{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "apport", "apport-core-dump-handler", "cloud-init", "cloud-init-base", "libpam-systemd", "libpython3.13-minimal", "libpython3.13-stdlib", "libsystemd-shared", "libsystemd0", "libudev1", "python3-apport", "python3-problem-report", "python3-requests", "python3.13", "python3.13-minimal", "systemd", "systemd-resolved", "systemd-sysv", "systemd-timesyncd", "udev" ] } }, "diff": { "deb": [ { "name": "apport", "from_version": { "source_package_name": "apport", "source_package_version": "2.32.0-0ubuntu5.1", "version": "2.32.0-0ubuntu5.1" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.32.0-0ubuntu5.2", "version": "2.32.0-0ubuntu5.2" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.32.0-0ubuntu5.2", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 16:04:27 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "apport-core-dump-handler", "from_version": { "source_package_name": "apport", "source_package_version": "2.32.0-0ubuntu5.1", "version": "2.32.0-0ubuntu5.1" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.32.0-0ubuntu5.2", "version": "2.32.0-0ubuntu5.2" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.32.0-0ubuntu5.2", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 16:04:27 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-init", "from_version": { "source_package_name": "cloud-init", "source_package_version": "25.1.1-0ubuntu2", "version": "25.1.1-0ubuntu2" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "25.1.2-0ubuntu0~25.04.1", "version": "25.1.2-0ubuntu0~25.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2104165 ], "changes": [ { "cves": [], "log": [ "", " * d/cloud-init-base.postinst: don't version-gate the migration from using", " cloud-init-base debconf values over cloud-init.", " * Upstream snapshot based on 25.1.2. (LP: #2104165).", " List of changes from upstream can be found at", " https://raw.githubusercontent.com/canonical/cloud-init/25.1.2/ChangeLog", "" ], "package": "cloud-init", "version": "25.1.2-0ubuntu0~25.04.1", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2104165 ], "author": "James Falcon ", "date": "Mon, 19 May 2025 14:20:17 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-init-base", "from_version": { "source_package_name": "cloud-init", "source_package_version": "25.1.1-0ubuntu2", "version": "25.1.1-0ubuntu2" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "25.1.2-0ubuntu0~25.04.1", "version": "25.1.2-0ubuntu0~25.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2104165 ], "changes": [ { "cves": [], "log": [ "", " * d/cloud-init-base.postinst: don't version-gate the migration from using", " cloud-init-base debconf values over cloud-init.", " * Upstream snapshot based on 25.1.2. (LP: #2104165).", " List of changes from upstream can be found at", " https://raw.githubusercontent.com/canonical/cloud-init/25.1.2/ChangeLog", "" ], "package": "cloud-init", "version": "25.1.2-0ubuntu0~25.04.1", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2104165 ], "author": "James Falcon ", "date": "Mon, 19 May 2025 14:20:17 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam-systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.13-minimal", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.3-1", "version": "3.13.3-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.3-1ubuntu0.1", "version": "3.13.3-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: DoS via bytes.decode with unicode_escape", " - debian/patches/CVE-2025-4516.patch: fix use-after-free in the", " unicode-escape decoder with an error handler in", " Include/internal/pycore_bytesobject.h,", " Include/internal/pycore_unicodeobject.h,", " Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,", " Objects/bytesobject.c, Objects/unicodeobject.c,", " Parser/string_parser.c.", " - CVE-2025-4516", "" ], "package": "python3.13", "version": "3.13.3-1ubuntu0.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 May 2025 12:21:48 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.13-stdlib", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.3-1", "version": "3.13.3-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.3-1ubuntu0.1", "version": "3.13.3-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: DoS via bytes.decode with unicode_escape", " - debian/patches/CVE-2025-4516.patch: fix use-after-free in the", " unicode-escape decoder with an error handler in", " Include/internal/pycore_bytesobject.h,", " Include/internal/pycore_unicodeobject.h,", " Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,", " Objects/bytesobject.c, Objects/unicodeobject.c,", " Parser/string_parser.c.", " - CVE-2025-4516", "" ], "package": "python3.13", "version": "3.13.3-1ubuntu0.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 May 2025 12:21:48 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsystemd-shared", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsystemd0", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libudev1", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-apport", "from_version": { "source_package_name": "apport", "source_package_version": "2.32.0-0ubuntu5.1", "version": "2.32.0-0ubuntu5.1" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.32.0-0ubuntu5.2", "version": "2.32.0-0ubuntu5.2" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.32.0-0ubuntu5.2", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 16:04:27 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-problem-report", "from_version": { "source_package_name": "apport", "source_package_version": "2.32.0-0ubuntu5.1", "version": "2.32.0-0ubuntu5.1" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.32.0-0ubuntu5.2", "version": "2.32.0-0ubuntu5.2" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.32.0-0ubuntu5.2", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 16:04:27 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-requests", "from_version": { "source_package_name": "requests", "source_package_version": "2.32.3+dfsg-4ubuntu1", "version": "2.32.3+dfsg-4ubuntu1" }, "to_version": { "source_package_name": "requests", "source_package_version": "2.32.3+dfsg-4ubuntu1.1", "version": "2.32.3+dfsg-4ubuntu1.1" }, "cves": [ { "cve": "CVE-2024-47081", "url": "https://ubuntu.com/security/CVE-2024-47081", "cve_description": "Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.", "cve_priority": "medium", "cve_public_date": "2025-06-09 18:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-47081", "url": "https://ubuntu.com/security/CVE-2024-47081", "cve_description": "Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be disabled with `trust_env=False` on one's Requests Session.", "cve_priority": "medium", "cve_public_date": "2025-06-09 18:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Information Leak", " - debian/patches/CVE-2024-47081.patch: Only use hostname to do netrc", " lookup instead of netloc", " - CVE-2024-47081", "" ], "package": "requests", "version": "2.32.3+dfsg-4ubuntu1.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Bruce Cable ", "date": "Wed, 11 Jun 2025 13:27:59 +1000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.13", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.3-1", "version": "3.13.3-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.3-1ubuntu0.1", "version": "3.13.3-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: DoS via bytes.decode with unicode_escape", " - debian/patches/CVE-2025-4516.patch: fix use-after-free in the", " unicode-escape decoder with an error handler in", " Include/internal/pycore_bytesobject.h,", " Include/internal/pycore_unicodeobject.h,", " Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,", " Objects/bytesobject.c, Objects/unicodeobject.c,", " Parser/string_parser.c.", " - CVE-2025-4516", "" ], "package": "python3.13", "version": "3.13.3-1ubuntu0.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 May 2025 12:21:48 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.13-minimal", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.3-1", "version": "3.13.3-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.3-1ubuntu0.1", "version": "3.13.3-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4516", "url": "https://ubuntu.com/security/CVE-2025-4516", "cve_description": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.", "cve_priority": "medium", "cve_public_date": "2025-05-15 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: DoS via bytes.decode with unicode_escape", " - debian/patches/CVE-2025-4516.patch: fix use-after-free in the", " unicode-escape decoder with an error handler in", " Include/internal/pycore_bytesobject.h,", " Include/internal/pycore_unicodeobject.h,", " Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,", " Objects/bytesobject.c, Objects/unicodeobject.c,", " Parser/string_parser.c.", " - CVE-2025-4516", "" ], "package": "python3.13", "version": "3.13.3-1ubuntu0.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 May 2025 12:21:48 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-resolved", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-sysv", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-timesyncd", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "udev", "from_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3", "version": "257.4-1ubuntu3" }, "to_version": { "source_package_name": "systemd", "source_package_version": "257.4-1ubuntu3.1", "version": "257.4-1ubuntu3.1" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - debian/patches/CVE_2025_4598_5.patch: coredump: add support for new %F", " PIDFD specifier.", " - debian/patches/CVE_2025_4598_6.patch: coredump: when %F/pidfd is used,", " again allow forwarding to containers.", " - CVE-2025-4598", "" ], "package": "systemd", "version": "257.4-1ubuntu3.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 10:00:26 -0300" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 25.04 plucky image from daily image serial 20250530 to 20250617", "from_series": "plucky", "to_series": "plucky", "from_serial": "20250530", "to_serial": "20250617", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }