{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "libjs-sphinxdoc", "linux-image-6.18.0-8-generic", "linux-modules-6.18.0-8-generic" ], "removed": [ "linux-image-6.17.0-8-generic", "linux-modules-6.17.0-8-generic" ], "diff": [ "cloud-init", "cloud-init-base", "dhcpcd-base", "distro-info-data", "fuse3", "gcc-15-base", "gir1.2-girepository-3.0", "gir1.2-glib-2.0", "libatomic1", "libedit2", "libfreetype6", "libfuse3-4", "libgcc-s1", "libgirepository-2.0-0", "libglib2.0-0t64", "liblzma5", "libmnl0", "libncursesw6", "libpng16-16t64", "libstdc++6", "libtinfo6", "linux-image-virtual", "lsb-release", "mawk", "media-types", "ncurses-base", "ncurses-bin", "pci.ids", "python3-attr", "python3-autocommand", "python3-bcrypt", "python3-blinker", "python3-certifi", "python3-inflect", "python3-jwt", "python3-lazr.uri", "python3-oauthlib", "python3-passlib", "python3-pyparsing", "python3-typeguard", "python3-typing-extensions", "python3-yaml", "sensible-utils", "tzdata", "ubuntu-cloud-minimal", "xz-utils" ] } }, "diff": { "deb": [ { "name": "cloud-init", "from_version": { "source_package_name": "cloud-init", "source_package_version": "25.4~1gcb12e00e-0ubuntu2", "version": "25.4~1gcb12e00e-0ubuntu2" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "25.4~2gb117d244-0ubuntu1", "version": "25.4~2gb117d244-0ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2136198 ], "changes": [ { "cves": [], "log": [ "", " * d/tests: exercise cloud-init status", " * d/cloud-init-base.config - Remove old unnecessary logic.", " * d/cloud-init-base.postinst - Remove old unnecessary logic.", " * d/cloud-init-base.preinst - Delete file, logic was obsolete.", " * d/cloud-init-base.prerm - Delete file, logic was obsolete.", " * Upstream snapshot based on upstream/main at b117d244.", " - Bugs fixed in this snapshot: (LP: #2136198)", "" ], "package": "cloud-init", "version": "25.4~2gb117d244-0ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136198 ], "author": "Chad Smith ", "date": "Thu, 18 Dec 2025 17:07:20 -0700" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-init-base", "from_version": { "source_package_name": "cloud-init", "source_package_version": "25.4~1gcb12e00e-0ubuntu2", "version": "25.4~1gcb12e00e-0ubuntu2" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "25.4~2gb117d244-0ubuntu1", "version": "25.4~2gb117d244-0ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2136198 ], "changes": [ { "cves": [], "log": [ "", " * d/tests: exercise cloud-init status", " * d/cloud-init-base.config - Remove old unnecessary logic.", " * d/cloud-init-base.postinst - Remove old unnecessary logic.", " * d/cloud-init-base.preinst - Delete file, logic was obsolete.", " * d/cloud-init-base.prerm - Delete file, logic was obsolete.", " * Upstream snapshot based on upstream/main at b117d244.", " - Bugs fixed in this snapshot: (LP: #2136198)", "" ], "package": "cloud-init", "version": "25.4~2gb117d244-0ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136198 ], "author": "Chad Smith ", "date": "Thu, 18 Dec 2025 17:07:20 -0700" } ], "notes": null, "is_version_downgrade": false }, { "name": "dhcpcd-base", "from_version": { "source_package_name": "dhcpcd", "source_package_version": "1:10.3.0-2", "version": "1:10.3.0-2" }, "to_version": { "source_package_name": "dhcpcd", "source_package_version": "1:10.3.0-3", "version": "1:10.3.0-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * [control]", " = Simplify bin:dhcpcd's long description (Closes: #1121452).", " * [patches]", " + Uncomment 'ntp_servers' in dhcpcd.conf (Closes: #1123962).", "" ], "package": "dhcpcd", "version": "1:10.3.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Martin-Éric Racine ", "date": "Thu, 25 Dec 2025 11:16:42 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "distro-info-data", "from_version": { "source_package_name": "distro-info-data", "source_package_version": "0.68", "version": "0.68" }, "to_version": { "source_package_name": "distro-info-data", "source_package_version": "0.68build1", "version": "0.68build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "distro-info-data", "version": "0.68build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:39:48 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "fuse3", "from_version": { "source_package_name": "fuse3", "source_package_version": "3.17.4-1", "version": "3.17.4-1" }, "to_version": { "source_package_name": "fuse3", "source_package_version": "3.18.1-1", "version": "3.18.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", " * Update library symbols for this release.", "" ], "package": "fuse3", "version": "3.18.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Sun, 21 Dec 2025 18:06:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "gcc-15-base", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-girepository-3.0", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-glib-2.0", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libatomic1", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libedit2", "from_version": { "source_package_name": "libedit", "source_package_version": "3.1-20250104-1build1", "version": "3.1-20250104-1build1" }, "to_version": { "source_package_name": "libedit", "source_package_version": "3.1-20251016-1", "version": "3.1-20251016-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to include updated RISC-V base ISA RVA23", "" ], "package": "libedit", "version": "3.1-20250104-1build1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Heinrich Schuchardt ", "date": "Fri, 05 Sep 2025 17:32:20 +0000" } ], "notes": null, "is_version_downgrade": true }, { "name": "libfreetype6", "from_version": { "source_package_name": "freetype", "source_package_version": "2.13.3+dfsg-1build1", "version": "2.13.3+dfsg-1build1" }, "to_version": { "source_package_name": "freetype", "source_package_version": "2.14.1+dfsg-2", "version": "2.14.1+dfsg-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * debian/control: Drop HarfBuzz dependencies (Closes: #1124239).", " * debian/rules: Enable dynamic loading of the HarfBuzz library.", " * debian/tests/libfreetype-dev: Re-enable static autopkgtest.", "" ], "package": "freetype", "version": "2.14.1+dfsg-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Hugh McMaster ", "date": "Mon, 29 Dec 2025 23:22:32 +1100" }, { "cves": [], "log": [ "", " * New upstream version 2.14.1:", " - Enable dynamic loading of the HarfBuzz library, avoiding the", " well-known circular dependency problem.", " * debian/control:", " - Raise Standards-Version to 4.7.3, removing the Priority field.", " - Build-Depend on libharfbuzz-dev.", " - Drop Rules-Requires-Root (no longer needed).", " - libfreetype-dev: Depend on libharfbuzz-dev.", " * debian/copyright:", " - Update for FreeType 2.14.0.", " - Update for 2025.", " - Fix whitespace formatting.", " * debian/patches: Refresh ftoption.patch.", " * debian/rules: Enable linking with HarfBuzz.", " * debian/tests/libfreetype-dev: Disable static autopkgtest.", " * debian/watch: Convert to Version 5 format.", "" ], "package": "freetype", "version": "2.14.1+dfsg-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Hugh McMaster ", "date": "Fri, 26 Dec 2025 21:52:18 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfuse3-4", "from_version": { "source_package_name": "fuse3", "source_package_version": "3.17.4-1", "version": "3.17.4-1" }, "to_version": { "source_package_name": "fuse3", "source_package_version": "3.18.1-1", "version": "3.18.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", " * Update library symbols for this release.", "" ], "package": "fuse3", "version": "3.18.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Sun, 21 Dec 2025 18:06:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgcc-s1", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgirepository-2.0-0", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-0t64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.2-1", "version": "2.86.2-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.86.3-4", "version": "2.86.3-4" }, "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" }, { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 01 Jan 2026 07:59:38 -0500" }, { "cves": [], "log": [ "", " * Fix hurd build", "" ], "package": "glib2.0", "version": "2.86.3-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 18:35:13 -0500" }, { "cves": [ { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " [ Jeremy Bícha ]", " * Remove :native from Build-Depends: python3-packaging (Closes: #1124385)", " * Remove nosysprof build profile because libsysprof-capture-4-dev", " is built for all Linux architectures and does not require glib2.0", " * Remove kfreebsd reference", " * Override dh_gnome to avoid build warnings", " * Bump Standards Version to 4.7.3", "", " [ Simon McVittie ]", " * Mention #1122346, #1122347 in previous changelog entry", " * Mention CVE-2025-14512 in previous changelog entry now that it has", " been allocated", "" ], "package": "glib2.0", "version": "2.86.3-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Wed, 31 Dec 2025 10:32:42 -0500" }, { "cves": [ { "cve": "CVE-2025-13601", "url": "https://ubuntu.com/security/CVE-2025-13601", "cve_description": "A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.", "cve_priority": "medium", "cve_public_date": "2025-11-26 15:15:00 UTC" }, { "cve": "CVE-2025-14087", "url": "https://ubuntu.com/security/CVE-2025-14087", "cve_description": "A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.", "cve_priority": "medium", "cve_public_date": "2025-12-10 09:15:00 UTC" }, { "cve": "CVE-2025-14512", "url": "https://ubuntu.com/security/CVE-2025-14512", "cve_description": "A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.", "cve_priority": "medium", "cve_public_date": "2025-12-11 07:16:00 UTC" } ], "log": [ "", " * New upstream security-fix release", " - Fix calculation of buffer sizes when escaping URI strings", " (CVE-2025-13601, glib#3827 upstream, Closes: #1121488)", " - Fix possible buffer underflow parsing GVariant strings/bytestrings", " (CVE-2025-14087, glib#3834 upstream, Closes: #1122347)", " - Fix integer overflow in file attribute escaping", " (CVE-2025-14512, glib#3845 upstream, Closes: #1122346)", " - Windows-specific changes not described in detail here", "" ], "package": "glib2.0", "version": "2.86.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Simon McVittie ", "date": "Tue, 09 Dec 2025 13:31:14 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "liblzma5", "from_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.1-2", "version": "5.8.1-2" }, "to_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.2-1", "version": "5.8.2-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Import 5.8.2", " - Add a workaround for Red Hat Enterprise Linux 9 kernel bug", " (Closes: #1121085).", "" ], "package": "xz-utils", "version": "5.8.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sebastian Andrzej Siewior ", "date": "Fri, 26 Dec 2025 19:52:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmnl0", "from_version": { "source_package_name": "libmnl", "source_package_version": "1.0.5-3", "version": "1.0.5-3" }, "to_version": { "source_package_name": "libmnl", "source_package_version": "1.0.5-3build1", "version": "1.0.5-3build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libmnl", "version": "1.0.5-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:31:18 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libncursesw6", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpng16-16t64", "from_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.51-1", "version": "1.6.51-1" }, "to_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.53-1", "version": "1.6.53-1" }, "cves": [ { "cve": "CVE-2025-66293", "url": "https://ubuntu.com/security/CVE-2025-66293", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.", "cve_priority": "medium", "cve_public_date": "2025-12-03 21:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 1.6.53.", "" ], "package": "libpng1.6", "version": "1.6.53-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Tobias Frost ", "date": "Sun, 07 Dec 2025 11:32:41 +0100" }, { "cves": [ { "cve": "CVE-2025-66293", "url": "https://ubuntu.com/security/CVE-2025-66293", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.", "cve_priority": "medium", "cve_public_date": "2025-12-03 21:15:00 UTC" } ], "log": [ "", " * New upstream versoin 1.6.52", " - CVE-2025-66293 - Out of bound read (Closes: #1121877)", "" ], "package": "libpng1.6", "version": "1.6.52-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Tobias Frost ", "date": "Thu, 04 Dec 2025 06:24:43 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libstdc++6", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-11ubuntu1", "version": "15.2.0-11ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-11ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Wed, 10 Dec 2025 15:24:39 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251209 from the gcc-15 branch.", " - Fix PR target/122991 (AArch64), PR tree-optimization/122943,", " PR middle-end/120052, PR middle-end/120564, PR ada/123037, PR ada/115305,", " PR middle-end/122624, PR c/121506, PR c++/121445, PR c++/120876,", " PR lto/122515.", " * Fix Algol-68 build on sparc64, patch taken from the trunk.", " * Don't rely on python3-check-jsonschema for testing, still having", " unpackaged dependencies.", " * Add architectureVariant to ELF_PACKAGE_METADATA.", "" ], "package": "gcc-15", "version": "15.2.0-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 21:10:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtinfo6", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 1786013, 1786013, 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.18.0-8.8", "" ], "package": "linux-meta", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:30 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-7.7", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", "", " * Miscellaneous Ubuntu changes", " - [packaging] rename to linux-meta", "" ], "package": "linux-meta", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:28:41 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-6.6", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:53:24 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-5.5", "" ], "package": "linux-meta-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:24:31 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-4.4", "" ], "package": "linux-meta-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 13:08:42 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-3.3", "" ], "package": "linux-meta-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:16:21 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-2.2", "" ], "package": "linux-meta-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:43:07 +0200" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-1.1", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/dkms-versions -- resync from main package", " - [Packaging] update variants", "", " * Miscellaneous Ubuntu changes", " - move to 6.18", " - move to resolute", "" ], "package": "linux-meta-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 10:42:36 +0200" }, { "cves": [], "log": [ "", " * Empty entry", "" ], "package": "linux-meta-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 15 Oct 2025 11:55:46 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "lsb-release", "from_version": { "source_package_name": "lsb-release-minimal", "source_package_version": "12.1-2", "version": "12.1-2" }, "to_version": { "source_package_name": "lsb-release-minimal", "source_package_version": "12.1-2build1", "version": "12.1-2build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "lsb-release-minimal", "version": "12.1-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:47:11 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "mawk", "from_version": { "source_package_name": "mawk", "source_package_version": "1.3.4.20250131-1build1", "version": "1.3.4.20250131-1build1" }, "to_version": { "source_package_name": "mawk", "source_package_version": "1.3.4.20250131-2", "version": "1.3.4.20250131-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * debian/watch: Update to version 5.", " * debian/upstream/metadata: Add fields for bug tracker and documentation.", " * debian/control: Bump Standards-Version to 4.7.2.", "" ], "package": "mawk", "version": "1.3.4.20250131-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Boyuan Yang ", "date": "Sun, 21 Dec 2025 10:20:03 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "media-types", "from_version": { "source_package_name": "media-types", "source_package_version": "14.0.0", "version": "14.0.0" }, "to_version": { "source_package_name": "media-types", "source_package_version": "14.0.0build1", "version": "14.0.0build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "media-types", "version": "14.0.0build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:48:01 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-base", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-bin", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.6+20251231-1", "version": "6.6+20251231-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " * Update symbols files and bump shlibs.", " * Upgrade Standards-Version to 4.7.3, no changes needed.", "" ], "package": "ncurses", "version": "6.6+20251231-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sat, 03 Jan 2026 08:53:58 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "pci.ids", "from_version": { "source_package_name": "pci.ids", "source_package_version": "0.0~2025.11.04-1", "version": "0.0~2025.11.04-1" }, "to_version": { "source_package_name": "pci.ids", "source_package_version": "0.0~2025.12.16-1", "version": "0.0~2025.12.16-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", "" ], "package": "pci.ids", "version": "0.0~2025.12.16-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Wed, 17 Dec 2025 04:12:46 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-attr", "from_version": { "source_package_name": "python-attrs", "source_package_version": "25.4.0-1", "version": "25.4.0-1" }, "to_version": { "source_package_name": "python-attrs", "source_package_version": "25.4.0-1build1", "version": "25.4.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-attrs", "version": "25.4.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:20 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-autocommand", "from_version": { "source_package_name": "python-autocommand", "source_package_version": "2.2.2-3", "version": "2.2.2-3" }, "to_version": { "source_package_name": "python-autocommand", "source_package_version": "2.2.2-4", "version": "2.2.2-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Patches: fix tests for Python 3.14. (Closes: #1123196)", "" ], "package": "python-autocommand", "version": "2.2.2-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeroen Ploemen ", "date": "Wed, 17 Dec 2025 10:35:26 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-bcrypt", "from_version": { "source_package_name": "python-bcrypt", "source_package_version": "5.0.0-2", "version": "5.0.0-2" }, "to_version": { "source_package_name": "python-bcrypt", "source_package_version": "5.0.0-3", "version": "5.0.0-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Breaks: python3-passlib (<< 1.9.3-1~) (closes: #1122147).", "" ], "package": "python-bcrypt", "version": "5.0.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 08 Dec 2025 17:17:36 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-blinker", "from_version": { "source_package_name": "blinker", "source_package_version": "1.9.0-2", "version": "1.9.0-2" }, "to_version": { "source_package_name": "blinker", "source_package_version": "1.9.0-2build1", "version": "1.9.0-2build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "blinker", "version": "1.9.0-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:39:10 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-certifi", "from_version": { "source_package_name": "python-certifi", "source_package_version": "2025.11.12+ds-1", "version": "2025.11.12+ds-1" }, "to_version": { "source_package_name": "python-certifi", "source_package_version": "2025.11.12+ds-1build1", "version": "2025.11.12+ds-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-certifi", "version": "2025.11.12+ds-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:50:46 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-inflect", "from_version": { "source_package_name": "python-inflect", "source_package_version": "7.5.0-1", "version": "7.5.0-1" }, "to_version": { "source_package_name": "python-inflect", "source_package_version": "7.5.0-1build1", "version": "7.5.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-inflect", "version": "7.5.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:53:27 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-jwt", "from_version": { "source_package_name": "pyjwt", "source_package_version": "2.10.1-3", "version": "2.10.1-3" }, "to_version": { "source_package_name": "pyjwt", "source_package_version": "2.10.1-3build1", "version": "2.10.1-3build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "pyjwt", "version": "2.10.1-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:49:47 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-lazr.uri", "from_version": { "source_package_name": "lazr.uri", "source_package_version": "1.0.6-7", "version": "1.0.6-7" }, "to_version": { "source_package_name": "lazr.uri", "source_package_version": "1.0.6-7build1", "version": "1.0.6-7build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "lazr.uri", "version": "1.0.6-7build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 23 Dec 2025 14:03:54 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-oauthlib", "from_version": { "source_package_name": "python-oauthlib", "source_package_version": "3.3.1-1", "version": "3.3.1-1" }, "to_version": { "source_package_name": "python-oauthlib", "source_package_version": "3.3.1-1build1", "version": "3.3.1-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-oauthlib", "version": "3.3.1-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:53:42 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-passlib", "from_version": { "source_package_name": "python-passlib", "source_package_version": "1.7.4-6ubuntu1", "version": "1.7.4-6ubuntu1" }, "to_version": { "source_package_name": "python-passlib", "source_package_version": "1.9.3-1ubuntu1", "version": "1.9.3-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * Merge from Debian unstable. Remaining changes:", " [ Simon Quigley ]", " - Demote the runtime dependency on python3-legacycrypt to Suggests,", " to temporarily fix the component mismatch.", "" ], "package": "python-passlib", "version": "1.9.3-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Rik Mills ", "date": "Sun, 21 Dec 2025 20:12:18 +0000" }, { "cves": [], "log": [ "", " * Team upload.", " * New upstream version 1.9.3. Closes: #1120188.", " * Change upstream. Closes: #1099184.", " * Standards-Version 4.7.2, no change", " * Drop all patches", " * Update Depends, add !nocheck build profile where applicable", " * Builds docs with sphinx", "" ], "package": "python-passlib", "version": "1.9.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jérémy Lal ", "date": "Sat, 06 Dec 2025 17:33:13 +0100" }, { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-passlib", "version": "1.7.4-6ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:55:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pyparsing", "from_version": { "source_package_name": "pyparsing", "source_package_version": "3.1.3-1", "version": "3.1.3-1" }, "to_version": { "source_package_name": "pyparsing", "source_package_version": "3.1.3-1build1", "version": "3.1.3-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "pyparsing", "version": "3.1.3-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:49:29 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-typeguard", "from_version": { "source_package_name": "python-typeguard", "source_package_version": "4.4.2-1", "version": "4.4.2-1" }, "to_version": { "source_package_name": "python-typeguard", "source_package_version": "4.4.4-1build1", "version": "4.4.4-1build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "python-typeguard", "version": "4.4.4-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:54:30 -0500" }, { "cves": [], "log": [ "", " * Team upload.", " * New upstream release.", "" ], "package": "python-typeguard", "version": "4.4.4-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 18 Aug 2025 15:37:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-typing-extensions", "from_version": { "source_package_name": "python-typing-extensions", "source_package_version": "4.15.0-1ubuntu1", "version": "4.15.0-1ubuntu1" }, "to_version": { "source_package_name": "python-typing-extensions", "source_package_version": "4.15.0-2", "version": "4.15.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix test on Python 3.14 (closes: #1123325).", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", " * Standards-Version: 4.7.2.", "" ], "package": "python-typing-extensions", "version": "4.15.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Wed, 17 Dec 2025 00:12:02 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-yaml", "from_version": { "source_package_name": "pyyaml", "source_package_version": "6.0.2-2", "version": "6.0.2-2" }, "to_version": { "source_package_name": "pyyaml", "source_package_version": "6.0.3-1", "version": "6.0.3-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 6.0.3", " * d/control: standards-version 4.7.3, drop rules-requires-root", " * d/patches: drop distutils patch (obsolete), re-enable fatal_test_failures for legacy testsuite", " * d/watch: upgrade to version 5", "" ], "package": "pyyaml", "version": "6.0.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Gordon Ball ", "date": "Sun, 28 Dec 2025 00:52:19 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "sensible-utils", "from_version": { "source_package_name": "sensible-utils", "source_package_version": "0.0.26", "version": "0.0.26" }, "to_version": { "source_package_name": "sensible-utils", "source_package_version": "0.0.26build1", "version": "0.0.26build1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Rebuild to clear amd64v3 from FTBFS report", "" ], "package": "sensible-utils", "version": "0.0.26build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Thu, 18 Dec 2025 07:57:59 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "tzdata", "from_version": { "source_package_name": "tzdata", "source_package_version": "2025b-5ubuntu1", "version": "2025b-5ubuntu1" }, "to_version": { "source_package_name": "tzdata", "source_package_version": "2025c-3ubuntu1", "version": "2025c-3ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable. Remaining changes:", " - Ship 2025b ICU timezone data which are utilized by PHP in tzdata-icu", " - Add autopkgtest test case for ICU timezone data", " - Point Vcs-Browser/Git to Launchpad", "" ], "package": "tzdata", "version": "2025c-3ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Thu, 18 Dec 2025 17:56:18 +0100" }, { "cves": [], "log": [ "", " * Also remove /etc/timezone on upgrades from Ubuntu 25.10 \"questing\" older", "" ], "package": "tzdata", "version": "2025c-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Thu, 18 Dec 2025 16:55:15 +0100" }, { "cves": [], "log": [ "", " * Remove /etc/timezone on upgrade (Closes: #605834, #813226, #822733)", "" ], "package": "tzdata", "version": "2025c-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Mon, 15 Dec 2025 23:51:19 +0100" }, { "cves": [], "log": [ "", " * New upstream version 2025c", " * Update French debconf translation.", " Thanks to Baptiste Jammet (Closes: #1118004)", " * Drop No-leap-second-on-2025-12-31.patch (merged upstream)", " * Update Swedish debconf translation.", " Thanks to Martin Bagge (Closes: #1122575)", " * debian/control: drop Rules-Requires-Root field, now obsolete", " * debian/watch: update to version 5", " * Add autopkgtest test case for 2025c release", "" ], "package": "tzdata", "version": "2025c-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Thu, 11 Dec 2025 20:40:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-cloud-minimal", "from_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.562", "version": "1.562" }, "to_version": { "source_package_name": "ubuntu-meta", "source_package_version": "1.563", "version": "1.563" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Refreshed dependencies", " * Added resources to desktop-minimal-recommends, desktop-raspi-", " recommends, desktop-recommends", " * Removed gnome-power-manager from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", " * Removed gnome-system-monitor from desktop-minimal-recommends,", " desktop-raspi-recommends, desktop-recommends", "" ], "package": "ubuntu-meta", "version": "1.563", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Jeremy Bícha ", "date": "Tue, 16 Dec 2025 16:43:45 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "xz-utils", "from_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.1-2", "version": "5.8.1-2" }, "to_version": { "source_package_name": "xz-utils", "source_package_version": "5.8.2-1", "version": "5.8.2-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Import 5.8.2", " - Add a workaround for Red Hat Enterprise Linux 9 kernel bug", " (Closes: #1121085).", "" ], "package": "xz-utils", "version": "5.8.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sebastian Andrzej Siewior ", "date": "Fri, 26 Dec 2025 19:52:09 +0100" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "libjs-sphinxdoc", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "sphinx", "source_package_version": "8.2.3-12", "version": "8.2.3-12" }, "cves": [], "launchpad_bugs_fixed": [ 2133023 ], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Use new package name for roman-numerals (closes: #1123782).", "" ], "package": "sphinx", "version": "8.2.3-12", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Tue, 23 Dec 2025 11:28:26 +0000" }, { "cves": [], "log": [ "", " * Depend on libgvplugin-neato-layout and libgvplugin-pango for the tests", " (closes: #1122119, thanks László Böszörményi).", "" ], "package": "sphinx", "version": "8.2.3-11", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Dmitry Shachnev ", "date": "Sun, 07 Dec 2025 20:20:57 +0300" }, { "cves": [], "log": [ "", " * Backport upstream commits to fix tests with Python 3.14 (LP: #2133023).", "" ], "package": "sphinx", "version": "8.2.3-10", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2133023 ], "author": "Dmitry Shachnev ", "date": "Wed, 26 Nov 2025 20:54:23 +0300" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false }, { "name": "linux-image-6.18.0-8-generic", "from_version": { "source_package_name": "linux-signed", "source_package_version": "6.17.0-8.8", "version": null }, "to_version": { "source_package_name": "linux-signed", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 1786013, 1786013, 1786013, 1786013, 1786013, 1786013, 1786013, 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.18.0-8.8", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux-signed", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:43 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-7.7", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] debian/tracking-bug -- resync from main package", "", " * Miscellaneous Ubuntu changes", " - [packaging] rename to linux-signed", "" ], "package": "linux-signed", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:29:07 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-6.6", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:53:37 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-5.5", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:24:45 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-4.4", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 13:08:56 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-3.3", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:16:35 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-2.2", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:43:21 +0200" }, { "cves": [], "log": [ "", " * Main version: 6.18.0-1.1", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update variants", " - [Packaging] update variants", " - [Packaging] debian/tracking-bug -- resync from main package", "", " * Miscellaneous Ubuntu changes", " - move to 6.18", " - move to resolute", "" ], "package": "linux-signed-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 10:45:09 +0200" }, { "cves": [], "log": [ "", " * Empty entry", "" ], "package": "linux-signed-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Paolo Pisati ", "date": "Wed, 15 Oct 2025 12:06:39 +0200" } ], "notes": "linux-image-6.18.0-8-generic version '6.18.0-8.8' (source package linux-signed version '6.18.0-8.8') was added. linux-image-6.18.0-8-generic version '6.18.0-8.8' has the same source package name, linux-signed, as removed package linux-image-6.17.0-8-generic. As such we can use the source package version of the removed package, '6.17.0-8.8', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-modules-6.18.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.18.0-8.8", "version": "6.18.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 2136712, 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013, 2133502, 1786013, 2131673, 2128792, 2130552, 2131211, 2131046, 2129919, 2126577, 2129552, 2129038, 1786013, 2126040, 2126948, 1981437 ], "changes": [ { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-8.8 -proposed tracker (LP: #2136712)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] disable signing for s390x", "" ], "package": "linux", "version": "6.18.0-8.8", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136712 ], "author": "Paolo Pisati ", "date": "Wed, 17 Dec 2025 15:20:04 +0100" }, { "cves": [], "log": [ "", " * resolute/linux: 6.18.0-7.7 -proposed tracker (LP: #2136307)", "", " * unconfined profile denies userns_create for chromium based processes", " (LP: #1990064)", " - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS", "", " * update apparmor and LSM stacking patch set (LP: #2028253)", " - SAUCE: apparmor5.0.0 [1/51]: Stacking: Audit: Allow multiple records in", " an audit_buffer", " - SAUCE: apparmor5.0.0 [2/51]: Stacking: LSM: security_lsmblob_to_secctx", " module selection", " - SAUCE: apparmor5.0.0 [3/51]: Stacking: Audit: Add record for multiple", " task security contexts", " - SAUCE: apparmor5.0.0 [4/51]: Stacking: Audit: multiple subject lsm", " values for netlabel", " - SAUCE: apparmor5.0.0 [5/51]: Stacking: LSM: Single calls in secid hooks", " - SAUCE: apparmor5.0.0 [6/51]: Stacking: LSM: Exclusive secmark usage", " - SAUCE: apparmor5.0.0 [7/51]: Stacking: Audit: Call only the first of the", " audit rule hooks", " - SAUCE: apparmor5.0.0 [8/51]: Stacking: AppArmor: Remove the exclusive", " flag", " - SAUCE: apparmor5.0.0 [9/51]: Revert \"apparmor: fix dbus permission", " queries to v9 ABI\"", " - SAUCE: apparmor5.0.0 [10/51]: Revert \"apparmor: gate make fine grained", " unix mediation behind v9 abi\"", " - SAUCE: apparmor5.0.0 [11/51]: apparmor: net: patch to provide", " compatibility with v2.x net rules", " - SAUCE: apparmor5.0.0 [12/51]: apparmor: net: add fine grained ipv4/ipv6", " mediation", " - SAUCE: apparmor5.0.0 [13/51]: apparmor: userns: add unprivileged user ns", " mediation", " - SAUCE: apparmor5.0.0 [14/51]: apparmor: userns: Add sysctls for", " additional controls of unpriv userns restrictions", " - SAUCE: apparmor5.0.0 [16/51]: apparmor: userns: open userns related", " sysctl so lxc can check if restriction are in place", " - SAUCE: apparmor5.0.0 [17/51]: apparmor: userns: allow profile to be", " transitioned when a userns is created", " - SAUCE: apparmor5.0.0 [18/51]: aoparmor: userns: Add support for execpath", " in userns", " - SAUCE: apparmor5.0.0 [19/51]: apparmor: mqueue: call", " security_inode_init_security on inode creation", " - SAUCE: apparmor5.0.0 [20/51]: apparmor: mqueue: add fine grained", " mediation of posix mqueues", " - SAUCE: apparmor5.0.0 [21/51]: apparmor: uring: add io_uring mediation", " - SAUCE: apparmor5.0.0 [24/51]: apparmor: prompt: setup slab cache for", " audit data", " - SAUCE: apparmor5.0.0 [25/51]: apparmor: prompt: add the ability for", " profiles to have a learning cache", " - SAUCE: apparmor5.0.0 [26/51]: apparmor: prompt: enable userspace upcall", " for mediation", " - SAUCE: apparmor5.0.0 [27/51]: apparmor: prompt: pass prompt boolean", " through into path_name as well", " - SAUCE: apparmor5.0.0 [28/51]: apparmor: add AA_DEBUG_PROFILE to have", " debug on profiles with flag set", " - SAUCE: apparmor5.0.0 [29/51]: apparmor: make str table more generic and", " be able to have multiple entries", " - SAUCE: apparmor5.0.0 [30/51]: apparmor: check for supported version in", " notification messages.", " - SAUCE: apparmor5.0.0 [31/51]: apparmor: refactor building notice so it", " is easier to extend", " - SAUCE: apparmor5.0.0 [32/51]: apparmor: switch from ENOTSUPP to", " EPROTONOSUPPORT", " - SAUCE: apparmor5.0.0 [33/51]: apparmor: add support for meta data tags", " - SAUCE: apparmor5.0.0 [34/51]: apparmor: mmap_file() doesn't need to be", " called atomically", " - SAUCE: apparmor5.0.0 [35/51]: apparmor: guard against free routines", " being called with a NULL", " - SAUCE: apparmor5.0.0 [36/51]: apparmor: prevent profile->disconnected", " double free in aa_free_profile", " - SAUCE: apparmor5.0.0 [38/51]: apparmor-next 6.19: apparmor: fix fast", " path cache check for unix sockets", " - SAUCE: apparmor5.0.0 [39/51]: apparmor-next 6.19: apparmor: fix label", " and profile debug macros", " - SAUCE: apparmor5.0.0 [40/51]: apparmor-next 6.19: apparmor: fixup", " net_compat", " - SAUCE: apparmor5.0.0 [41/51]: apparmor-next 6.19: apparmor: lift", " compatibility check out of profile_af_perm", " - SAUCE: apparmor5.0.0 [42/51]: apparmor-next 6.19: apparmor:", " refactor/cleanup cred helper fns.", " - SAUCE: apparmor5.0.0 [43/51]: apparmor-next 6.19: apparmor: fix rlimit", " for posix cpu timers", " - SAUCE: apparmor5.0.0 [44/51]: apparmor-next 6.19: apparmor: replace", " sprintf with snprintf in aa_new_learning_profile", " - SAUCE: apparmor5.0.0 [45/51]: apparmor-next 6.19: apparmor: Replace", " sprintf/strcpy with scnprintf/strscpy in aa_policy_init", " - SAUCE: apparmor5.0.0 [46/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy in d_namespace_path", " - SAUCE: apparmor5.0.0 [47/51]: apparmor-next 6.19: apparmor: fix NULL", " pointer dereference in __unix_needs_revalidation", " - SAUCE: apparmor5.0.0 [48/51]: apparmor-next 6.19: apparmor: fix NULL", " sock in aa_sock_file_perm", " - SAUCE: apparmor5.0.0 [49/51]: apparmor-next 6.19: apparmor: Replace", " deprecated strcpy with memcpy in gen_symlink_name", " - SAUCE: apparmor5.0.0 [50/51]: apparmor-next 6.19: AppArmor: Allow", " apparmor to handle unaligned dfa tables", " - SAUCE: apparmor5.0.0 [51/51]: apparmor-next 6.19: apparmor: Fix &", " Optimize table creation from possibly unaligned memory", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // AppArmor is", " auditing the apparmor/.null file (LP: #2122743)", " - SAUCE: apparmor5.0.0 [37/51]: apparmor-next 6.19: apparmor: move check", " for aa_null file to cover all cases", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // Installation", " of AppArmor on a 6.14 kernel produces error message \"Illegal number: yes\"", " (LP: #2102680)", " - SAUCE: apparmor5.0.0 [22/51]: apparmor: create an", " AA_SFS_TYPE_BOOLEAN_INTPRINT sysctl variant", " - SAUCE: apparmor5.0.0 [23/51]: apparmor: Use AA_SFS_FILE_BOOLEAN_INTPRINT", " for userns and io_uring sysctls", "", " * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]", " apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in", " mantic (LP: #2032602)", " - SAUCE: apparmor5.0.0 [15/51]: apparmor: userns - make it so special", " unconfined profiles can mediate user namespaces", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.12.16)", "", " * Miscellaneous Ubuntu changes", " - [Packaging] rename to linux", " - [Config] update toolchain version", "" ], "package": "linux", "version": "6.18.0-7.7", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2136307, 1990064, 2028253, 2028253, 2122743, 2028253, 2102680, 2028253, 2032602, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 16 Dec 2025 13:43:25 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-6.6 -proposed tracker (LP: #2133502)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian.master/dkms-versions -- update from kernel-versions", " (main/d2025.10.20)", "", " * Miscellaneous Ubuntu changes", " - Update dropped.txt", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - rename dropped.txt to Changes.md", "" ], "package": "linux-unstable", "version": "6.18.0-6.6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2133502, 1786013 ], "author": "Paolo Pisati ", "date": "Mon, 01 Dec 2025 14:52:34 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-5.5 -proposed tracker (LP: #2131673)", "", " * Re-enable INTEL_SKL_INT3472 for kernels >= 6.16 for Intel IPU camera", " (LP: #2128792)", " - Revert \"UBUNTU: [Config] FTBFS: disable INTEL_SKL_INT3472\"", " - Revert \"UBUNTU: SAUCE: platform/x86: int3472: Add handshake GPIO", " function\"", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc6 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-5.5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131673, 2128792, 2130552 ], "author": "Paolo Pisati ", "date": "Tue, 18 Nov 2025 11:23:48 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-4.4 -proposed tracker (LP: #2131211)", "", " * CAP_PERFMON insufficient to get perf data (LP: #2131046)", " - SAUCE: perf/core: Allow CAP_PERFMON for paranoid level 4", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs following v6.18-rc5 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-4.4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131211, 2131046 ], "author": "Paolo Pisati ", "date": "Thu, 13 Nov 2025 12:55:49 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-3.3 -proposed tracker (LP: #2129919)", "", " * [26.04 FEAT] Set Architecture Level (ALS) to z15 (LP: #2126577)", " - [Config] Raise the architectural level set for s390x to z15", "", " * Miscellaneous Ubuntu changes", " - [Config]: Enable CONFIG_CRYPTO_BENCHMARK", " - [Config] updateconfigs after v6.18-rc3 rebase", "" ], "package": "linux-unstable", "version": "6.18.0-3.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129919, 2126577 ], "author": "Paolo Pisati ", "date": "Mon, 27 Oct 2025 11:07:35 +0100" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-2.2 -proposed tracker (LP: #2129552)", "", " * Miscellaneous Ubuntu changes", " - [Config] update rustc version", "" ], "package": "linux-unstable", "version": "6.18.0-2.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129552 ], "author": "Paolo Pisati ", "date": "Wed, 22 Oct 2025 15:42:17 +0200" }, { "cves": [], "log": [ "", " * resolute/linux-unstable: 6.18.0-1.1 -proposed tracker (LP: #2129038)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * Miscellaneous Ubuntu changes", " - [Packaging] Rename to linux-unstable and move to 6.18", " - [Config] updateconfigs following v6.18-rc1 rebase", " - [Config] apparmor: remove SECURITY_APPARMOR_RESTRICT_USERNS", " - [Packaging] debian.master/dkms-versions: Drop failing dkms packages", " - [Config] updateconfigs following v6.18-rc2 rebase", " - move to resolute", "", " * Miscellaneous upstream changes", " - Revert \"audit: fix skb leak when audit rate limit is exceeded\"", " - Revert \"audit: init ab->skb_list earlier in audit_buffer_alloc()\"", " - Revert \"audit: add record for multiple object contexts\"", " - Revert \"audit: add record for multiple task security contexts\"", " - Revert \"lsm: security_lsmblob_to_secctx module selection\"", " - audit: fix skb leak when audit rate limit is exceeded", "" ], "package": "linux-unstable", "version": "6.18.0-1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2129038, 1786013 ], "author": "Paolo Pisati ", "date": "Tue, 21 Oct 2025 16:26:01 +0200" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-6.6 -proposed tracker (LP: #2126040)", "", " * Questing update: v6.17.1 upstream stable release (LP: #2126948)", " - blk-mq: fix blk_mq_tags double free while nr_requests grown", " - gcc-plugins: Remove TODO_verify_il for GCC >= 16", " - scsi: target: target_core_configfs: Add length check to avoid buffer", " overflow", " - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free", " - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()", " - media: b2c2: Fix use-after-free causing by irq_check_work in", " flexcop_pci_remove", " - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in", " probe", " - media: tuner: xc5000: Fix use-after-free in xc5000_release", " - media: rc: fix races with imon_disconnect()", " - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID", " - mm: swap: check for stable address space before operating on the VMA", " - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()", " - media: iris: Fix memory leak by freeing untracked persist buffer", " - media: stm32-csi: Fix dereference before NULL check", " - ASoC: qcom: audioreach: fix potential null pointer dereference", " - Linux 6.17.1", "", " * RISC-V kernel config is out of sync with other archs (LP: #1981437)", " - [Config] riscv64: Update EFI_SBAT_FILE", " - [Config] riscv64: Enable EFI_ZBOOT", " - [Config] riscv64: Disable support for non-RVA23 SoCs", " - [Config] riscv64: Disable RISCV_ISA_FALLBACK", " - [Config] riscv64: Sync config with other architectures", "", " * Miscellaneous Ubuntu changes", " - [Config] updateconfigs after rebase to 6.17", "" ], "package": "linux-unstable", "version": "6.18.0-0.0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126040, 2126948, 1981437 ], "author": "Timo Aaltonen ", "date": "Tue, 07 Oct 2025 14:15:18 +0300" } ], "notes": "linux-modules-6.18.0-8-generic version '6.18.0-8.8' (source package linux version '6.18.0-8.8') was added. linux-modules-6.18.0-8-generic version '6.18.0-8.8' has the same source package name, linux, as removed package linux-modules-6.17.0-8-generic. As such we can use the source package version of the removed package, '6.17.0-8.8', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [ { "name": "linux-image-6.17.0-8-generic", "from_version": { "source_package_name": "linux-signed", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-modules-6.17.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "notes": "Changelog diff for Ubuntu 26.04 resolute image from daily image serial 20251216 to 20260106", "from_series": "resolute", "to_series": "resolute", "from_serial": "20251216", "to_serial": "20260106", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }