{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "bsdutils", "fdisk", "gir1.2-glib-2.0", "libblkid1", "libfdisk1", "libglib2.0-0t64", "liblastlog2-2", "libmount1", "libpng16-16t64", "libsmartcols1", "libuuid1", "login", "mount", "python3-urllib3", "util-linux" ] } }, "diff": { "deb": [ { "name": "bsdutils", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "1:2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "1:2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "fdisk", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-glib-2.0", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.0-2", "version": "2.86.0-2" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.0-2ubuntu0.1", "version": "2.86.0-2ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: heap overflow in g_escape_uri_string()", " - debian/patches/CVE-2025-13601.patch: add overflow check in", " glib/gconvert.c.", " - CVE-2025-13601", " * SECURITY UPDATE: buffer underflow through glib/gvariant", " - debian/patches/CVE-2025-14087-1.patch: fix potential integer overflow", " parsing (byte)strings in glib/gvariant-parser.c.", " - debian/patches/CVE-2025-14087-2.patch: use size_t to count numbers of", " child elements in glib/gvariant-parser.c.", " - debian/patches/CVE-2025-14087-3.patch: convert error handling code to", " use size_t in glib/gvariant-parser.c.", " - CVE-2025-14087", " * SECURITY UPDATE: integer overflow in gfileattribute", " - debian/patches/gfileattribute-overflow.patch: add overflow check in", " gio/gfileattribute.c.", " - No CVE number", "" ], "package": "glib2.0", "version": "2.86.0-2ubuntu0.1", "urgency": "medium", "distributions": "questing-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Wed, 10 Dec 2025 10:20:04 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libblkid1", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfdisk1", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-0t64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.0-2", "version": "2.86.0-2" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.0-2ubuntu0.1", "version": "2.86.0-2ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: heap overflow in g_escape_uri_string()", " - debian/patches/CVE-2025-13601.patch: add overflow check in", " glib/gconvert.c.", " - CVE-2025-13601", " * SECURITY UPDATE: buffer underflow through glib/gvariant", " - debian/patches/CVE-2025-14087-1.patch: fix potential integer overflow", " parsing (byte)strings in glib/gvariant-parser.c.", " - debian/patches/CVE-2025-14087-2.patch: use size_t to count numbers of", " child elements in glib/gvariant-parser.c.", " - debian/patches/CVE-2025-14087-3.patch: convert error handling code to", " use size_t in glib/gvariant-parser.c.", " - CVE-2025-14087", " * SECURITY UPDATE: integer overflow in gfileattribute", " - debian/patches/gfileattribute-overflow.patch: add overflow check in", " gio/gfileattribute.c.", " - No CVE number", "" ], "package": "glib2.0", "version": "2.86.0-2ubuntu0.1", "urgency": "medium", "distributions": "questing-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Wed, 10 Dec 2025 10:20:04 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "liblastlog2-2", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmount1", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpng16-16t64", "from_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.50-1", "version": "1.6.50-1" }, "to_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.50-1ubuntu0.1", "version": "1.6.50-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-64505", "url": "https://ubuntu.com/security/CVE-2025-64505", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palette_lookup array bounds are not validated against externally-supplied image data, allowing an attacker to craft a PNG file with out-of-range palette indices that trigger out-of-bounds memory access. This issue has been patched in version 1.6.51.", "cve_priority": "medium", "cve_public_date": "2025-11-25 00:15:00 UTC" }, { "cve": "CVE-2025-64506", "url": "https://ubuntu.com/security/CVE-2025-64506", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing 8-bit images through the simplified write API with convert_to_8bit enabled. The vulnerability affects 8-bit grayscale+alpha, RGB/RGBA, and images with incomplete row data. A conditional guard incorrectly allows 8-bit input to enter code expecting 16-bit input, causing reads up to 2 bytes beyond allocated buffer boundaries. This issue has been patched in version 1.6.51.", "cve_priority": "medium", "cve_public_date": "2025-11-25 00:15:00 UTC" }, { "cve": "CVE-2025-64720", "url": "https://ubuntu.com/security/CVE-2025-64720", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.", "cve_priority": "medium", "cve_public_date": "2025-11-25 00:15:00 UTC" }, { "cve": "CVE-2025-65018", "url": "https://ubuntu.com/security/CVE-2025-65018", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.", "cve_priority": "medium", "cve_public_date": "2025-11-25 00:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-64505", "url": "https://ubuntu.com/security/CVE-2025-64505", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_do_quantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palette_lookup array bounds are not validated against externally-supplied image data, allowing an attacker to craft a PNG file with out-of-range palette indices that trigger out-of-bounds memory access. This issue has been patched in version 1.6.51.", "cve_priority": "medium", "cve_public_date": "2025-11-25 00:15:00 UTC" }, { "cve": "CVE-2025-64506", "url": "https://ubuntu.com/security/CVE-2025-64506", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's png_write_image_8bit function when processing 8-bit images through the simplified write API with convert_to_8bit enabled. The vulnerability affects 8-bit grayscale+alpha, RGB/RGBA, and images with incomplete row data. A conditional guard incorrectly allows 8-bit input to enter code expecting 16-bit input, causing reads up to 2 bytes beyond allocated buffer boundaries. This issue has been patched in version 1.6.51.", "cve_priority": "medium", "cve_public_date": "2025-11-25 00:15:00 UTC" }, { "cve": "CVE-2025-64720", "url": "https://ubuntu.com/security/CVE-2025-64720", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.", "cve_priority": "medium", "cve_public_date": "2025-11-25 00:15:00 UTC" }, { "cve": "CVE-2025-65018", "url": "https://ubuntu.com/security/CVE-2025-65018", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.", "cve_priority": "medium", "cve_public_date": "2025-11-25 00:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: buffer overflow issue", " - debian/patches/CVE-2025-64505.patch: Fix a buffer overflow in", " png_do_quantize", " - debian/patches/CVE-2025-64506.patch: Fix a heap buffer overflow in", " png_write_image_8bit", " - debian/patches/CVE-2025-64720.patch: Fix a buffer overflow in", " png_init_read_transformations", " - debian/patches/CVE-2025-65018.patch: Fix a heap buffer overflow in", " png_image_finish_read", " - CVE-2025-64505", " - CVE-2025-64506", " - CVE-2025-64720", " - CVE-2025-65018", "" ], "package": "libpng1.6", "version": "1.6.50-1ubuntu0.1", "urgency": "medium", "distributions": "questing-security", "launchpad_bugs_fixed": [], "author": "Nishit Majithia ", "date": "Tue, 09 Dec 2025 17:38:32 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsmartcols1", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libuuid1", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "login", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "1:4.16.0-2+really2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "1:4.16.0-2+really2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "mount", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-urllib3", "from_version": { "source_package_name": "python-urllib3", "source_package_version": "2.3.0-3", "version": "2.3.0-3" }, "to_version": { "source_package_name": "python-urllib3", "source_package_version": "2.3.0-3ubuntu0.1", "version": "2.3.0-3ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-66418", "url": "https://ubuntu.com/security/CVE-2025-66418", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.", "cve_priority": "medium", "cve_public_date": "2025-12-05 16:15:00 UTC" }, { "cve": "CVE-2025-66471", "url": "https://ubuntu.com/security/CVE-2025-66471", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.", "cve_priority": "medium", "cve_public_date": "2025-12-05 17:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-66418", "url": "https://ubuntu.com/security/CVE-2025-66418", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.", "cve_priority": "medium", "cve_public_date": "2025-12-05 16:15:00 UTC" }, { "cve": "CVE-2025-66471", "url": "https://ubuntu.com/security/CVE-2025-66471", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.", "cve_priority": "medium", "cve_public_date": "2025-12-05 17:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Denial of service due to unbounded decompression chain.", " - debian/patches/CVE-2025-66418.patch: Add max_decode_links limit and", " checks in src/urllib3/response.py. Add test in test/test_response.py.", " - CVE-2025-66418", " * SECURITY UPDATE: Denial of service due to decompression bomb.", " - debian/patches/CVE-2025-66471.patch: Fix decompression bomb in", " src/urllib3/response.py. Add tests in test/test_response.py.", " - debian/patches/CVE-2025-66471-post1.patch: Remove brotli version warning", " due to intrusive backport for brotli fixes and upstream version warning", " not being appropriate for distro backporting.", " - CVE-2025-66471", "" ], "package": "python-urllib3", "version": "2.3.0-3ubuntu0.1", "urgency": "medium", "distributions": "questing-security", "launchpad_bugs_fixed": [], "author": "Hlib Korzhynskyy ", "date": "Wed, 10 Dec 2025 12:29:16 -0330" } ], "notes": null, "is_version_downgrade": false }, { "name": "util-linux", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4", "version": "2.41-4ubuntu4" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.41-4ubuntu4.1", "version": "2.41-4ubuntu4.1" }, "cves": [], "launchpad_bugs_fixed": [ 2123886 ], "changes": [ { "cves": [], "log": [ "", " * Add ARM core support for Vera systems (LP: #2123886)", " - d/p/ubuntu/lp-2123886-add-missing-arm-cores.patch", "" ], "package": "util-linux", "version": "2.41-4ubuntu4.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2123886 ], "author": "Zachary Raines ", "date": "Mon, 22 Sep 2025 14:42:28 +0000" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 25.10 questing image from daily image serial 20251210 to 20260107", "from_series": "questing", "to_series": "questing", "from_serial": "20251210", "to_serial": "20260107", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }