve_description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "cve_priority": "low", "cve_public_date": "2025-02-28 19:15:00 UTC" }, { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-1795", "url": "https://ubuntu.com/security/CVE-2025-1795", "cve_description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "cve_priority": "low", "cve_public_date": "2025-02-28 19:15:00 UTC" }, { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: incorrect address list folding", " - debian/patches/CVE-2025-1795-2.patch: fix AttributeError in the email", " module in Lib/email/_header_value_parser.py,", " Lib/test/test_email/test__header_value_parser.py.", " - CVE-2025-1795", " * SECURITY UPDATE: DoS via bytes.decode with unicode_escape", " - debian/patches/CVE-2025-4516.patch: fix use-after-free in the", " unicode-escape decoder with an error handler in", " Include/cpython/bytesobject.h, Include/cpython/unicodeobject.h,", " Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,", " Objects/bytesobject.c, Objects/unicodeobject.c,", " Parser/string_parser.c.", " - CVE-2025-4516", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.6", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 May 2025 14:50:19 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsystemd-shared", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsystemd0", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libudev1", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-client", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.11", "version": "1:9.6p1-3ubuntu13.11" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.12", "version": "1:9.6p1-3ubuntu13.12" }, "cves": [], "launchpad_bugs_fixed": [ 2069041 ], "changes": [ { "cves": [], "log": [ "", " * d/p/sshd-socket-generator.patch: add note to sshd_config", " Explain that a systemctl daemon-reload is needed for changes", " to Port et al to take effect.", " (LP: #2069041)", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.12", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2069041 ], "author": "Nick Rosbrook ", "date": "Tue, 29 Apr 2025 10:57:04 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-server", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.11", "version": "1:9.6p1-3ubuntu13.11" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.12", "version": "1:9.6p1-3ubuntu13.12" }, "cves": [], "launchpad_bugs_fixed": [ 2069041 ], "changes": [ { "cves": [], "log": [ "", " * d/p/sshd-socket-generator.patch: add note to sshd_config", " Explain that a systemctl daemon-reload is needed for changes", " to Port et al to take effect.", " (LP: #2069041)", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.12", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2069041 ], "author": "Nick Rosbrook ", "date": "Tue, 29 Apr 2025 10:57:04 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-sftp-server", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.11", "version": "1:9.6p1-3ubuntu13.11" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.12", "version": "1:9.6p1-3ubuntu13.12" }, "cves": [], "launchpad_bugs_fixed": [ 2069041 ], "changes": [ { "cves": [], "log": [ "", " * d/p/sshd-socket-generator.patch: add note to sshd_config", " Explain that a systemctl daemon-reload is needed for changes", " to Port et al to take effect.", " (LP: #2069041)", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.12", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2069041 ], "author": "Nick Rosbrook ", "date": "Tue, 29 Apr 2025 10:57:04 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-apport", "from_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.6", "version": "2.28.1-0ubuntu3.6" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.7", "version": "2.28.1-0ubuntu3.7" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.28.1-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 15:59:08 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-problem-report", "from_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.6", "version": "2.28.1-0ubuntu3.6" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.7", "version": "2.28.1-0ubuntu3.7" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.28.1-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 15:59:08 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-requests", "from_version": { "source_package_name": "requests", "source_package_version": "2.31.0+dfsg-1ubuntu1", "version": "2.31.0+dfsg-1ubuntu1" }, "to_version": { "source_package_name": "requests", "source_package_version": "2.31.0+dfsg-1ubuntu1.1", "version": "2.31.0+dfsg-1ubuntu1.1" }, "cves": [ { "cve": "CVE-2024-47081", "url": "https://ubuntu.com/security/CVE-2024-47081", "cve_description": "Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.", "cve_priority": "medium", "cve_public_date": "2025-06-09 18:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-47081", "url": "https://ubuntu.com/security/CVE-2024-47081", "cve_description": "Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.", "cve_priority": "medium", "cve_public_date": "2025-06-09 18:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Information Leak", " - debian/patches/CVE-2024-47081.patch: Only use hostname to do netrc", " lookup instead of netloc", " - CVE-2024-47081", " * Skip Test", " - skip-failing-zip-test.patch: Skip failing zip test", "" ], "package": "requests", "version": "2.31.0+dfsg-1ubuntu1.1", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Bruce Cable ", "date": "Thu, 12 Jun 2025 11:19:32 +1000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.12", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.5", "version": "3.12.3-1ubuntu0.5" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.6", "version": "3.12.3-1ubuntu0.6" }, "cves": [ { "cve": "CVE-2025-1795", "url": "https://ubuntu.com/security/CVE-2025-1795", "cve_description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "cve_priority": "low", "cve_public_date": "2025-02-28 19:15:00 UTC" }, { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-1795", "url": "https://ubuntu.com/security/CVE-2025-1795", "cve_description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "cve_priority": "low", "cve_public_date": "2025-02-28 19:15:00 UTC" }, { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: incorrect address list folding", " - debian/patches/CVE-2025-1795-2.patch: fix AttributeError in the email", " module in Lib/email/_header_value_parser.py,", " Lib/test/test_email/test__header_value_parser.py.", " - CVE-2025-1795", " * SECURITY UPDATE: DoS via bytes.decode with unicode_escape", " - debian/patches/CVE-2025-4516.patch: fix use-after-free in the", " unicode-escape decoder with an error handler in", " Include/cpython/bytesobject.h, Include/cpython/unicodeobject.h,", " Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,", " Objects/bytesobject.c, Objects/unicodeobject.c,", " Parser/string_parser.c.", " - CVE-2025-4516", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.6", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 May 2025 14:50:19 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.12-minimal", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.5", "version": "3.12.3-1ubuntu0.5" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.6", "version": "3.12.3-1ubuntu0.6" }, "cves": [ { "cve": "CVE-2025-1795", "url": "https://ubuntu.com/security/CVE-2025-1795", "cve_description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "cve_priority": "low", "cve_public_date": "2025-02-28 19:15:00 UTC" }, { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-1795", "url": "https://ubuntu.com/security/CVE-2025-1795", "cve_description": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.", "cve_priority": "low", "cve_public_date": "2025-02-28 19:15:00 UTC" }, { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: incorrect address list folding", " - debian/patches/CVE-2025-1795-2.patch: fix AttributeError in the email", " module in Lib/email/_header_value_parser.py,", " Lib/test/test_email/test__header_value_parser.py.", " - CVE-2025-1795", " * SECURITY UPDATE: DoS via bytes.decode with unicode_escape", " - debian/patches/CVE-2025-4516.patch: fix use-after-free in the", " unicode-escape decoder with an error handler in", " Include/cpython/bytesobject.h, Include/cpython/unicodeobject.h,", " Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,", " Objects/bytesobject.c, Objects/unicodeobject.c,", " Parser/string_parser.c.", " - CVE-2025-4516", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.6", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 May 2025 14:50:19 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-dev", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-resolved", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-sysv", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-timesyncd", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "udev", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 24.04 noble image from daily image serial 20250604 to 20250619", "from_series": "noble", "to_series": "noble", "from_serial": "20250604", "to_serial": "20250619", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }