{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "libclang-cpp21", "libicu78", "libllvm21", "linux-headers-6.17.0-8", "linux-headers-6.17.0-8-generic", "linux-image-6.17.0-8-generic", "linux-modules-6.17.0-8-generic", "linux-tools-6.17.0-8", "linux-tools-6.17.0-8-generic" ], "removed": [ "libclang-cpp20", "libicu76", "linux-headers-6.17.0-6", "linux-headers-6.17.0-6-generic", "linux-image-6.17.0-6-generic", "linux-modules-6.17.0-6-generic", "linux-tools-6.17.0-6", "linux-tools-6.17.0-6-generic" ], "diff": [ "base-files", "bc", "bpfcc-tools", "bpftool", "cloud-guest-utils", "cloud-init", "cloud-init-base", "cloud-initramfs-copymods", "cloud-initramfs-dyn-netconf", "curl", "dmidecode", "dosfstools", "eatmydata", "efibootmgr", "ftp", "fwupd", "gcc-15-base", "gdisk", "groff-base", "hdparm", "hostname", "ieee-data", "inetutils-telnet", "initramfs-tools", "initramfs-tools-bin", "initramfs-tools-core", "kbd", "kpartx", "libaio1t64", "libassuan9", "libatomic1", "libbpfcc", "libbytesize-common", "libbytesize1", "libcbor0.10", "libclang1-20", "libcurl3t64-gnutls", "libcurl4t64", "libdrm-amdgpu1", "libdrm-common", "libdrm2", "libeatmydata1", "libestr0", "libevdev2", "libfastjson4", "libffi8", "libflashrom1", "libfribidi0", "libfwupd3", "libgcc-s1", "libgpg-error-l10n", "libgpg-error0", "libgstreamer1.0-0", "libinih1", "libisns0t64", "libksba8", "libldap-common", "libldap2", "libllvm20", "liblmdb0", "libmbim-glib4", "libmbim-proxy", "libmbim-utils", "libmm-glib0", "libmnl0", "libmpathcmd0", "libmpathpersist0", "libmultipath0", "libncurses6", "libncursesw6", "libnetfilter-conntrack3", "libnfnetlink0", "libnftables1", "libnftnl11", "libnspr4", "libntfs-3g89t64", "libpopt0", "libproc2-0", "libprotobuf-c1", "libpsl5t64", "libpython3.13", "libpython3.13-minimal", "libpython3.13-stdlib", "libsframe2", "libslang2", "libsodium23", "libstdc++6", "libtinfo6", "libtraceevent1", "libtraceevent1-plugin", "libtss2-esys-3.0.2-0t64", "libtss2-mu-4.0.1-0t64", "libtss2-sys1t64", "libtss2-tcti-cmd0t64", "libtss2-tcti-device0t64", "libtss2-tcti-mssim0t64", "libtss2-tcti-swtpm0t64", "libxext6", "libxxhash0", "linux-headers-generic", "linux-headers-virtual", "linux-image-virtual", "linux-libc-dev", "linux-perf", "linux-tools-common", "linux-virtual", "logrotate", "lshw", "lxd-agent-loader", "lxd-installer", "mawk", "modemmanager", "motd-news-config", "mtr-tiny", "multipath-tools", "ncurses-base", "ncurses-bin", "ncurses-term", "networkd-dispatcher", "nftables", "ntfs-3g", "openssh-client", "openssh-server", "openssh-sftp-server", "os-prober", "overlayroot", "procps", "python-babel-localedata", "python3-attr", "python3-babel", "python3-bcrypt", "python3-boto3", "python3-botocore", "python3-bpfcc", "python3-chardet", "python3-click", "python3-configobj", "python3-constantly", "python3-debian", "python3-distro", "python3-distupgrade", "python3-httplib2", "python3-hyperlink", "python3-idna", "python3-incremental", "python3-jaraco.context", "python3-jaraco.functools", "python3-jaraco.text", "python3-json-pointer", "python3-jsonpatch", "python3-jsonschema", "python3-launchpadlib", "python3-magic", "python3-mdurl", "python3-netaddr", "python3-ptyprocess", "python3-pyasn1", "python3-pyasn1-modules", "python3-pygments", "python3-serial", "python3-service-identity", "python3-software-properties", "python3-urllib3", "python3.13", "python3.13-gdbm", "python3.13-minimal", "python3.14-gdbm", "snapd", "software-properties-common", "sos", "ssh-import-id", "sysvinit-utils", "telnet", "tmux", "tnftp", "tpm-udev", "trace-cmd", "ubuntu-keyring", "ubuntu-release-upgrader-core", "ufw", "unattended-upgrades", "usb-modeswitch-data", "usb.ids", "vim", "vim-common", "vim-runtime", "vim-tiny", "xauth", "xfsprogs", "xkb-data", "xml-core", "xxd", "zerofree" ] } }, "diff": { "deb": [ { "name": "base-files", "from_version": { "source_package_name": "base-files", "source_package_version": "14ubuntu4", "version": "14ubuntu4" }, "to_version": { "source_package_name": "base-files", "source_package_version": "14ubuntu5", "version": "14ubuntu5" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * logos: Use the correct Ubuntu logo, and resize it a bit smaller: 72px tall", " * logos: Add SVG variants of the Ubuntu logo", "" ], "package": "base-files", "version": "14ubuntu5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Alessandro Astone ", "date": "Thu, 04 Dec 2025 16:35:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "bc", "from_version": { "source_package_name": "bc", "source_package_version": "1.07.1-4", "version": "1.07.1-4" }, "to_version": { "source_package_name": "bc", "source_package_version": "1.07.1-4build1", "version": "1.07.1-4build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "bc", "version": "1.07.1-4build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:37:02 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "bpfcc-tools", "from_version": { "source_package_name": "bpfcc", "source_package_version": "0.31.0+ds-7ubuntu2", "version": "0.31.0+ds-7ubuntu2" }, "to_version": { "source_package_name": "bpfcc", "source_package_version": "0.35.0+ds-1ubuntu1", "version": "0.35.0+ds-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - d/control: enable ppc64el architecture (LP 2074121).", " - d/control: include ppc64el in the arches to skip for lua", " - d/control, d/p/2003-libbpf-tools-debian.patch:", " - Build with llvm-19, FTBFS with 20.", " - d/t/control: Run testsuite as autopkgtest (LP 2052813)", " - d/rules: add back riscv64 to tool_skip_arch, fixing FTBFS", " - Removed delta, bpftool has its own package also in Ubuntu now:", " - Depend on linux-tools-generic instead of bpftool", " - Export bpftool binary to avoid system trying to use the chroot kernel", " - d/p/disable-werror-to-fix-build.patch:", " - disable Werror for now to workaround build issues on ppc64el", " reported upstream https://github.com/iovisor/bcc/pull/5331", " * d/control: Don't use a mix of versioned and unversioned build dependencies.", " * Fix build with LLVM 21, taken from upstream.", "" ], "package": "bpfcc", "version": "0.35.0+ds-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Fri, 24 Oct 2025 14:17:00 +0200" }, { "cves": [], "log": [ "", " [ Alexandre Detiste ]", " * [153d814] refresh debian/copyright-check", "", " [ Ritesh Raj Sarraf ]", " * [377ea5e] New upstream version 0.35.0+ds (Closes: #1112731)", " * [c1bab55] Bump build dependency on cmake to >= 3.12", " * [584da1e] Refresh patches", "" ], "package": "bpfcc", "version": "0.35.0+ds-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Ritesh Raj Sarraf ", "date": "Fri, 24 Oct 2025 15:21:23 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "bpftool", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "7.7.0+6.17.0-6.6" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "7.7.0+6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-guest-utils", "from_version": { "source_package_name": "cloud-utils", "source_package_version": "0.33-1", "version": "0.33-1" }, "to_version": { "source_package_name": "cloud-utils", "source_package_version": "0.33-1build1", "version": "0.33-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "cloud-utils", "version": "0.33-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 11:24:14 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-init", "from_version": { "source_package_name": "cloud-init", "source_package_version": "25.4~1gcb12e00e-0ubuntu1", "version": "25.4~1gcb12e00e-0ubuntu1" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "25.4~1gcb12e00e-0ubuntu2", "version": "25.4~1gcb12e00e-0ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2131809 ], "changes": [ { "cves": [], "log": [ "", " * d/cloud-init-base.config and d/cloud-init-base.postinst:", " - fix debconf value migration error resulting in invalid config created", " by debian script (LP: #2131809)", " - address shellcheck failures", "" ], "package": "cloud-init", "version": "25.4~1gcb12e00e-0ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131809 ], "author": "Chad Smith ", "date": "Wed, 03 Dec 2025 14:48:59 -0700" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-init-base", "from_version": { "source_package_name": "cloud-init", "source_package_version": "25.4~1gcb12e00e-0ubuntu1", "version": "25.4~1gcb12e00e-0ubuntu1" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "25.4~1gcb12e00e-0ubuntu2", "version": "25.4~1gcb12e00e-0ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2131809 ], "changes": [ { "cves": [], "log": [ "", " * d/cloud-init-base.config and d/cloud-init-base.postinst:", " - fix debconf value migration error resulting in invalid config created", " by debian script (LP: #2131809)", " - address shellcheck failures", "" ], "package": "cloud-init", "version": "25.4~1gcb12e00e-0ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131809 ], "author": "Chad Smith ", "date": "Wed, 03 Dec 2025 14:48:59 -0700" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-initramfs-copymods", "from_version": { "source_package_name": "cloud-initramfs-tools", "source_package_version": "0.49", "version": "0.49" }, "to_version": { "source_package_name": "cloud-initramfs-tools", "source_package_version": "0.49build1", "version": "0.49build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "cloud-initramfs-tools", "version": "0.49build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:39:33 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-initramfs-dyn-netconf", "from_version": { "source_package_name": "cloud-initramfs-tools", "source_package_version": "0.49", "version": "0.49" }, "to_version": { "source_package_name": "cloud-initramfs-tools", "source_package_version": "0.49build1", "version": "0.49build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "cloud-initramfs-tools", "version": "0.49build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:39:33 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "curl", "from_version": { "source_package_name": "curl", "source_package_version": "8.14.1-2ubuntu1", "version": "8.14.1-2ubuntu1" }, "to_version": { "source_package_name": "curl", "source_package_version": "8.17.0-1ubuntu1", "version": "8.17.0-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130119 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130119). Remaining changes:", " - d/{control,rules}: drop nghttp3 and ngtcp2 dependencies in universe", " - d/control: do not use gnutls for the curl binary", " - d/control: don't build-depend on python3-impacket and stunnel on i386", "" ], "package": "curl", "version": "8.17.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130119 ], "author": "Ural Tunaboyu ", "date": "Fri, 07 Nov 2025 13:42:15 +0100" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0", "" ], "package": "curl", "version": "8.17.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 05 Nov 2025 08:22:23 +0000" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0~rc3", " * d/copyright: Drop lib/curl_des.c and lib/curl_des.h, removed upstream", "" ], "package": "curl", "version": "8.17.0~rc3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 29 Oct 2025 18:33:28 +0000" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0~rc2", " * Revert \"d/salsa-ci: enable ARM build test\"", " * Drop patches merged upstream:", " - setopt-accept-_SSL_VERIFYHOST-set-to-2L.patch", " - asyn-thrdd-drop-pthread_cancel.patch", " - setopt-make-CURLOPT_MAXREDIRS-accept-1-again.patch", " * Refresh patches:", " - ZZZgnutls-build.patch", " - build-Divide-mit-krb5-gssapi-link-flags-between-LDFLAGS-a.patch", " * d/copyright: Drop entry for lib/krb5.c, file was removed", " * d/libcurl*.symbols: Add new symbols curl_multi_notify_disable and", " curl_multi_notify_enable", "" ], "package": "curl", "version": "8.17.0~rc2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Mon, 20 Oct 2025 19:05:21 +0100" }, { "cves": [], "log": [ "", " * debian/patches/setopt-make-CURLOPT_MAXREDIRS-accept-1-again.patch: import", " from upstream. (Closes: #1117593)", "" ], "package": "curl", "version": "8.16.0-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Carlos Henrique Lima Melara ", "date": "Wed, 08 Oct 2025 13:05:07 -0300" }, { "cves": [], "log": [ "", " * d/control: Fix required versions of libnghttp3 and libngtcp2 packages.", " - Append \"~\" to the end of the version, for a backports-friendly package.", " - Add an explicit dependency on libnghttp3-9 and libngtcp2-16, as", " otherwise dpkg picks a lower version as a dependency, but we need", " newer versions for HTTP/3.", " - Bump the version requirement for libnghttp3-dev to 1.11.0.", " * d/control: wrap-and-sort -taf", "" ], "package": "curl", "version": "8.16.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Tue, 07 Oct 2025 20:47:19 +0100" }, { "cves": [], "log": [ "", " [ Carlos Henrique Lima Melara ]", " * d/rules: use DEB_DISTRIBUTION to add configure flags for experimental", " * d/watch-rc: keep a watch file for curl RC releases", "", " [ Marcos Felipe de Almeida Souza ]", " * d/patches: Add upstream commits to fix regressions", " - async-thrdd-drop-pthread_cancel.patch: Upstream changes", " - setopt-accept-_SSL_VERIFYHOST-set-to-2L.patch: Upstream changes", "", " [ Samuel Henrique ]", " * Build OpenSSL HTTP/3 support with ngtcp2", " - Add B-D on libngtcp2-crypto-ossl-dev (>= 1.16.0)", " - Add Depends on libngtcp2-crypto-ossl-dev (>= 1.16.0) and", " libngtcp2-dev (>= 1.16.0) in the OpenSSL -dev package", " - Bump libngtcp2-dev and libngtcp2-crypto-gnutls-dev Depends in the", " GnuTLS -dev package to >= 1.16.0", " - Drop --with-openssl-quic configure flag in OpenSSL build", " - Set --with-ngtcp2 and --with-nghttp3 configure flag for both builds", " (OpenSSL and GnuTLS)", "" ], "package": "curl", "version": "8.16.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Thu, 02 Oct 2025 22:29:47 +0100" }, { "cves": [], "log": [ "", " * d/watch: Point to GitHub for GA releases", " * New upstream version 8.16.0", "" ], "package": "curl", "version": "8.16.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 10 Sep 2025 08:40:58 +0100" }, { "cves": [], "log": [ "", " * New upstream version 8.16.0~rc3.", "" ], "package": "curl", "version": "8.16.0~rc3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Carlos Henrique Lima Melara ", "date": "Thu, 04 Sep 2025 21:26:46 -0300" }, { "cves": [], "log": [ "", " * d/t/common-upstream-tests: Invoke dh clean, not override_dh_auto_clean.", "" ], "package": "curl", "version": "8.16.0~rc2-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sergio Durigan Junior ", "date": "Fri, 29 Aug 2025 23:37:58 -0400" }, { "cves": [], "log": [ "", " [ Samuel Henrique ]", " * New upstream version 8.16.0~rc2", " * d/watch: Point to rc releases and pick tar.xz tarballs", " * Update patches:", " - 11_omit-directories-from-config.patch: Upstream changes in Makefile", " - ZZZgnutls-build.patch: Upstream changes in Makefile", " - build-Divide-mit-krb5-gssapi-link-flags-between-LDFLAGS-a.patch: Update", " context", " * d/libcurl*.symbols: New symbols \"curl_multi_get_offt\" and", " \"curl_ws_start_frame\"", " * d/rules: Add missing backslash to escape newline", " * d/rules: Remove \"--cache-files\" from curl-config", "", " [ Sergio Durigan Junior ]", " * Use d/clean instead of overriding dh_auto_clean", " * d/rules:", " - Enable symbol hiding when compiling curl.", " - New variables with_{openssl,gnutls}.", " - Specify --cache-file when invoking configure.", " - Expand removal of aclocal to debian/tmp*/ directories.", " - Use \"define\" to create a template of the configure step.", " - Use \"define\" to create a template of the build step.", " - Use \"define\" to create a template of the test step.", " - Use \"define\" to create a template of the install step.", "", " [ Aquila Macedo ]", " * d/copyright: sync licenses", " * d/copyright: add myself", " * d/lrc.config: add initial exclusions to suppress false positives", "" ], "package": "curl", "version": "8.16.0~rc2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Mon, 25 Aug 2025 23:21:04 +0100" }, { "cves": [], "log": [ "", " [ Samuel Henrique ]", " * New upstream version 8.15.0", " * d/patches:", " - Drop patches merged upstream", " - build-Divide-mit-krb5-gssapi...: Refresh patch", " - ZZZgnutls-build.patch: Update patch", " * d/copyright:", " - Update with renamed and removed files", " - Remove dropped files build-openssl.bat and checksrc.bat", "", " [ Carlos Henrique Lima Melara ]", " * d/patches/:", " - Refresh patches", " - Rebase patches against new upstream version", " * d/libcurl4-doc.docs: remove docs/examples/README.md, it's in .examples *", "", " [ Aquila Macedo ]", " * d/tests/common-upstream-tests: centralize common build steps", "" ], "package": "curl", "version": "8.15.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Sun, 10 Aug 2025 16:38:32 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "dmidecode", "from_version": { "source_package_name": "dmidecode", "source_package_version": "3.6-2", "version": "3.6-2" }, "to_version": { "source_package_name": "dmidecode", "source_package_version": "3.6-2build1", "version": "3.6-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "dmidecode", "version": "3.6-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:43:07 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "dosfstools", "from_version": { "source_package_name": "dosfstools", "source_package_version": "4.2-1.2", "version": "4.2-1.2" }, "to_version": { "source_package_name": "dosfstools", "source_package_version": "4.2-1.2build1", "version": "4.2-1.2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "dosfstools", "version": "4.2-1.2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:43:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "eatmydata", "from_version": { "source_package_name": "libeatmydata", "source_package_version": "131-2", "version": "131-2" }, "to_version": { "source_package_name": "libeatmydata", "source_package_version": "131-2build1", "version": "131-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libeatmydata", "version": "131-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:16:49 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "efibootmgr", "from_version": { "source_package_name": "efibootmgr", "source_package_version": "18-2ubuntu3", "version": "18-2ubuntu3" }, "to_version": { "source_package_name": "efibootmgr", "source_package_version": "18-4ubuntu1", "version": "18-4ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable. Remaining changes:", " - d/.gitignore: Un-ignore patches", " - d/rules: Disable GCS linker warnings on arm64", " - d/p/fix-active-inactive-commands.patch: Patch active and inactive commands", "" ], "package": "efibootmgr", "version": "18-4ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Simon Johnsson ", "date": "Thu, 04 Dec 2025 10:53:37 +0100" }, { "cves": [], "log": [ "", " * d/control: Build for exact same architectures as efivar", " * d/control: Add Homepage field (Closes: #1055888)", "" ], "package": "efibootmgr", "version": "18-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Tue, 19 Aug 2025 23:02:14 -0500" }, { "cves": [], "log": [ "", " [ наб ]", " * Import upstream PR #224, fixing File() sections being listed in base16", " Closes: #1055526", "", " [ Mario Limonciello (AMD) ]", " * d/watch: update", " * Add salsa-ci.yml", " * d/control: b-d on pkgconf instead of pkg-config", " * d/control: update standards version", " * d/copyright: update URL for upstream", "" ], "package": "efibootmgr", "version": "18-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Mon, 18 Aug 2025 15:05:18 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ftp", "from_version": { "source_package_name": "tnftp", "source_package_version": "20230507-2build3", "version": "20230507-2build3" }, "to_version": { "source_package_name": "tnftp", "source_package_version": "20230507-2build4", "version": "20230507-2build4" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tnftp", "version": "20230507-2build4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 15:26:42 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "fwupd", "from_version": { "source_package_name": "fwupd", "source_package_version": "2.0.17-6", "version": "2.0.17-6" }, "to_version": { "source_package_name": "fwupd", "source_package_version": "2.0.18-1", "version": "2.0.18-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version (2.0.18)", " * Drop upstream patches", "" ], "package": "fwupd", "version": "2.0.18-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Mon, 01 Dec 2025 08:08:20 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "gcc-15-base", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-9ubuntu1", "version": "15.2.0-9ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-10ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 14:54:16 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251202 from the gcc-15 branch.", " - Fix PR target/122858 (ARM), PR target/110796 (ARM),", " PR target/118446 (ARM), PR target/122867 (ARM), PR target/122692 (RISCV),", " PR c++/122658, PR c++/121325, PR c++/122789, PR libstdc++/122921,", " PR libstdc++/122842.", " * Update algol68 to the gcc-15 branch 20251030.", " * Fix some lintian warnings, override some more.", " * Manage the libasan and libcc1 symbols files with the symbols helper.", "" ], "package": "gcc-15", "version": "15.2.0-10", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 14:07:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "gdisk", "from_version": { "source_package_name": "gdisk", "source_package_version": "1.0.10-2", "version": "1.0.10-2" }, "to_version": { "source_package_name": "gdisk", "source_package_version": "1.0.10-2build1", "version": "1.0.10-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "gdisk", "version": "1.0.10-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:07:40 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "groff-base", "from_version": { "source_package_name": "groff", "source_package_version": "1.23.0-9", "version": "1.23.0-9" }, "to_version": { "source_package_name": "groff", "source_package_version": "1.23.0-10", "version": "1.23.0-10" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Drop \"Rules-Requires-Root: no\", default as of dpkg-dev 1.22.13.", " * Alphabetically sort utility descriptions in groff's package description.", " * Mention several more programs and macro packages in groff's package", " description (closes: #1121577).", " * Fix occasional gxditview build ordering failure (closes: #1121570).", "" ], "package": "groff", "version": "1.23.0-10", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Tue, 02 Dec 2025 11:08:49 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "hdparm", "from_version": { "source_package_name": "hdparm", "source_package_version": "9.65+ds-1.1", "version": "9.65+ds-1.1" }, "to_version": { "source_package_name": "hdparm", "source_package_version": "9.65+ds-1.1build1", "version": "9.65+ds-1.1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "hdparm", "version": "9.65+ds-1.1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:10:50 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "hostname", "from_version": { "source_package_name": "hostname", "source_package_version": "3.25", "version": "3.25" }, "to_version": { "source_package_name": "hostname", "source_package_version": "3.25build1", "version": "3.25build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "hostname", "version": "3.25build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:11:28 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ieee-data", "from_version": { "source_package_name": "ieee-data", "source_package_version": "20240722", "version": "20240722" }, "to_version": { "source_package_name": "ieee-data", "source_package_version": "20240722build1", "version": "20240722build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "ieee-data", "version": "20240722build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:12:06 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "inetutils-telnet", "from_version": { "source_package_name": "inetutils", "source_package_version": "2:2.6-1ubuntu3", "version": "2:2.6-1ubuntu3" }, "to_version": { "source_package_name": "inetutils", "source_package_version": "2:2.6-4ubuntu1", "version": "2:2.6-4ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130124 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130124). Remaining changes:", " - Do not test the inetutils-ping package (LP #2009814)", " + d/t/test-root-commands: disable ping tests", " + d/t/control: remove inetutils-ping dependency", " * Drop changes:", " - d/patches/fix-ftbfs-ls-f.patch: Remove 'ls -f' test to prevent FTBFS (LP #2122271)", " [Fixed in 2.6-2]", " * New changes:", " - d/patches/inetutils-ttymsg-suppress-enoent: Fix UTMP support by ignoring ENOENT", " Thanks to Erik Auerswald", "" ], "package": "inetutils", "version": "2:2.6-4ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130124 ], "author": "Valentin Haudiquet ", "date": "Mon, 01 Dec 2025 20:38:18 +0100" }, { "cves": [], "log": [ "", " * Use URL instead of FSF postal address for GPL in debian/copyright.", " * Remove «Rules-Requires-Root: no», which is the current default.", " * Remove «Priority: optional» field, which is the current default.", " * Switch to Standards-Version 4.7.2 (no changes needed).", " * Add Builde-Depends on libcrypt-dev. (Closes: #1106935)", " * Refresh debian/upstream/signing-key.asc (update expiry dates).", "" ], "package": "inetutils", "version": "2:2.6-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Mon, 11 Aug 2025 00:25:19 +0200" }, { "cves": [], "log": [ "", " * Make libsystemd-dev support linux-any specific.", "" ], "package": "inetutils", "version": "2:2.6-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Sun, 22 Jun 2025 16:59:29 +0200" }, { "cves": [], "log": [ "", " * Enable libsystemd support to restore utmp functionality in", " syslogd and talkd, on systems running systemd.", " * Remove bogus test for unsorted file listing, causing indeterministic", " build failures on some systems.", "" ], "package": "inetutils", "version": "2:2.6-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Fri, 20 Jun 2025 03:39:26 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "initramfs-tools", "from_version": { "source_package_name": "initramfs-tools", "source_package_version": "0.150ubuntu5", "version": "0.150ubuntu5" }, "to_version": { "source_package_name": "initramfs-tools", "source_package_version": "0.150ubuntu6", "version": "0.150ubuntu6" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * autopkgtest: increase timeout to 240s on s390x", "" ], "package": "initramfs-tools", "version": "0.150ubuntu6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Tue, 09 Dec 2025 17:30:31 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "initramfs-tools-bin", "from_version": { "source_package_name": "initramfs-tools", "source_package_version": "0.150ubuntu5", "version": "0.150ubuntu5" }, "to_version": { "source_package_name": "initramfs-tools", "source_package_version": "0.150ubuntu6", "version": "0.150ubuntu6" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * autopkgtest: increase timeout to 240s on s390x", "" ], "package": "initramfs-tools", "version": "0.150ubuntu6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Tue, 09 Dec 2025 17:30:31 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "initramfs-tools-core", "from_version": { "source_package_name": "initramfs-tools", "source_package_version": "0.150ubuntu5", "version": "0.150ubuntu5" }, "to_version": { "source_package_name": "initramfs-tools", "source_package_version": "0.150ubuntu6", "version": "0.150ubuntu6" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * autopkgtest: increase timeout to 240s on s390x", "" ], "package": "initramfs-tools", "version": "0.150ubuntu6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Benjamin Drung ", "date": "Tue, 09 Dec 2025 17:30:31 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "kbd", "from_version": { "source_package_name": "kbd", "source_package_version": "2.7.1-2ubuntu1", "version": "2.7.1-2ubuntu1" }, "to_version": { "source_package_name": "kbd", "source_package_version": "2.7.1-2ubuntu2", "version": "2.7.1-2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2076009 ], "changes": [ { "cves": [], "log": [ "", " * d/kbd.initramfs-hook: use /usr/bin as path for executable (LP: #2076009)", "" ], "package": "kbd", "version": "2.7.1-2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2076009 ], "author": "Benjamin Drung ", "date": "Mon, 01 Dec 2025 15:58:30 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "kpartx", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.11.1-3ubuntu2", "version": "0.11.1-3ubuntu2" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2126024 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2126024). Remaining changes:", " - d/rules: don't build the multipath-tools binary package on i386; only kpartx.", " - d/p/enable-find-multipaths.patch: re-enable find_multipaths by", " default -- see the removed 'add_find-multipaths.patch' (LP #1463046)", " - d/t/initramfs: determine extracted main cpio path dynamically", " - d/NEWS: add removal of kpartx-boot package", " - d/rules: remove -Bsymbolic-functions from LDFLAGS", " - d/rules: install friendly names multipath.conf by default", " - d/initramfs: fix multipathd process lingering when local-* initramfs", " scripts are not executed. The multipathd process is started by a script in", " init-top/ (which is executed unconditionally) so it should be", " stopped by an init-bottom script, not a local-bottom script which is", " not always executed (LP #2080474).", " + This is affecting the Ubuntu installer, where we execute (perhaps", " accidentally) the nfs-* scripts instead of the local-* scripts.", " - d/initramfs/scripts/init-top: ensure the bindings file exists before", " calling multipathd -B in the initramfs. This prevents multipathd -B from", " failing and exiting immediately (LP #2120444).", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126024 ], "author": "Jonas Jelten ", "date": "Mon, 01 Dec 2025 16:41:43 +0100" }, { "cves": [], "log": [ "", " * [faa43cc] New upstream version 0.12.0", " * [6be5e93] Refresh patches", " * [9e3a45d] Install multipathd-queueing.service", "" ], "package": "multipath-tools", "version": "0.12.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Sun, 14 Sep 2025 19:44:45 +0200" }, { "cves": [], "log": [ "", " * Upload to unstable", "" ], "package": "multipath-tools", "version": "0.11.1-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Tue, 12 Aug 2025 11:33:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libaio1t64", "from_version": { "source_package_name": "libaio", "source_package_version": "0.3.113-8", "version": "0.3.113-8" }, "to_version": { "source_package_name": "libaio", "source_package_version": "0.3.113-8build1", "version": "0.3.113-8build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libaio", "version": "0.3.113-8build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:15:19 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libassuan9", "from_version": { "source_package_name": "libassuan", "source_package_version": "3.0.2-2", "version": "3.0.2-2" }, "to_version": { "source_package_name": "libassuan", "source_package_version": "3.0.2-2build1", "version": "3.0.2-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libassuan", "version": "3.0.2-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:15:45 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libatomic1", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-9ubuntu1", "version": "15.2.0-9ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-10ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 14:54:16 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251202 from the gcc-15 branch.", " - Fix PR target/122858 (ARM), PR target/110796 (ARM),", " PR target/118446 (ARM), PR target/122867 (ARM), PR target/122692 (RISCV),", " PR c++/122658, PR c++/121325, PR c++/122789, PR libstdc++/122921,", " PR libstdc++/122842.", " * Update algol68 to the gcc-15 branch 20251030.", " * Fix some lintian warnings, override some more.", " * Manage the libasan and libcc1 symbols files with the symbols helper.", "" ], "package": "gcc-15", "version": "15.2.0-10", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 14:07:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libbpfcc", "from_version": { "source_package_name": "bpfcc", "source_package_version": "0.31.0+ds-7ubuntu2", "version": "0.31.0+ds-7ubuntu2" }, "to_version": { "source_package_name": "bpfcc", "source_package_version": "0.35.0+ds-1ubuntu1", "version": "0.35.0+ds-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - d/control: enable ppc64el architecture (LP 2074121).", " - d/control: include ppc64el in the arches to skip for lua", " - d/control, d/p/2003-libbpf-tools-debian.patch:", " - Build with llvm-19, FTBFS with 20.", " - d/t/control: Run testsuite as autopkgtest (LP 2052813)", " - d/rules: add back riscv64 to tool_skip_arch, fixing FTBFS", " - Removed delta, bpftool has its own package also in Ubuntu now:", " - Depend on linux-tools-generic instead of bpftool", " - Export bpftool binary to avoid system trying to use the chroot kernel", " - d/p/disable-werror-to-fix-build.patch:", " - disable Werror for now to workaround build issues on ppc64el", " reported upstream https://github.com/iovisor/bcc/pull/5331", " * d/control: Don't use a mix of versioned and unversioned build dependencies.", " * Fix build with LLVM 21, taken from upstream.", "" ], "package": "bpfcc", "version": "0.35.0+ds-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Fri, 24 Oct 2025 14:17:00 +0200" }, { "cves": [], "log": [ "", " [ Alexandre Detiste ]", " * [153d814] refresh debian/copyright-check", "", " [ Ritesh Raj Sarraf ]", " * [377ea5e] New upstream version 0.35.0+ds (Closes: #1112731)", " * [c1bab55] Bump build dependency on cmake to >= 3.12", " * [584da1e] Refresh patches", "" ], "package": "bpfcc", "version": "0.35.0+ds-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Ritesh Raj Sarraf ", "date": "Fri, 24 Oct 2025 15:21:23 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "libbytesize-common", "from_version": { "source_package_name": "libbytesize", "source_package_version": "2.11-3", "version": "2.11-3" }, "to_version": { "source_package_name": "libbytesize", "source_package_version": "2.12-1", "version": "2.12-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload", " * New upstream version 2.12", " * Drop Rules-Requires-Root: no.", " No longer necessary as \"no\" is now the default.", " * Update debian/copyright.", " Remove reference to the old FSF postal address and refer to", " https://www.gnu.org/licenses/ instead.", "" ], "package": "libbytesize", "version": "2.12-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Michael Biebl ", "date": "Thu, 04 Dec 2025 17:45:56 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libbytesize1", "from_version": { "source_package_name": "libbytesize", "source_package_version": "2.11-3", "version": "2.11-3" }, "to_version": { "source_package_name": "libbytesize", "source_package_version": "2.12-1", "version": "2.12-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload", " * New upstream version 2.12", " * Drop Rules-Requires-Root: no.", " No longer necessary as \"no\" is now the default.", " * Update debian/copyright.", " Remove reference to the old FSF postal address and refer to", " https://www.gnu.org/licenses/ instead.", "" ], "package": "libbytesize", "version": "2.12-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Michael Biebl ", "date": "Thu, 04 Dec 2025 17:45:56 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libcbor0.10", "from_version": { "source_package_name": "libcbor", "source_package_version": "0.10.2-2ubuntu1", "version": "0.10.2-2ubuntu1" }, "to_version": { "source_package_name": "libcbor", "source_package_version": "0.10.2-2ubuntu2", "version": "0.10.2-2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libcbor", "version": "0.10.2-2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:16:02 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libclang1-20", "from_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-0ubuntu6", "version": "1:20.1.8-0ubuntu6" }, "to_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu2", "version": "1:20.1.8-2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * libc++-20-dev: Relax dependency on libc++1.", " * Again, stop building packages built by LLVM 21.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Sat, 22 Nov 2025 14:00:28 +0100" }, { "cves": [], "log": [ "", " * d/p/series: Apply the ubuntu-clang-use-RVA23U64-profile patch.", " * Regenerate the control file.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Fri, 21 Nov 2025 18:31:49 +0100" }, { "cves": [], "log": [ "", " [ Matthias Klose ]", " * d/rules: Disable COMPILER_RT_BUILD_BUILTINS for s390x, still unsupported", " in 20.x (and 19.x), only supported with 21.x.", " * Add a llvm.noclang build profile (not enabled by default).", " * Re(?)-enable omp on i386.", " * d/control: Only use one build profile per binary package for now. The ORing", " of build profiles seems to be not working.", " * Rename build profiles from llvm.* to pkg.llvm.*.", " * libc++-20-dev: Relax dependency on libc++1.", "", " [ Sylvestre Ledru ]", " * SKIP_COMMON_PACKAGES = no because, otherwise, it creates a dep on llvm 21", " and breaks apt.llvm.org", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2", "urgency": "medium", "distributions": "UNRELEASED", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Sat, 22 Nov 2025 13:56:35 +0100" }, { "cves": [], "log": [ "", " * Merge 21 changes from 1:21.1.1-1 up to 1:21.1.4-7.", "", " [ Matthias Klose ]", " * d/libclang-rt-X.Y-dev.install.in: liborc_rt* is not available on powerpc.", " * Stop using gold, and use the GNU BFD linker where lld is not working.", " * Set the baseline for Ubuntu/s390x 26.04 LTS and later to z15.", " * d/rules: Remove unused macro LLDB_ENABLE.", " * Turn off offloading on ppc64 and hurd-amd64. Unsupported.", " * d/rules: Don't turn off COMPILER_RT_USE_BUILTINS_LIBRARY and", " LIBCXX_USE_COMPILER_RT on s390x. See #1114980.", " * Diffentiate between LLD_ARCHS and LLD_BUILD_ARCHS. On some architectures", " lld is not usable for the bootstrap.", " * Try to turn off compiler-rt on hurd-amd64.", " * d/libclang1-X.Y.symbols.in: Add LLVM_21 symbol version, remove specific", " symbols covered by the added symbol version.", " * Fix usage-wrapper usage on hurd-amd64.", " * Update symbols files for libc++1, libc++abi1 and llvm-libunwind1.", " * Introduce the Ubuntu Resolute distro, remove obsolete Plucky patch.", " * d/rules: Add alpha to BINUTILS_ARCHS.", " * Always build the LLVMgold plugin, independent of the linker used for", " the build.", " * Define -DPPC_LINUX_DEFAULT_IEEELONGDOUBLE=ON on all architectures for correct", " cross compilers. Except on powerpc and ppc64, where it thinks it has this", " feature also on the host.", " * d/rules: Fix $ expansion in dpkg-query call.", " * d/rules: Factor out LIBUNWIND_ARCHS macro.", " * libomptarget is not built on ppc64.", " * Limit architecture of binary packages to the ones supported by LLVM.", " * d/libomp-X.Y-dev.install.in, d/libomp5-X.Y.install.in: Use OFFLOAD_ARCHS.", " * d/rules: Make grep a bit more quiet.", " * d/control*: Remove ${t64:Provides}.", " * Add patch to useRVA23U64 baseline on riscv64. Not applied by default.", " * python3-lldb-X.Y: Remove some dangling symlinks and use dh-python", " to create proper dependencies for the package. Addresses: #1106112.", " * d/p/protobuf_3.21.patch: Remove obsolete patch. Addresses: #1093963.", " * Remove obsolete build dependencies libjsoncpp-dev and pkg-config.", " Addresses: #1093961.", " * Add command completion for the versioned clang binary. Addresses: #1109370.", " * Rename libunwind1 to llvm-libunwind1, the namespace is already taken", " by the libunwind source package.", " * For the new llvm-libunwind1, libc++abi1 and libc++1 packages:", " - Add symbols files.", " - Add proper breaks/replaces for the previous packages built from", " this source.", " - Relax the dependency from the corresponding -dev packages", " from = to >=, needed when these new packages will be built from", " newer LLVM versions.", " - These should be Multi-Arch: same, but it is not yet possible,", " because these also exist in /usr/lib/llvm-21/lib ...", " * Bump the debhelper dependency to 11, d/compat was already at 11.", " * clang-tools: Install hwasan_symbolize on x32.", " * Drop major version from libomp5-21, rename to libomp5.", " * Build polly again on powerpc.", " * Also call dh_python3 for python3-clang-X.Y.", " * d/rules: New macro SMALL_DISK to remove intermediate files during the build.", " Turned on by default for buildd constraints.", " * d/rules: Fix stripping RPATH/RUNPATH.", " * Fix the binary-indep only build.", " * Introduce a macro SKIP_COMMON_PACKAGES to disable the build of packages", " built from an newer LLVM version (libc++1, libc++abi1, libomp5,", " llvm-libunwind1).", " When not building these packages, move the links in /usr/lib/llvm-X.Y/lib", " into the corresponding -dev packages and add a replaces to the last version", " building the common packages.", " * d/rules: Add dependencies for various build targets. Addresses: #1105541.", " * d/debian-llvm-testsuite.bats: Update for new package names.", " * Fix libPolly installation on powerpc.", " * debian/debian-llvm-testsuite.bats: Reformat and sort LIST.", " * Move libomptarget library from libomp5 to liboffload-X.Y.", " * d/rules: Don't call dh_makeshlibs for libomp5 twice.", " * d/rules: Ignore errors from dh_makeshlibs --remaining-packages.", " Let's collect symbols diffs first.", " * Update symbols files for libc++1, libc++abi1, libomp5 and", " llvm-libunwind1 on amd64, arm64, armhf, i386, ppc64el and s390x.", " * Reset the libc++1 and libc++abi1 symbols files, generated by", " pkgkde-symbolshelper. Let the buildds collect the symbols", " for the other architectures.", " * d/rules: Build with dh_install --list-missing to collect uninstalled", " artifacts on other architectures.", " * Add support to disable the OCAML build for specific releases.", " * Set explicit architecture list for libfuzzer-dev.", " * d/rules: New macro SLOPPY_BUILD to avoid build failures caused by", " additional build artifacts or missing symbols. Better to collect", " that information in build logs and apply it in follow-up uploads.", " Turn it on for architectures other than amd64 and arm64 for now.", " * Make the library packages libc++1, libc++abi1, libomp5 and llvm-libunwind1", " M-A: same, moving the real files to /usr/lib/. Provide the", " symlinks in /usr/lib/llvm-X.Y/lib in the correspinding -dev packages.", " Addresses: #1116212.", " * Revert parts of the SKIP_COMMON_PACKAGES changes, the move of the files", " to another package and the breaks/replaces are not needed anymore.", " * Update libomp5 symbols for ppc64 and ppc64el.", " * d/rules: Use POLLY_ARCHS instead of POLLY_NO_ARCHS.", " * Factor out BOLT_ARCHS and HWASAN_ARCHS.", " * When not building the common packages,", " - Remove the files in these packages according to their .install file.", " - Add a build dependency on the libllvm package.", " * d/rules: Don't remove the intermediate build files. This increases", " the build form 15GB to 35GB, far lower than the 100GB buildd limit.", " * llvm-X.Y-dev: Create a debian_config.mk Makefile snippet to record", " component builds for every architecture. Used by llvm-defaults to", " avoid hard-coding these again.", " * Reset the libomp5 symbols files, now generated by pkgkde-symbolshelper.", " Let the buildds collect the symbols for the other architectures.", " * Fix build dependencies when not building the common library packages.", " * d/rules: Differentiate between COMMON_PKGS and COMMON_BUILD_DEPS.", " * d/rules: Build again omp on mips64el and ppc64, as done in 19.", " * Install asan_symbolize in clang-tools, same as hwasan_sybolize.", " * Update libc++1 and libc++abi1 symbols files for all architectures.", " * d/rules: Use a d/shlibs.local file when not building the common libraries.", " * Fix installation of the asan_symbolize binary.", " * Rename the python extension ompdModule.so to one with the", " architecture specific extension.", " * d/rules: Move OMP_ARCHS and LIBUNWIND_ARCHS macro usage after definition.", " * ompd is not available on armhf.", " * d/rules: Also turn on SLOPPY_BUILD for amd64.", " * d/rules, d/*.{install,links,lintian-overrides}.in: Use a macro LLVM_DIR.", " * d/rules: Mark usage of SLOPPY_BUILD to ease searching in the build log.", "", " * Stop building packages built by LLVM 21.", "", " [ Sylvestre Ledru ]", " * Never use libunwind for libc++abi. Thanks to Norbert Lange for the fix.", " * Refresh the list of the symbols in libclang & libomp. See #1117600.", " * Do not test gold usage anymore. lld or mold are now much better.", " See #1117385.", " * Reame qualify-clang.sh to debian-llvm-testsuite.sh as it is now doing", " much more", " * Adjust debian-llvm-testsuite.sh to use lld instead of gold", " and debian/tests/integration-test-suite-test", " * Rename debian-llvm-testsuite.sh => debian-llvm-testsuite.bats", " And don't call it with bash, it is a bats script. See #1118487.", "", " [ Andres Salomon ]", " * Drop major version from libc++1-21, libc++abi1-21, and libunwind-21", " package names (eg, libc++1-21 -> libc++1). Upstream guarantees a stable", " ABI.", " * Add SONAME to libunwind (-> libunwind1). See #1116211.", "", " [ Norbert Lange ]", " * Move clang-cl and clang-scan-deps from clang-tools to the clang package.", " * Build compiler-rt for mingw-w64.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Thu, 06 Nov 2025 12:51:02 +0100" }, { "cves": [], "log": [ "", " [ Sylvestre Ledru ]", " * New upstream release", " * Remove \"Provides: libunwind-dev\"", " (Closes: #1100483)", "", " [ Andres Salomon ]", " * Remove libcxx-soname.diff, and revert changes that modified SONAMEs in", " libc++1-20, libc++abi1-20, and libuwind-20.", " * Drop major version from libc++1-20, libc++abi1-20, and libunwind-20", " package names (eg, libc++1-20 -> libc++1). Upstream guarantees a stable", " ABI.", "", " [ Jianfeng Liu ]", " * Add CFLAGS/CXXFLAGS -mcmodel=medium on loong64 (Closes: #1107858)", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-1~exp1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Sylvestre Ledru ", "date": "Thu, 17 Jul 2025 14:26:41 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libcurl3t64-gnutls", "from_version": { "source_package_name": "curl", "source_package_version": "8.14.1-2ubuntu1", "version": "8.14.1-2ubuntu1" }, "to_version": { "source_package_name": "curl", "source_package_version": "8.17.0-1ubuntu1", "version": "8.17.0-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130119 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130119). Remaining changes:", " - d/{control,rules}: drop nghttp3 and ngtcp2 dependencies in universe", " - d/control: do not use gnutls for the curl binary", " - d/control: don't build-depend on python3-impacket and stunnel on i386", "" ], "package": "curl", "version": "8.17.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130119 ], "author": "Ural Tunaboyu ", "date": "Fri, 07 Nov 2025 13:42:15 +0100" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0", "" ], "package": "curl", "version": "8.17.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 05 Nov 2025 08:22:23 +0000" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0~rc3", " * d/copyright: Drop lib/curl_des.c and lib/curl_des.h, removed upstream", "" ], "package": "curl", "version": "8.17.0~rc3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 29 Oct 2025 18:33:28 +0000" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0~rc2", " * Revert \"d/salsa-ci: enable ARM build test\"", " * Drop patches merged upstream:", " - setopt-accept-_SSL_VERIFYHOST-set-to-2L.patch", " - asyn-thrdd-drop-pthread_cancel.patch", " - setopt-make-CURLOPT_MAXREDIRS-accept-1-again.patch", " * Refresh patches:", " - ZZZgnutls-build.patch", " - build-Divide-mit-krb5-gssapi-link-flags-between-LDFLAGS-a.patch", " * d/copyright: Drop entry for lib/krb5.c, file was removed", " * d/libcurl*.symbols: Add new symbols curl_multi_notify_disable and", " curl_multi_notify_enable", "" ], "package": "curl", "version": "8.17.0~rc2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Mon, 20 Oct 2025 19:05:21 +0100" }, { "cves": [], "log": [ "", " * debian/patches/setopt-make-CURLOPT_MAXREDIRS-accept-1-again.patch: import", " from upstream. (Closes: #1117593)", "" ], "package": "curl", "version": "8.16.0-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Carlos Henrique Lima Melara ", "date": "Wed, 08 Oct 2025 13:05:07 -0300" }, { "cves": [], "log": [ "", " * d/control: Fix required versions of libnghttp3 and libngtcp2 packages.", " - Append \"~\" to the end of the version, for a backports-friendly package.", " - Add an explicit dependency on libnghttp3-9 and libngtcp2-16, as", " otherwise dpkg picks a lower version as a dependency, but we need", " newer versions for HTTP/3.", " - Bump the version requirement for libnghttp3-dev to 1.11.0.", " * d/control: wrap-and-sort -taf", "" ], "package": "curl", "version": "8.16.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Tue, 07 Oct 2025 20:47:19 +0100" }, { "cves": [], "log": [ "", " [ Carlos Henrique Lima Melara ]", " * d/rules: use DEB_DISTRIBUTION to add configure flags for experimental", " * d/watch-rc: keep a watch file for curl RC releases", "", " [ Marcos Felipe de Almeida Souza ]", " * d/patches: Add upstream commits to fix regressions", " - async-thrdd-drop-pthread_cancel.patch: Upstream changes", " - setopt-accept-_SSL_VERIFYHOST-set-to-2L.patch: Upstream changes", "", " [ Samuel Henrique ]", " * Build OpenSSL HTTP/3 support with ngtcp2", " - Add B-D on libngtcp2-crypto-ossl-dev (>= 1.16.0)", " - Add Depends on libngtcp2-crypto-ossl-dev (>= 1.16.0) and", " libngtcp2-dev (>= 1.16.0) in the OpenSSL -dev package", " - Bump libngtcp2-dev and libngtcp2-crypto-gnutls-dev Depends in the", " GnuTLS -dev package to >= 1.16.0", " - Drop --with-openssl-quic configure flag in OpenSSL build", " - Set --with-ngtcp2 and --with-nghttp3 configure flag for both builds", " (OpenSSL and GnuTLS)", "" ], "package": "curl", "version": "8.16.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Thu, 02 Oct 2025 22:29:47 +0100" }, { "cves": [], "log": [ "", " * d/watch: Point to GitHub for GA releases", " * New upstream version 8.16.0", "" ], "package": "curl", "version": "8.16.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 10 Sep 2025 08:40:58 +0100" }, { "cves": [], "log": [ "", " * New upstream version 8.16.0~rc3.", "" ], "package": "curl", "version": "8.16.0~rc3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Carlos Henrique Lima Melara ", "date": "Thu, 04 Sep 2025 21:26:46 -0300" }, { "cves": [], "log": [ "", " * d/t/common-upstream-tests: Invoke dh clean, not override_dh_auto_clean.", "" ], "package": "curl", "version": "8.16.0~rc2-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sergio Durigan Junior ", "date": "Fri, 29 Aug 2025 23:37:58 -0400" }, { "cves": [], "log": [ "", " [ Samuel Henrique ]", " * New upstream version 8.16.0~rc2", " * d/watch: Point to rc releases and pick tar.xz tarballs", " * Update patches:", " - 11_omit-directories-from-config.patch: Upstream changes in Makefile", " - ZZZgnutls-build.patch: Upstream changes in Makefile", " - build-Divide-mit-krb5-gssapi-link-flags-between-LDFLAGS-a.patch: Update", " context", " * d/libcurl*.symbols: New symbols \"curl_multi_get_offt\" and", " \"curl_ws_start_frame\"", " * d/rules: Add missing backslash to escape newline", " * d/rules: Remove \"--cache-files\" from curl-config", "", " [ Sergio Durigan Junior ]", " * Use d/clean instead of overriding dh_auto_clean", " * d/rules:", " - Enable symbol hiding when compiling curl.", " - New variables with_{openssl,gnutls}.", " - Specify --cache-file when invoking configure.", " - Expand removal of aclocal to debian/tmp*/ directories.", " - Use \"define\" to create a template of the configure step.", " - Use \"define\" to create a template of the build step.", " - Use \"define\" to create a template of the test step.", " - Use \"define\" to create a template of the install step.", "", " [ Aquila Macedo ]", " * d/copyright: sync licenses", " * d/copyright: add myself", " * d/lrc.config: add initial exclusions to suppress false positives", "" ], "package": "curl", "version": "8.16.0~rc2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Mon, 25 Aug 2025 23:21:04 +0100" }, { "cves": [], "log": [ "", " [ Samuel Henrique ]", " * New upstream version 8.15.0", " * d/patches:", " - Drop patches merged upstream", " - build-Divide-mit-krb5-gssapi...: Refresh patch", " - ZZZgnutls-build.patch: Update patch", " * d/copyright:", " - Update with renamed and removed files", " - Remove dropped files build-openssl.bat and checksrc.bat", "", " [ Carlos Henrique Lima Melara ]", " * d/patches/:", " - Refresh patches", " - Rebase patches against new upstream version", " * d/libcurl4-doc.docs: remove docs/examples/README.md, it's in .examples *", "", " [ Aquila Macedo ]", " * d/tests/common-upstream-tests: centralize common build steps", "" ], "package": "curl", "version": "8.15.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Sun, 10 Aug 2025 16:38:32 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libcurl4t64", "from_version": { "source_package_name": "curl", "source_package_version": "8.14.1-2ubuntu1", "version": "8.14.1-2ubuntu1" }, "to_version": { "source_package_name": "curl", "source_package_version": "8.17.0-1ubuntu1", "version": "8.17.0-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130119 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130119). Remaining changes:", " - d/{control,rules}: drop nghttp3 and ngtcp2 dependencies in universe", " - d/control: do not use gnutls for the curl binary", " - d/control: don't build-depend on python3-impacket and stunnel on i386", "" ], "package": "curl", "version": "8.17.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130119 ], "author": "Ural Tunaboyu ", "date": "Fri, 07 Nov 2025 13:42:15 +0100" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0", "" ], "package": "curl", "version": "8.17.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 05 Nov 2025 08:22:23 +0000" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0~rc3", " * d/copyright: Drop lib/curl_des.c and lib/curl_des.h, removed upstream", "" ], "package": "curl", "version": "8.17.0~rc3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 29 Oct 2025 18:33:28 +0000" }, { "cves": [], "log": [ "", " * New upstream version 8.17.0~rc2", " * Revert \"d/salsa-ci: enable ARM build test\"", " * Drop patches merged upstream:", " - setopt-accept-_SSL_VERIFYHOST-set-to-2L.patch", " - asyn-thrdd-drop-pthread_cancel.patch", " - setopt-make-CURLOPT_MAXREDIRS-accept-1-again.patch", " * Refresh patches:", " - ZZZgnutls-build.patch", " - build-Divide-mit-krb5-gssapi-link-flags-between-LDFLAGS-a.patch", " * d/copyright: Drop entry for lib/krb5.c, file was removed", " * d/libcurl*.symbols: Add new symbols curl_multi_notify_disable and", " curl_multi_notify_enable", "" ], "package": "curl", "version": "8.17.0~rc2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Mon, 20 Oct 2025 19:05:21 +0100" }, { "cves": [], "log": [ "", " * debian/patches/setopt-make-CURLOPT_MAXREDIRS-accept-1-again.patch: import", " from upstream. (Closes: #1117593)", "" ], "package": "curl", "version": "8.16.0-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Carlos Henrique Lima Melara ", "date": "Wed, 08 Oct 2025 13:05:07 -0300" }, { "cves": [], "log": [ "", " * d/control: Fix required versions of libnghttp3 and libngtcp2 packages.", " - Append \"~\" to the end of the version, for a backports-friendly package.", " - Add an explicit dependency on libnghttp3-9 and libngtcp2-16, as", " otherwise dpkg picks a lower version as a dependency, but we need", " newer versions for HTTP/3.", " - Bump the version requirement for libnghttp3-dev to 1.11.0.", " * d/control: wrap-and-sort -taf", "" ], "package": "curl", "version": "8.16.0-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Tue, 07 Oct 2025 20:47:19 +0100" }, { "cves": [], "log": [ "", " [ Carlos Henrique Lima Melara ]", " * d/rules: use DEB_DISTRIBUTION to add configure flags for experimental", " * d/watch-rc: keep a watch file for curl RC releases", "", " [ Marcos Felipe de Almeida Souza ]", " * d/patches: Add upstream commits to fix regressions", " - async-thrdd-drop-pthread_cancel.patch: Upstream changes", " - setopt-accept-_SSL_VERIFYHOST-set-to-2L.patch: Upstream changes", "", " [ Samuel Henrique ]", " * Build OpenSSL HTTP/3 support with ngtcp2", " - Add B-D on libngtcp2-crypto-ossl-dev (>= 1.16.0)", " - Add Depends on libngtcp2-crypto-ossl-dev (>= 1.16.0) and", " libngtcp2-dev (>= 1.16.0) in the OpenSSL -dev package", " - Bump libngtcp2-dev and libngtcp2-crypto-gnutls-dev Depends in the", " GnuTLS -dev package to >= 1.16.0", " - Drop --with-openssl-quic configure flag in OpenSSL build", " - Set --with-ngtcp2 and --with-nghttp3 configure flag for both builds", " (OpenSSL and GnuTLS)", "" ], "package": "curl", "version": "8.16.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Thu, 02 Oct 2025 22:29:47 +0100" }, { "cves": [], "log": [ "", " * d/watch: Point to GitHub for GA releases", " * New upstream version 8.16.0", "" ], "package": "curl", "version": "8.16.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Wed, 10 Sep 2025 08:40:58 +0100" }, { "cves": [], "log": [ "", " * New upstream version 8.16.0~rc3.", "" ], "package": "curl", "version": "8.16.0~rc3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Carlos Henrique Lima Melara ", "date": "Thu, 04 Sep 2025 21:26:46 -0300" }, { "cves": [], "log": [ "", " * d/t/common-upstream-tests: Invoke dh clean, not override_dh_auto_clean.", "" ], "package": "curl", "version": "8.16.0~rc2-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sergio Durigan Junior ", "date": "Fri, 29 Aug 2025 23:37:58 -0400" }, { "cves": [], "log": [ "", " [ Samuel Henrique ]", " * New upstream version 8.16.0~rc2", " * d/watch: Point to rc releases and pick tar.xz tarballs", " * Update patches:", " - 11_omit-directories-from-config.patch: Upstream changes in Makefile", " - ZZZgnutls-build.patch: Upstream changes in Makefile", " - build-Divide-mit-krb5-gssapi-link-flags-between-LDFLAGS-a.patch: Update", " context", " * d/libcurl*.symbols: New symbols \"curl_multi_get_offt\" and", " \"curl_ws_start_frame\"", " * d/rules: Add missing backslash to escape newline", " * d/rules: Remove \"--cache-files\" from curl-config", "", " [ Sergio Durigan Junior ]", " * Use d/clean instead of overriding dh_auto_clean", " * d/rules:", " - Enable symbol hiding when compiling curl.", " - New variables with_{openssl,gnutls}.", " - Specify --cache-file when invoking configure.", " - Expand removal of aclocal to debian/tmp*/ directories.", " - Use \"define\" to create a template of the configure step.", " - Use \"define\" to create a template of the build step.", " - Use \"define\" to create a template of the test step.", " - Use \"define\" to create a template of the install step.", "", " [ Aquila Macedo ]", " * d/copyright: sync licenses", " * d/copyright: add myself", " * d/lrc.config: add initial exclusions to suppress false positives", "" ], "package": "curl", "version": "8.16.0~rc2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Mon, 25 Aug 2025 23:21:04 +0100" }, { "cves": [], "log": [ "", " [ Samuel Henrique ]", " * New upstream version 8.15.0", " * d/patches:", " - Drop patches merged upstream", " - build-Divide-mit-krb5-gssapi...: Refresh patch", " - ZZZgnutls-build.patch: Update patch", " * d/copyright:", " - Update with renamed and removed files", " - Remove dropped files build-openssl.bat and checksrc.bat", "", " [ Carlos Henrique Lima Melara ]", " * d/patches/:", " - Refresh patches", " - Rebase patches against new upstream version", " * d/libcurl4-doc.docs: remove docs/examples/README.md, it's in .examples *", "", " [ Aquila Macedo ]", " * d/tests/common-upstream-tests: centralize common build steps", "" ], "package": "curl", "version": "8.15.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Henrique ", "date": "Sun, 10 Aug 2025 16:38:32 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libdrm-amdgpu1", "from_version": { "source_package_name": "libdrm", "source_package_version": "2.4.127-1ubuntu1", "version": "2.4.127-1ubuntu1" }, "to_version": { "source_package_name": "libdrm", "source_package_version": "2.4.129-1", "version": "2.4.129-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127944 ], "changes": [ { "cves": [], "log": [ "", " * patches: Identify APUs from hardware (LP: #2127944)", "" ], "package": "libdrm", "version": "2.4.127-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2127944 ], "author": "Timo Aaltonen ", "date": "Thu, 23 Oct 2025 17:33:16 +0300" } ], "notes": null, "is_version_downgrade": true }, { "name": "libdrm-common", "from_version": { "source_package_name": "libdrm", "source_package_version": "2.4.127-1ubuntu1", "version": "2.4.127-1ubuntu1" }, "to_version": { "source_package_name": "libdrm", "source_package_version": "2.4.129-1", "version": "2.4.129-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127944 ], "changes": [ { "cves": [], "log": [ "", " * patches: Identify APUs from hardware (LP: #2127944)", "" ], "package": "libdrm", "version": "2.4.127-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2127944 ], "author": "Timo Aaltonen ", "date": "Thu, 23 Oct 2025 17:33:16 +0300" } ], "notes": null, "is_version_downgrade": true }, { "name": "libdrm2", "from_version": { "source_package_name": "libdrm", "source_package_version": "2.4.127-1ubuntu1", "version": "2.4.127-1ubuntu1" }, "to_version": { "source_package_name": "libdrm", "source_package_version": "2.4.129-1", "version": "2.4.129-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127944 ], "changes": [ { "cves": [], "log": [ "", " * patches: Identify APUs from hardware (LP: #2127944)", "" ], "package": "libdrm", "version": "2.4.127-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2127944 ], "author": "Timo Aaltonen ", "date": "Thu, 23 Oct 2025 17:33:16 +0300" } ], "notes": null, "is_version_downgrade": true }, { "name": "libeatmydata1", "from_version": { "source_package_name": "libeatmydata", "source_package_version": "131-2", "version": "131-2" }, "to_version": { "source_package_name": "libeatmydata", "source_package_version": "131-2build1", "version": "131-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libeatmydata", "version": "131-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:16:49 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libestr0", "from_version": { "source_package_name": "libestr", "source_package_version": "0.1.11-2", "version": "0.1.11-2" }, "to_version": { "source_package_name": "libestr", "source_package_version": "0.1.11-2build1", "version": "0.1.11-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libestr", "version": "0.1.11-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:17:16 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libevdev2", "from_version": { "source_package_name": "libevdev", "source_package_version": "1.13.5+dfsg-1", "version": "1.13.5+dfsg-1" }, "to_version": { "source_package_name": "libevdev", "source_package_version": "1.13.6+dfsg-1", "version": "1.13.6+dfsg-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release.", "" ], "package": "libevdev", "version": "1.13.6+dfsg-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Stephen Kitt ", "date": "Thu, 11 Dec 2025 20:28:46 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfastjson4", "from_version": { "source_package_name": "libfastjson", "source_package_version": "1.2304.0-2", "version": "1.2304.0-2" }, "to_version": { "source_package_name": "libfastjson", "source_package_version": "1.2304.0-2build1", "version": "1.2304.0-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libfastjson", "version": "1.2304.0-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:17:44 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libffi8", "from_version": { "source_package_name": "libffi", "source_package_version": "3.5.2-2", "version": "3.5.2-2" }, "to_version": { "source_package_name": "libffi", "source_package_version": "3.5.2-3", "version": "3.5.2-3" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Stop building with --disable-exec-static-tramp. Closes: #1108097.", "" ], "package": "libffi", "version": "3.5.2-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 10:57:00 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libflashrom1", "from_version": { "source_package_name": "flashrom", "source_package_version": "1.4.0-3ubuntu1", "version": "1.4.0-3ubuntu1" }, "to_version": { "source_package_name": "flashrom", "source_package_version": "1.6.0-2ubuntu1", "version": "1.6.0-2ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2131044 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2131044). Remaining changes:", " - d/p/series,d/control: keep libjaylink disabled to avoid MIR.", "" ], "package": "flashrom", "version": "1.6.0-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131044 ], "author": "Mateus Rodrigues de Morais ", "date": "Wed, 05 Nov 2025 11:34:35 +0100" }, { "cves": [], "log": [ "", " * Add patch for FTBFs on big endian", "" ], "package": "flashrom", "version": "1.6.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Mon, 18 Aug 2025 14:58:08 -0500" }, { "cves": [], "log": [ "", " * New upstream version", "" ], "package": "flashrom", "version": "1.6.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Wed, 13 Aug 2025 15:24:57 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfribidi0", "from_version": { "source_package_name": "fribidi", "source_package_version": "1.0.16-3", "version": "1.0.16-3" }, "to_version": { "source_package_name": "fribidi", "source_package_version": "1.0.16-4", "version": "1.0.16-4" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * d/rules: Add hardening=+all to DEB_BUILD_MAINT_OPTIONS", " * d/copyright: remove FSF postal address", " * d/rules: use DEB_CFLAGS_MAINT_APPEND instead of manually overriding CFLAGS", " * Generate fribidi.1 during build", " * Add generate_man1.patch to generate fribidi.1 during build", " * d/control: remove dh-sequence-movetousr from build-deps (Closes: #1122753)", "" ], "package": "fribidi", "version": "1.0.16-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "أحمد المحمودي (Ahmed El-Mahmoudy) ", "date": "Fri, 12 Dec 2025 17:53:26 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfwupd3", "from_version": { "source_package_name": "fwupd", "source_package_version": "2.0.17-6", "version": "2.0.17-6" }, "to_version": { "source_package_name": "fwupd", "source_package_version": "2.0.18-1", "version": "2.0.18-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version (2.0.18)", " * Drop upstream patches", "" ], "package": "fwupd", "version": "2.0.18-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mario Limonciello ", "date": "Mon, 01 Dec 2025 08:08:20 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgcc-s1", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-9ubuntu1", "version": "15.2.0-9ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-10ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 14:54:16 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251202 from the gcc-15 branch.", " - Fix PR target/122858 (ARM), PR target/110796 (ARM),", " PR target/118446 (ARM), PR target/122867 (ARM), PR target/122692 (RISCV),", " PR c++/122658, PR c++/121325, PR c++/122789, PR libstdc++/122921,", " PR libstdc++/122842.", " * Update algol68 to the gcc-15 branch 20251030.", " * Fix some lintian warnings, override some more.", " * Manage the libasan and libcc1 symbols files with the symbols helper.", "" ], "package": "gcc-15", "version": "15.2.0-10", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 14:07:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgpg-error-l10n", "from_version": { "source_package_name": "libgpg-error", "source_package_version": "1.56-2", "version": "1.56-2" }, "to_version": { "source_package_name": "libgpg-error", "source_package_version": "1.58-1", "version": "1.58-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version.", " * Update symbol file", " * [lintian] Drop Rules-Requires-Root: no", "" ], "package": "libgpg-error", "version": "1.58-1", "urgency": "low", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Andreas Metzler ", "date": "Sun, 14 Dec 2025 11:48:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgpg-error0", "from_version": { "source_package_name": "libgpg-error", "source_package_version": "1.56-2", "version": "1.56-2" }, "to_version": { "source_package_name": "libgpg-error", "source_package_version": "1.58-1", "version": "1.58-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version.", " * Update symbol file", " * [lintian] Drop Rules-Requires-Root: no", "" ], "package": "libgpg-error", "version": "1.58-1", "urgency": "low", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Andreas Metzler ", "date": "Sun, 14 Dec 2025 11:48:36 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgstreamer1.0-0", "from_version": { "source_package_name": "gstreamer1.0", "source_package_version": "1.27.2-2", "version": "1.27.2-2" }, "to_version": { "source_package_name": "gstreamer1.0", "source_package_version": "1.27.50-1", "version": "1.27.50-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * d/control: remove dependencies libunwind/libdw (Closes: #1121374)", " * New upstream version 1.27.50", " * d/symbols: add 1.27.50 new symbols", "" ], "package": "gstreamer1.0", "version": "1.27.50-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Marc Leeman ", "date": "Wed, 10 Dec 2025 11:00:42 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libinih1", "from_version": { "source_package_name": "libinih", "source_package_version": "59-1ubuntu1", "version": "59-1ubuntu1" }, "to_version": { "source_package_name": "libinih", "source_package_version": "61-1ubuntu1", "version": "61-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable. Remaining changes:", " - d/t/control: include build-essential in the depends to workaround the", " fact that the current autopkgtest setup is not pulling", " crossbuild-essential-i386 when @builddeps@ is listed", "" ], "package": "libinih", "version": "61-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Sudip Mukherjee ", "date": "Mon, 01 Dec 2025 20:47:57 +0000" }, { "cves": [], "log": [ "", " * New upstream release", "" ], "package": "libinih", "version": "61-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Yangfl ", "date": "Tue, 19 Aug 2025 14:24:56 +0800" } ], "notes": null, "is_version_downgrade": false }, { "name": "libisns0t64", "from_version": { "source_package_name": "open-isns", "source_package_version": "0.101-1", "version": "0.101-1" }, "to_version": { "source_package_name": "open-isns", "source_package_version": "0.101-2", "version": "0.101-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", "", " [ Chris Hofstaedtler ]", " * udeb: install files into /usr/lib.", " Thanks to Michael Biebl (Closes: #1122367)", "", " [ Carles Pina i Estany ]", " * Added po-debconf Catalan translation (Closes: #1101655)", "", " [ Remus-Gabriel Chelu ]", " * Add Romanian Debconf translation (Closes: #1033137)", "" ], "package": "open-isns", "version": "0.101-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Sun, 14 Dec 2025 14:09:10 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libksba8", "from_version": { "source_package_name": "libksba", "source_package_version": "1.6.7-2", "version": "1.6.7-2" }, "to_version": { "source_package_name": "libksba", "source_package_version": "1.6.7-2build1", "version": "1.6.7-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libksba", "version": "1.6.7-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:30:40 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libldap-common", "from_version": { "source_package_name": "openldap", "source_package_version": "2.6.10+dfsg-1ubuntu2", "version": "2.6.10+dfsg-1ubuntu2" }, "to_version": { "source_package_name": "openldap", "source_package_version": "2.6.10+dfsg-1ubuntu5", "version": "2.6.10+dfsg-1ubuntu5" }, "cves": [], "launchpad_bugs_fixed": [ 2121816, 2125685, 2119884, 2125685 ], "changes": [ { "cves": [], "log": [ "", " * d/t/ppm-contrib: test ppm password quality module (LP: #2121816)", "" ], "package": "openldap", "version": "2.6.10+dfsg-1ubuntu5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2121816 ], "author": "Jonas Jelten ", "date": "Mon, 24 Nov 2025 12:17:55 +0100" }, { "cves": [], "log": [ "", " * pbkdf2 iteration configuration improvement (LP: #2125685)", " - d/p/lp2125685-pbkdf2-fix-iteration-arg: prevent more module arguments", " - d/t/pbkdf2-contrib: test for bogus arguments", "" ], "package": "openldap", "version": "2.6.10+dfsg-1ubuntu4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2125685 ], "author": "Jonas Jelten ", "date": "Thu, 23 Oct 2025 13:21:24 +0200" }, { "cves": [], "log": [ "", " * Fix slapd apparmor profile (LP: #2119884)", " - d/rules: fix dh_apparmor being skipped in -indep for -arch slapd package", " - d/apparmor-profile: add systemd-notify support", " - d/t/slapd: test if running in apparmor enforce mode", " * d/rules: remove leftover bogus override_dh_auto_build target", " * pbkdf2 iteration configuration support (LP: #2125685)", " - d/p/lp2125685-pbkdf2-configurable-rounds: make iterations configurable", " - d/p/lp2125685-pbkdf2-fix-iteration-arg: fix iteration argument index", " - d/t/pbkdf2-contrib: test if pbkdf2 hashing rounds are adjustable", "" ], "package": "openldap", "version": "2.6.10+dfsg-1ubuntu3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2119884, 2125685 ], "author": "Jonas Jelten ", "date": "Thu, 25 Sep 2025 15:45:49 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libldap2", "from_version": { "source_package_name": "openldap", "source_package_version": "2.6.10+dfsg-1ubuntu2", "version": "2.6.10+dfsg-1ubuntu2" }, "to_version": { "source_package_name": "openldap", "source_package_version": "2.6.10+dfsg-1ubuntu5", "version": "2.6.10+dfsg-1ubuntu5" }, "cves": [], "launchpad_bugs_fixed": [ 2121816, 2125685, 2119884, 2125685 ], "changes": [ { "cves": [], "log": [ "", " * d/t/ppm-contrib: test ppm password quality module (LP: #2121816)", "" ], "package": "openldap", "version": "2.6.10+dfsg-1ubuntu5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2121816 ], "author": "Jonas Jelten ", "date": "Mon, 24 Nov 2025 12:17:55 +0100" }, { "cves": [], "log": [ "", " * pbkdf2 iteration configuration improvement (LP: #2125685)", " - d/p/lp2125685-pbkdf2-fix-iteration-arg: prevent more module arguments", " - d/t/pbkdf2-contrib: test for bogus arguments", "" ], "package": "openldap", "version": "2.6.10+dfsg-1ubuntu4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2125685 ], "author": "Jonas Jelten ", "date": "Thu, 23 Oct 2025 13:21:24 +0200" }, { "cves": [], "log": [ "", " * Fix slapd apparmor profile (LP: #2119884)", " - d/rules: fix dh_apparmor being skipped in -indep for -arch slapd package", " - d/apparmor-profile: add systemd-notify support", " - d/t/slapd: test if running in apparmor enforce mode", " * d/rules: remove leftover bogus override_dh_auto_build target", " * pbkdf2 iteration configuration support (LP: #2125685)", " - d/p/lp2125685-pbkdf2-configurable-rounds: make iterations configurable", " - d/p/lp2125685-pbkdf2-fix-iteration-arg: fix iteration argument index", " - d/t/pbkdf2-contrib: test if pbkdf2 hashing rounds are adjustable", "" ], "package": "openldap", "version": "2.6.10+dfsg-1ubuntu3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2119884, 2125685 ], "author": "Jonas Jelten ", "date": "Thu, 25 Sep 2025 15:45:49 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libllvm20", "from_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-0ubuntu6", "version": "1:20.1.8-0ubuntu6" }, "to_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-2ubuntu2", "version": "1:20.1.8-2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * libc++-20-dev: Relax dependency on libc++1.", " * Again, stop building packages built by LLVM 21.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Sat, 22 Nov 2025 14:00:28 +0100" }, { "cves": [], "log": [ "", " * d/p/series: Apply the ubuntu-clang-use-RVA23U64-profile patch.", " * Regenerate the control file.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Fri, 21 Nov 2025 18:31:49 +0100" }, { "cves": [], "log": [ "", " [ Matthias Klose ]", " * d/rules: Disable COMPILER_RT_BUILD_BUILTINS for s390x, still unsupported", " in 20.x (and 19.x), only supported with 21.x.", " * Add a llvm.noclang build profile (not enabled by default).", " * Re(?)-enable omp on i386.", " * d/control: Only use one build profile per binary package for now. The ORing", " of build profiles seems to be not working.", " * Rename build profiles from llvm.* to pkg.llvm.*.", " * libc++-20-dev: Relax dependency on libc++1.", "", " [ Sylvestre Ledru ]", " * SKIP_COMMON_PACKAGES = no because, otherwise, it creates a dep on llvm 21", " and breaks apt.llvm.org", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-2", "urgency": "medium", "distributions": "UNRELEASED", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Sat, 22 Nov 2025 13:56:35 +0100" }, { "cves": [], "log": [ "", " * Merge 21 changes from 1:21.1.1-1 up to 1:21.1.4-7.", "", " [ Matthias Klose ]", " * d/libclang-rt-X.Y-dev.install.in: liborc_rt* is not available on powerpc.", " * Stop using gold, and use the GNU BFD linker where lld is not working.", " * Set the baseline for Ubuntu/s390x 26.04 LTS and later to z15.", " * d/rules: Remove unused macro LLDB_ENABLE.", " * Turn off offloading on ppc64 and hurd-amd64. Unsupported.", " * d/rules: Don't turn off COMPILER_RT_USE_BUILTINS_LIBRARY and", " LIBCXX_USE_COMPILER_RT on s390x. See #1114980.", " * Diffentiate between LLD_ARCHS and LLD_BUILD_ARCHS. On some architectures", " lld is not usable for the bootstrap.", " * Try to turn off compiler-rt on hurd-amd64.", " * d/libclang1-X.Y.symbols.in: Add LLVM_21 symbol version, remove specific", " symbols covered by the added symbol version.", " * Fix usage-wrapper usage on hurd-amd64.", " * Update symbols files for libc++1, libc++abi1 and llvm-libunwind1.", " * Introduce the Ubuntu Resolute distro, remove obsolete Plucky patch.", " * d/rules: Add alpha to BINUTILS_ARCHS.", " * Always build the LLVMgold plugin, independent of the linker used for", " the build.", " * Define -DPPC_LINUX_DEFAULT_IEEELONGDOUBLE=ON on all architectures for correct", " cross compilers. Except on powerpc and ppc64, where it thinks it has this", " feature also on the host.", " * d/rules: Fix $ expansion in dpkg-query call.", " * d/rules: Factor out LIBUNWIND_ARCHS macro.", " * libomptarget is not built on ppc64.", " * Limit architecture of binary packages to the ones supported by LLVM.", " * d/libomp-X.Y-dev.install.in, d/libomp5-X.Y.install.in: Use OFFLOAD_ARCHS.", " * d/rules: Make grep a bit more quiet.", " * d/control*: Remove ${t64:Provides}.", " * Add patch to useRVA23U64 baseline on riscv64. Not applied by default.", " * python3-lldb-X.Y: Remove some dangling symlinks and use dh-python", " to create proper dependencies for the package. Addresses: #1106112.", " * d/p/protobuf_3.21.patch: Remove obsolete patch. Addresses: #1093963.", " * Remove obsolete build dependencies libjsoncpp-dev and pkg-config.", " Addresses: #1093961.", " * Add command completion for the versioned clang binary. Addresses: #1109370.", " * Rename libunwind1 to llvm-libunwind1, the namespace is already taken", " by the libunwind source package.", " * For the new llvm-libunwind1, libc++abi1 and libc++1 packages:", " - Add symbols files.", " - Add proper breaks/replaces for the previous packages built from", " this source.", " - Relax the dependency from the corresponding -dev packages", " from = to >=, needed when these new packages will be built from", " newer LLVM versions.", " - These should be Multi-Arch: same, but it is not yet possible,", " because these also exist in /usr/lib/llvm-21/lib ...", " * Bump the debhelper dependency to 11, d/compat was already at 11.", " * clang-tools: Install hwasan_symbolize on x32.", " * Drop major version from libomp5-21, rename to libomp5.", " * Build polly again on powerpc.", " * Also call dh_python3 for python3-clang-X.Y.", " * d/rules: New macro SMALL_DISK to remove intermediate files during the build.", " Turned on by default for buildd constraints.", " * d/rules: Fix stripping RPATH/RUNPATH.", " * Fix the binary-indep only build.", " * Introduce a macro SKIP_COMMON_PACKAGES to disable the build of packages", " built from an newer LLVM version (libc++1, libc++abi1, libomp5,", " llvm-libunwind1).", " When not building these packages, move the links in /usr/lib/llvm-X.Y/lib", " into the corresponding -dev packages and add a replaces to the last version", " building the common packages.", " * d/rules: Add dependencies for various build targets. Addresses: #1105541.", " * d/debian-llvm-testsuite.bats: Update for new package names.", " * Fix libPolly installation on powerpc.", " * debian/debian-llvm-testsuite.bats: Reformat and sort LIST.", " * Move libomptarget library from libomp5 to liboffload-X.Y.", " * d/rules: Don't call dh_makeshlibs for libomp5 twice.", " * d/rules: Ignore errors from dh_makeshlibs --remaining-packages.", " Let's collect symbols diffs first.", " * Update symbols files for libc++1, libc++abi1, libomp5 and", " llvm-libunwind1 on amd64, arm64, armhf, i386, ppc64el and s390x.", " * Reset the libc++1 and libc++abi1 symbols files, generated by", " pkgkde-symbolshelper. Let the buildds collect the symbols", " for the other architectures.", " * d/rules: Build with dh_install --list-missing to collect uninstalled", " artifacts on other architectures.", " * Add support to disable the OCAML build for specific releases.", " * Set explicit architecture list for libfuzzer-dev.", " * d/rules: New macro SLOPPY_BUILD to avoid build failures caused by", " additional build artifacts or missing symbols. Better to collect", " that information in build logs and apply it in follow-up uploads.", " Turn it on for architectures other than amd64 and arm64 for now.", " * Make the library packages libc++1, libc++abi1, libomp5 and llvm-libunwind1", " M-A: same, moving the real files to /usr/lib/. Provide the", " symlinks in /usr/lib/llvm-X.Y/lib in the correspinding -dev packages.", " Addresses: #1116212.", " * Revert parts of the SKIP_COMMON_PACKAGES changes, the move of the files", " to another package and the breaks/replaces are not needed anymore.", " * Update libomp5 symbols for ppc64 and ppc64el.", " * d/rules: Use POLLY_ARCHS instead of POLLY_NO_ARCHS.", " * Factor out BOLT_ARCHS and HWASAN_ARCHS.", " * When not building the common packages,", " - Remove the files in these packages according to their .install file.", " - Add a build dependency on the libllvm package.", " * d/rules: Don't remove the intermediate build files. This increases", " the build form 15GB to 35GB, far lower than the 100GB buildd limit.", " * llvm-X.Y-dev: Create a debian_config.mk Makefile snippet to record", " component builds for every architecture. Used by llvm-defaults to", " avoid hard-coding these again.", " * Reset the libomp5 symbols files, now generated by pkgkde-symbolshelper.", " Let the buildds collect the symbols for the other architectures.", " * Fix build dependencies when not building the common library packages.", " * d/rules: Differentiate between COMMON_PKGS and COMMON_BUILD_DEPS.", " * d/rules: Build again omp on mips64el and ppc64, as done in 19.", " * Install asan_symbolize in clang-tools, same as hwasan_sybolize.", " * Update libc++1 and libc++abi1 symbols files for all architectures.", " * d/rules: Use a d/shlibs.local file when not building the common libraries.", " * Fix installation of the asan_symbolize binary.", " * Rename the python extension ompdModule.so to one with the", " architecture specific extension.", " * d/rules: Move OMP_ARCHS and LIBUNWIND_ARCHS macro usage after definition.", " * ompd is not available on armhf.", " * d/rules: Also turn on SLOPPY_BUILD for amd64.", " * d/rules, d/*.{install,links,lintian-overrides}.in: Use a macro LLVM_DIR.", " * d/rules: Mark usage of SLOPPY_BUILD to ease searching in the build log.", "", " * Stop building packages built by LLVM 21.", "", " [ Sylvestre Ledru ]", " * Never use libunwind for libc++abi. Thanks to Norbert Lange for the fix.", " * Refresh the list of the symbols in libclang & libomp. See #1117600.", " * Do not test gold usage anymore. lld or mold are now much better.", " See #1117385.", " * Reame qualify-clang.sh to debian-llvm-testsuite.sh as it is now doing", " much more", " * Adjust debian-llvm-testsuite.sh to use lld instead of gold", " and debian/tests/integration-test-suite-test", " * Rename debian-llvm-testsuite.sh => debian-llvm-testsuite.bats", " And don't call it with bash, it is a bats script. See #1118487.", "", " [ Andres Salomon ]", " * Drop major version from libc++1-21, libc++abi1-21, and libunwind-21", " package names (eg, libc++1-21 -> libc++1). Upstream guarantees a stable", " ABI.", " * Add SONAME to libunwind (-> libunwind1). See #1116211.", "", " [ Norbert Lange ]", " * Move clang-cl and clang-scan-deps from clang-tools to the clang package.", " * Build compiler-rt for mingw-w64.", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Thu, 06 Nov 2025 12:51:02 +0100" }, { "cves": [], "log": [ "", " [ Sylvestre Ledru ]", " * New upstream release", " * Remove \"Provides: libunwind-dev\"", " (Closes: #1100483)", "", " [ Andres Salomon ]", " * Remove libcxx-soname.diff, and revert changes that modified SONAMEs in", " libc++1-20, libc++abi1-20, and libuwind-20.", " * Drop major version from libc++1-20, libc++abi1-20, and libunwind-20", " package names (eg, libc++1-20 -> libc++1). Upstream guarantees a stable", " ABI.", "", " [ Jianfeng Liu ]", " * Add CFLAGS/CXXFLAGS -mcmodel=medium on loong64 (Closes: #1107858)", "" ], "package": "llvm-toolchain-20", "version": "1:20.1.8-1~exp1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Sylvestre Ledru ", "date": "Thu, 17 Jul 2025 14:26:41 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "liblmdb0", "from_version": { "source_package_name": "lmdb", "source_package_version": "0.9.31-1build1", "version": "0.9.31-1build1" }, "to_version": { "source_package_name": "lmdb", "source_package_version": "0.9.31-1build2", "version": "0.9.31-1build2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "lmdb", "version": "0.9.31-1build2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 13:54:14 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmbim-glib4", "from_version": { "source_package_name": "libmbim", "source_package_version": "1.32.0-1ubuntu1", "version": "1.32.0-1ubuntu1" }, "to_version": { "source_package_name": "libmbim", "source_package_version": "1.32.0-2ubuntu1", "version": "1.32.0-2ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130116 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian (lp: #2130116), remaining changes", " * Add Intel mbim service to send AT command", "" ], "package": "libmbim", "version": "1.32.0-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130116 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 22:53:30 +0100" }, { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", " And sync options with libqmi packaging", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118875)", "" ], "package": "libmbim", "version": "1.32.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:18 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmbim-proxy", "from_version": { "source_package_name": "libmbim", "source_package_version": "1.32.0-1ubuntu1", "version": "1.32.0-1ubuntu1" }, "to_version": { "source_package_name": "libmbim", "source_package_version": "1.32.0-2ubuntu1", "version": "1.32.0-2ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130116 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian (lp: #2130116), remaining changes", " * Add Intel mbim service to send AT command", "" ], "package": "libmbim", "version": "1.32.0-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130116 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 22:53:30 +0100" }, { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", " And sync options with libqmi packaging", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118875)", "" ], "package": "libmbim", "version": "1.32.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:18 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmbim-utils", "from_version": { "source_package_name": "libmbim", "source_package_version": "1.32.0-1ubuntu1", "version": "1.32.0-1ubuntu1" }, "to_version": { "source_package_name": "libmbim", "source_package_version": "1.32.0-2ubuntu1", "version": "1.32.0-2ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130116 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian (lp: #2130116), remaining changes", " * Add Intel mbim service to send AT command", "" ], "package": "libmbim", "version": "1.32.0-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130116 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 22:53:30 +0100" }, { "cves": [], "log": [ "", " [ Guido Günther ]", " * d/gbp.conf: Switch to debian/latest.", " And sync options with libqmi packaging", "", " [ Arnaud Ferraris ]", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/control: drop libgirepository1.0-dev build dependency.", " This one shouldn't be used anymore as it isn't multiarch-friendly.", " Instead, use a recent `gobject-introspection` and explicitly (build)", " depend on the needed `gir1.2-*-dev` packages.", " While at it, drop the now-obsolete `Rules-Requires-Root` and bump", " `Standards-Version` as no other change is needed. (Closes: #1118875)", "" ], "package": "libmbim", "version": "1.32.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Tue, 28 Oct 2025 13:03:18 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmm-glib0", "from_version": { "source_package_name": "modemmanager", "source_package_version": "1.24.2-1fakesync1", "version": "1.24.2-1fakesync1" }, "to_version": { "source_package_name": "modemmanager", "source_package_version": "1.24.2-2fakesync1", "version": "1.24.2-2fakesync1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fake sync due to mismatching orig tarball", "" ], "package": "modemmanager", "version": "1.24.2-2fakesync1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Fri, 12 Dec 2025 10:22:09 +0100" }, { "cves": [], "log": [ "", " [ Helmut Grohne ]", " * Improve cross building: (Closes: #1087277)", " + Move documentation dependencies to B-D-I.", " + Mark python3-dbus and python3-gi with the nocheck build profile.", "", " [ Arnaud Ferraris ]", " * d/control: fix gobject-introspection dependencies", " `libgirepository1.0-dev shouldn't be used anymore as it isn't", " multiarch-friendly. Instead, use a recent `gobject-introspection` and", " explicitly (build) depend on the needed `gir1.2-*-dev` packages.", " (Closes: #1118899)", " * d/gbp.conf: add default commit messages.", " This makes it more consistent with other packages for which I'm the", " primary maintainer.", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/copyright: fix copyright notice for mmcli.", " This is actually GPL-2+, not GPL-3. (Closes: #1116309)", "" ], "package": "modemmanager", "version": "1.24.2-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Wed, 29 Oct 2025 17:27:49 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmnl0", "from_version": { "source_package_name": "libmnl", "source_package_version": "1.0.5-3", "version": "1.0.5-3" }, "to_version": { "source_package_name": "libmnl", "source_package_version": "1.0.5-3build1", "version": "1.0.5-3build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libmnl", "version": "1.0.5-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:31:18 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmpathcmd0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.11.1-3ubuntu2", "version": "0.11.1-3ubuntu2" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2126024 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2126024). Remaining changes:", " - d/rules: don't build the multipath-tools binary package on i386; only kpartx.", " - d/p/enable-find-multipaths.patch: re-enable find_multipaths by", " default -- see the removed 'add_find-multipaths.patch' (LP #1463046)", " - d/t/initramfs: determine extracted main cpio path dynamically", " - d/NEWS: add removal of kpartx-boot package", " - d/rules: remove -Bsymbolic-functions from LDFLAGS", " - d/rules: install friendly names multipath.conf by default", " - d/initramfs: fix multipathd process lingering when local-* initramfs", " scripts are not executed. The multipathd process is started by a script in", " init-top/ (which is executed unconditionally) so it should be", " stopped by an init-bottom script, not a local-bottom script which is", " not always executed (LP #2080474).", " + This is affecting the Ubuntu installer, where we execute (perhaps", " accidentally) the nfs-* scripts instead of the local-* scripts.", " - d/initramfs/scripts/init-top: ensure the bindings file exists before", " calling multipathd -B in the initramfs. This prevents multipathd -B from", " failing and exiting immediately (LP #2120444).", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126024 ], "author": "Jonas Jelten ", "date": "Mon, 01 Dec 2025 16:41:43 +0100" }, { "cves": [], "log": [ "", " * [faa43cc] New upstream version 0.12.0", " * [6be5e93] Refresh patches", " * [9e3a45d] Install multipathd-queueing.service", "" ], "package": "multipath-tools", "version": "0.12.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Sun, 14 Sep 2025 19:44:45 +0200" }, { "cves": [], "log": [ "", " * Upload to unstable", "" ], "package": "multipath-tools", "version": "0.11.1-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Tue, 12 Aug 2025 11:33:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmpathpersist0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.11.1-3ubuntu2", "version": "0.11.1-3ubuntu2" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2126024 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2126024). Remaining changes:", " - d/rules: don't build the multipath-tools binary package on i386; only kpartx.", " - d/p/enable-find-multipaths.patch: re-enable find_multipaths by", " default -- see the removed 'add_find-multipaths.patch' (LP #1463046)", " - d/t/initramfs: determine extracted main cpio path dynamically", " - d/NEWS: add removal of kpartx-boot package", " - d/rules: remove -Bsymbolic-functions from LDFLAGS", " - d/rules: install friendly names multipath.conf by default", " - d/initramfs: fix multipathd process lingering when local-* initramfs", " scripts are not executed. The multipathd process is started by a script in", " init-top/ (which is executed unconditionally) so it should be", " stopped by an init-bottom script, not a local-bottom script which is", " not always executed (LP #2080474).", " + This is affecting the Ubuntu installer, where we execute (perhaps", " accidentally) the nfs-* scripts instead of the local-* scripts.", " - d/initramfs/scripts/init-top: ensure the bindings file exists before", " calling multipathd -B in the initramfs. This prevents multipathd -B from", " failing and exiting immediately (LP #2120444).", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126024 ], "author": "Jonas Jelten ", "date": "Mon, 01 Dec 2025 16:41:43 +0100" }, { "cves": [], "log": [ "", " * [faa43cc] New upstream version 0.12.0", " * [6be5e93] Refresh patches", " * [9e3a45d] Install multipathd-queueing.service", "" ], "package": "multipath-tools", "version": "0.12.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Sun, 14 Sep 2025 19:44:45 +0200" }, { "cves": [], "log": [ "", " * Upload to unstable", "" ], "package": "multipath-tools", "version": "0.11.1-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Tue, 12 Aug 2025 11:33:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libmultipath0", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.11.1-3ubuntu2", "version": "0.11.1-3ubuntu2" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2126024 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2126024). Remaining changes:", " - d/rules: don't build the multipath-tools binary package on i386; only kpartx.", " - d/p/enable-find-multipaths.patch: re-enable find_multipaths by", " default -- see the removed 'add_find-multipaths.patch' (LP #1463046)", " - d/t/initramfs: determine extracted main cpio path dynamically", " - d/NEWS: add removal of kpartx-boot package", " - d/rules: remove -Bsymbolic-functions from LDFLAGS", " - d/rules: install friendly names multipath.conf by default", " - d/initramfs: fix multipathd process lingering when local-* initramfs", " scripts are not executed. The multipathd process is started by a script in", " init-top/ (which is executed unconditionally) so it should be", " stopped by an init-bottom script, not a local-bottom script which is", " not always executed (LP #2080474).", " + This is affecting the Ubuntu installer, where we execute (perhaps", " accidentally) the nfs-* scripts instead of the local-* scripts.", " - d/initramfs/scripts/init-top: ensure the bindings file exists before", " calling multipathd -B in the initramfs. This prevents multipathd -B from", " failing and exiting immediately (LP #2120444).", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126024 ], "author": "Jonas Jelten ", "date": "Mon, 01 Dec 2025 16:41:43 +0100" }, { "cves": [], "log": [ "", " * [faa43cc] New upstream version 0.12.0", " * [6be5e93] Refresh patches", " * [9e3a45d] Install multipathd-queueing.service", "" ], "package": "multipath-tools", "version": "0.12.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Sun, 14 Sep 2025 19:44:45 +0200" }, { "cves": [], "log": [ "", " * Upload to unstable", "" ], "package": "multipath-tools", "version": "0.11.1-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Tue, 12 Aug 2025 11:33:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libncurses6", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20250216-2build1", "version": "6.5+20250216-2build1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Revert change using NCURSES_SBOOL in tic.h which interfered with", " sign-extension in tigetflag (Closes: #1121191).", "" ], "package": "ncurses", "version": "6.5+20251123-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 24 Nov 2025 20:50:02 +0100" }, { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Correct expression for TINFO_LIB variable in misc/ncurses-config.in", " (Closes: #1121208).", " * Add a smoke autopkgtest which builds a simple program, catching the", " above problem.", "" ], "package": "ncurses", "version": "6.5+20251122-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sun, 23 Nov 2025 14:55:47 +0100" }, { "cves": [], "log": [ "", " * Upload to unstable.", "" ], "package": "ncurses", "version": "6.5+20251115-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Thu, 20 Nov 2025 20:52:35 +0100" }, { "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "log": [ "", " * New upstream patchlevel.", " - Add a buffer-limit check in postprocess_termcap (report/testcase", " by Yifan Zhang (CVE-2025-6141, Closes: #1107937)).", " - Formatting improvements for terminfo.5 (Closes: #1096164).", " * Refresh patch 02-debian-backspace.diff.", " * Drop the redundant Rules-Requires-Root field from debian/control.", "" ], "package": "ncurses", "version": "6.5+20251115-1", "urgency": "low", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 17 Nov 2025 18:46:28 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libncursesw6", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20250216-2build1", "version": "6.5+20250216-2build1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Revert change using NCURSES_SBOOL in tic.h which interfered with", " sign-extension in tigetflag (Closes: #1121191).", "" ], "package": "ncurses", "version": "6.5+20251123-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 24 Nov 2025 20:50:02 +0100" }, { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Correct expression for TINFO_LIB variable in misc/ncurses-config.in", " (Closes: #1121208).", " * Add a smoke autopkgtest which builds a simple program, catching the", " above problem.", "" ], "package": "ncurses", "version": "6.5+20251122-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sun, 23 Nov 2025 14:55:47 +0100" }, { "cves": [], "log": [ "", " * Upload to unstable.", "" ], "package": "ncurses", "version": "6.5+20251115-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Thu, 20 Nov 2025 20:52:35 +0100" }, { "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "log": [ "", " * New upstream patchlevel.", " - Add a buffer-limit check in postprocess_termcap (report/testcase", " by Yifan Zhang (CVE-2025-6141, Closes: #1107937)).", " - Formatting improvements for terminfo.5 (Closes: #1096164).", " * Refresh patch 02-debian-backspace.diff.", " * Drop the redundant Rules-Requires-Root field from debian/control.", "" ], "package": "ncurses", "version": "6.5+20251115-1", "urgency": "low", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 17 Nov 2025 18:46:28 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnetfilter-conntrack3", "from_version": { "source_package_name": "libnetfilter-conntrack", "source_package_version": "1.1.0-1", "version": "1.1.0-1" }, "to_version": { "source_package_name": "libnetfilter-conntrack", "source_package_version": "1.1.0-1build1", "version": "1.1.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libnetfilter-conntrack", "version": "1.1.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:32:11 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnfnetlink0", "from_version": { "source_package_name": "libnfnetlink", "source_package_version": "1.0.2-3", "version": "1.0.2-3" }, "to_version": { "source_package_name": "libnfnetlink", "source_package_version": "1.0.2-3build1", "version": "1.0.2-3build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libnfnetlink", "version": "1.0.2-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:32:19 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnftables1", "from_version": { "source_package_name": "nftables", "source_package_version": "1.1.5-2", "version": "1.1.5-2" }, "to_version": { "source_package_name": "nftables", "source_package_version": "1.1.6-1", "version": "1.1.6-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * [76930dd] d/watch: add `Matching-Pattern`, use `@PACKAGE@` in `Source:`", " * [2ffdc3a] New upstream version 1.1.6 (Closes: #1121439)", " - Complete lightweight tunnel template support, including vxlan,", " geneve and erspan", " - Support for wildcard in netdev hooks", " - Support to pass up bridge frame to the bridge device for local", " processing", " - fib expression correct bytecode for Big Endian and other Big Endian", " fixes", " - man nft(8) documentation updates", " * [5e550d0] d/patches: drop upstreamed patches", " * [8db0897] d/control: bump min. version for libnftnl-dev build-dep to", " 1.3.1", " * [0a941cd] d/rules: drop obsolete configure option", " * [7a1086c] d/rules: suppress running of test-suites", " * [33bbeba] d/tests: drop obsolete minimum kernel-version checks from", " test-runners", " * [baaeb07] d/t/internaltest-monitor.sh: use `-H` option to test with", " installed nft", " * [705fbab] d/t/internaltest-py.sh: use `-H` option to test with", " installed nft", " * [64c9797] d/t/internaltest-json-echo.sh: run new test-suite", " * [4d2ee27] d/t/control: add gawk dependency for shell test-suite", " * [201eb5a] d/rules: use `$(DEB_SOURCE)` for source package name", " * [d12f0ee] d/rules: use `$(SOURCE_DATE_EPOCH)` for build time-stamp", " * [c380eb1] d/p/fix-man-page-typo.patch: new patch to fix typo", "" ], "package": "nftables", "version": "1.1.6-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Sowden ", "date": "Sun, 07 Dec 2025 09:07:32 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnftnl11", "from_version": { "source_package_name": "libnftnl", "source_package_version": "1.3.0-1", "version": "1.3.0-1" }, "to_version": { "source_package_name": "libnftnl", "source_package_version": "1.3.1-1", "version": "1.3.1-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * [cdcff3a] d/watch: convert to version 5", " * [c804c29] New upstream version 1.3.1", " + add meta ibrhwaddr support", " + fix for NFTA_DEVICE_PREFIX with asterisk at the end of the string", " + new NFTNL_UDATA_TABLE_NFT{VER,BLD} to store build information in userdata", " + complete tunnel options support", " * [a55dd11] d/libnftnl11.symbols: add new symbols", "" ], "package": "libnftnl", "version": "1.3.1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Sowden ", "date": "Wed, 03 Dec 2025 20:42:11 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnspr4", "from_version": { "source_package_name": "nspr", "source_package_version": "2:4.36-1ubuntu2", "version": "2:4.36-1ubuntu2" }, "to_version": { "source_package_name": "nspr", "source_package_version": "2:4.38.2-1ubuntu1", "version": "2:4.38.2-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130118 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130118). Remaining changes:", " - Drop explicit -Wl,--as-needed linker flag. It's the default.", " - Drop explicit CFLAGS that are checked by configure.", " - Also use non-hardening flags from dpkg-buildflags to pick up flags", " like -fno-omit-frame-pointer.", "" ], "package": "nspr", "version": "2:4.38.2-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130118 ], "author": "Benjamin Drung ", "date": "Wed, 10 Dec 2025 15:20:00 +0100" }, { "cves": [], "log": [ "", " * New upstream release.", "" ], "package": "nspr", "version": "2:4.38.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mike Hommey ", "date": "Wed, 12 Nov 2025 10:10:59 +0900" }, { "cves": [], "log": [ "", " * New upstream release.", "" ], "package": "nspr", "version": "2:4.37-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mike Hommey ", "date": "Thu, 02 Oct 2025 10:45:55 +0900" } ], "notes": null, "is_version_downgrade": false }, { "name": "libntfs-3g89t64", "from_version": { "source_package_name": "ntfs-3g", "source_package_version": "1:2022.10.3-5", "version": "1:2022.10.3-5" }, "to_version": { "source_package_name": "ntfs-3g", "source_package_version": "1:2022.10.3-5build1", "version": "1:2022.10.3-5build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "ntfs-3g", "version": "1:2022.10.3-5build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:39:27 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpopt0", "from_version": { "source_package_name": "popt", "source_package_version": "1.19+dfsg-2", "version": "1.19+dfsg-2" }, "to_version": { "source_package_name": "popt", "source_package_version": "1.19+dfsg-2build1", "version": "1.19+dfsg-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "popt", "version": "1.19+dfsg-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:46:23 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libproc2-0", "from_version": { "source_package_name": "procps", "source_package_version": "2:4.0.4-8ubuntu3", "version": "2:4.0.4-8ubuntu3" }, "to_version": { "source_package_name": "procps", "source_package_version": "2:4.0.4-9ubuntu1", "version": "2:4.0.4-9ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130066, 2108979 ], "changes": [ { "cves": [], "log": [ "", " * Merge from Debian unstable (LP: #2130066). Remaining changes:", " - d/p/0010-testsuite-ps-etime-ELAPSED-doesn-t-match-full-format.patch:", " Fix test failure (FTBFS) in testsuite/ps.test/ps_output.exp due to", " invalid regex match inside LXD containers.", " - debian/sysctl.d (Ubuntu-specific):", " + 10-console-messages.conf: stop low-level kernel messages on console.", " + 10-kernel-hardening.conf: add the kptr_restrict setting", " + 10-ipv6-privacy.conf: add a file to sysctl.d to apply the defaults", " for IPv6 privacy extensions for interfaces. (LP#176125, LP#841353)", " + 10-magic-sysrq.conf: Disable most magic sysrq by default, allowing", " critical sync, remount, reboot functions. (LP#194676, LP#1025467)", " + 10-network-security.conf: enable rp_filter.", " + 10-ptrace.conf: describe new PTRACE setting.", " + 10-zeropage.conf: safe mmap_min_addr value for graceful fall-back.", " for armhf, and arm64.", " + 10-qemu.conf.s390x for qemu.", " + 10-bufferbloat.conf: set default qdisc to fq_codel", " + 10-map-count.conf: Increase vm.max_map_count to 1048576", " + ship configs in /usr, with higher priority", " This ensures that Ubuntu's defaults take precedence over", " 50-default.conf from linux-sysctl-defaults. (LP: #2108979)", " - ignore_erofs.patch: Same as ignore_eaccess but for the case", " where part of /proc is read/only.", " - Adjust logic due to rc no longer being propagated (LP#1903351)", " - ignore_eaccess.patch: If we get eaccess when opening a sysctl", " file for writing, don't error out. Otherwise package upgrades", " can fail, especially in containers.", " - Adjust logic due to rc no longer being propagated (LP#1903351)", " - Add basic autopkgtest to validate sysctl-defaults (LP#1962038)", " - d/t/stack-limit: add basic autopkgtest to validate limits", " - d/t/stack-limit: call 'pgrep systemd' instead of 'pgrep bash'", " The autopkgtest currently fails because there is no bash session, and", " pgrep returns non-zero. Use systemd because that will match for pid1.", " - d/tests: make sysctl-defaults test comprehensive", " - d/t/test_sysctyl_defaults.py: skip test if sysctl key invalid (LP#2115346)", " - d/t/control show all sysctl.d configs and make sysctl-defaults test", " Restrictions: isolation-machine (LP#2115346)", " - d/p/lp2120904-openat.patch: utilize file descriptors and openat (LP#2120904)", " - d/p/lp2120904-nullpointer.patch: fix a race when 'status' is unavailable", " in /proc/ resuting in NULL pointer (LP#2120904)", "" ], "package": "procps", "version": "2:4.0.4-9ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130066, 2108979 ], "author": "John Chittum ", "date": "Mon, 01 Dec 2025 14:50:23 -0500" }, { "cves": [], "log": [ "", " [ Craig Small ]", " * d/changelog: Fix number for skill bug", "", " [ Andrew Bower ]", " * Initialise sessions variable in w. (Closes: #1108549)", " * d/patches: get sessions even if !sd_booted()", "" ], "package": "procps", "version": "2:4.0.4-9", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Craig Small ", "date": "Wed, 30 Jul 2025 21:58:40 +1000" } ], "notes": null, "is_version_downgrade": false }, { "name": "libprotobuf-c1", "from_version": { "source_package_name": "protobuf-c", "source_package_version": "1.5.1-1ubuntu1", "version": "1.5.1-1ubuntu1" }, "to_version": { "source_package_name": "protobuf-c", "source_package_version": "1.5.1-1ubuntu2", "version": "1.5.1-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "protobuf-c", "version": "1.5.1-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:47:31 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpsl5t64", "from_version": { "source_package_name": "libpsl", "source_package_version": "0.21.2-1.1build1", "version": "0.21.2-1.1build1" }, "to_version": { "source_package_name": "libpsl", "source_package_version": "0.21.2-1.1build2", "version": "0.21.2-1.1build2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libpsl", "version": "0.21.2-1.1build2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 13:44:51 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.13", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.9-1", "version": "3.13.9-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.11-1", "version": "3.13.11-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127898 ], "changes": [ { "cves": [], "log": [ "", " * Python 3.13.11.", " * Fix the tempfile module in python3.13-minimal (min-tempfile.diff).", " (LP: #2127898)", " * Build with -O1 on m68k. Closes: #1121974", "" ], "package": "python3.13", "version": "3.13.11-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2127898 ], "author": "Stefano Rivera ", "date": "Sat, 06 Dec 2025 09:15:20 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.13-minimal", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.9-1", "version": "3.13.9-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.11-1", "version": "3.13.11-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127898 ], "changes": [ { "cves": [], "log": [ "", " * Python 3.13.11.", " * Fix the tempfile module in python3.13-minimal (min-tempfile.diff).", " (LP: #2127898)", " * Build with -O1 on m68k. Closes: #1121974", "" ], "package": "python3.13", "version": "3.13.11-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2127898 ], "author": "Stefano Rivera ", "date": "Sat, 06 Dec 2025 09:15:20 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.13-stdlib", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.9-1", "version": "3.13.9-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.11-1", "version": "3.13.11-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127898 ], "changes": [ { "cves": [], "log": [ "", " * Python 3.13.11.", " * Fix the tempfile module in python3.13-minimal (min-tempfile.diff).", " (LP: #2127898)", " * Build with -O1 on m68k. Closes: #1121974", "" ], "package": "python3.13", "version": "3.13.11-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2127898 ], "author": "Stefano Rivera ", "date": "Sat, 06 Dec 2025 09:15:20 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsframe2", "from_version": { "source_package_name": "binutils", "source_package_version": "2.45.50.20251125-1ubuntu1", "version": "2.45.50.20251125-1ubuntu1" }, "to_version": { "source_package_name": "binutils", "source_package_version": "2.45.50.20251209-1ubuntu1", "version": "2.45.50.20251209-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "binutils", "version": "2.45.50.20251209-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 10:02:27 +0100" }, { "cves": [], "log": [ "", " * New upstream snapshot.", " - Fix PR ld/33702. Closes: #1122125.", " * Update libgprofng symbols file.", "" ], "package": "binutils", "version": "2.45.50.20251209-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 09 Dec 2025 09:47:23 +0100" }, { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "binutils", "version": "2.45.50.20251201-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Mon, 01 Dec 2025 09:15:42 +0100" }, { "cves": [], "log": [ "", " * New upstream snapshot.", " * Update libgprofng symbols file.", " * Refresh patches.", "" ], "package": "binutils", "version": "2.45.50.20251201-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Mon, 01 Dec 2025 08:36:50 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libslang2", "from_version": { "source_package_name": "slang2", "source_package_version": "2.3.3-5", "version": "2.3.3-5" }, "to_version": { "source_package_name": "slang2", "source_package_version": "2.3.3-5build1", "version": "2.3.3-5build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "slang2", "version": "2.3.3-5build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:02:30 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsodium23", "from_version": { "source_package_name": "libsodium", "source_package_version": "1.0.18-1build3", "version": "1.0.18-1build3" }, "to_version": { "source_package_name": "libsodium", "source_package_version": "1.0.18-1build4", "version": "1.0.18-1build4" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libsodium", "version": "1.0.18-1build4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 13:46:42 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libstdc++6", "from_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-9ubuntu1", "version": "15.2.0-9ubuntu1" }, "to_version": { "source_package_name": "gcc-15", "source_package_version": "15.2.0-10ubuntu1", "version": "15.2.0-10ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Build from upstream sources.", "" ], "package": "gcc-15", "version": "15.2.0-10ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 14:54:16 +0100" }, { "cves": [], "log": [ "", " * Update to git 20251202 from the gcc-15 branch.", " - Fix PR target/122858 (ARM), PR target/110796 (ARM),", " PR target/118446 (ARM), PR target/122867 (ARM), PR target/122692 (RISCV),", " PR c++/122658, PR c++/121325, PR c++/122789, PR libstdc++/122921,", " PR libstdc++/122842.", " * Update algol68 to the gcc-15 branch 20251030.", " * Fix some lintian warnings, override some more.", " * Manage the libasan and libcc1 symbols files with the symbols helper.", "" ], "package": "gcc-15", "version": "15.2.0-10", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 14:07:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtinfo6", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20250216-2build1", "version": "6.5+20250216-2build1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Revert change using NCURSES_SBOOL in tic.h which interfered with", " sign-extension in tigetflag (Closes: #1121191).", "" ], "package": "ncurses", "version": "6.5+20251123-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 24 Nov 2025 20:50:02 +0100" }, { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Correct expression for TINFO_LIB variable in misc/ncurses-config.in", " (Closes: #1121208).", " * Add a smoke autopkgtest which builds a simple program, catching the", " above problem.", "" ], "package": "ncurses", "version": "6.5+20251122-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sun, 23 Nov 2025 14:55:47 +0100" }, { "cves": [], "log": [ "", " * Upload to unstable.", "" ], "package": "ncurses", "version": "6.5+20251115-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Thu, 20 Nov 2025 20:52:35 +0100" }, { "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "log": [ "", " * New upstream patchlevel.", " - Add a buffer-limit check in postprocess_termcap (report/testcase", " by Yifan Zhang (CVE-2025-6141, Closes: #1107937)).", " - Formatting improvements for terminfo.5 (Closes: #1096164).", " * Refresh patch 02-debian-backspace.diff.", " * Drop the redundant Rules-Requires-Root field from debian/control.", "" ], "package": "ncurses", "version": "6.5+20251115-1", "urgency": "low", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 17 Nov 2025 18:46:28 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtraceevent1", "from_version": { "source_package_name": "libtraceevent", "source_package_version": "1:1.8.4-2", "version": "1:1.8.4-2" }, "to_version": { "source_package_name": "libtraceevent", "source_package_version": "1:1.8.4-2build1", "version": "1:1.8.4-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libtraceevent", "version": "1:1.8.4-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:33:11 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtraceevent1-plugin", "from_version": { "source_package_name": "libtraceevent", "source_package_version": "1:1.8.4-2", "version": "1:1.8.4-2" }, "to_version": { "source_package_name": "libtraceevent", "source_package_version": "1:1.8.4-2build1", "version": "1:1.8.4-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libtraceevent", "version": "1:1.8.4-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:33:11 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtss2-esys-3.0.2-0t64", "from_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu1", "version": "4.1.3-1.2ubuntu1" }, "to_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu2", "version": "4.1.3-1.2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tpm2-tss", "version": "4.1.3-1.2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtss2-mu-4.0.1-0t64", "from_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu1", "version": "4.1.3-1.2ubuntu1" }, "to_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu2", "version": "4.1.3-1.2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tpm2-tss", "version": "4.1.3-1.2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtss2-sys1t64", "from_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu1", "version": "4.1.3-1.2ubuntu1" }, "to_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu2", "version": "4.1.3-1.2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tpm2-tss", "version": "4.1.3-1.2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtss2-tcti-cmd0t64", "from_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu1", "version": "4.1.3-1.2ubuntu1" }, "to_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu2", "version": "4.1.3-1.2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tpm2-tss", "version": "4.1.3-1.2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtss2-tcti-device0t64", "from_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu1", "version": "4.1.3-1.2ubuntu1" }, "to_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu2", "version": "4.1.3-1.2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tpm2-tss", "version": "4.1.3-1.2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtss2-tcti-mssim0t64", "from_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu1", "version": "4.1.3-1.2ubuntu1" }, "to_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu2", "version": "4.1.3-1.2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tpm2-tss", "version": "4.1.3-1.2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtss2-tcti-swtpm0t64", "from_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu1", "version": "4.1.3-1.2ubuntu1" }, "to_version": { "source_package_name": "tpm2-tss", "source_package_version": "4.1.3-1.2ubuntu2", "version": "4.1.3-1.2ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tpm2-tss", "version": "4.1.3-1.2ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libxext6", "from_version": { "source_package_name": "libxext", "source_package_version": "2:1.3.4-1build2", "version": "2:1.3.4-1build2" }, "to_version": { "source_package_name": "libxext", "source_package_version": "2:1.3.4-1build3", "version": "2:1.3.4-1build3" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "libxext", "version": "2:1.3.4-1build3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 13:50:20 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libxxhash0", "from_version": { "source_package_name": "xxhash", "source_package_version": "0.8.3-2", "version": "0.8.3-2" }, "to_version": { "source_package_name": "xxhash", "source_package_version": "0.8.3-2build1", "version": "0.8.3-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "xxhash", "version": "0.8.3-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:11:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-generic", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.17.0-8.8", "" ], "package": "linux-meta", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 18:18:37 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.17.0-7.7", "" ], "package": "linux-meta", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 10:41:23 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.17.0-8.8", "" ], "package": "linux-meta", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 18:18:37 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.17.0-7.7", "" ], "package": "linux-meta", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 10:41:23 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.17.0-8.8", "" ], "package": "linux-meta", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 18:18:37 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.17.0-7.7", "" ], "package": "linux-meta", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 10:41:23 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-libc-dev", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-perf", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-common", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.17.0-8.8", "" ], "package": "linux-meta", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 18:18:37 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.17.0-7.7", "" ], "package": "linux-meta", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 10:41:23 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "logrotate", "from_version": { "source_package_name": "logrotate", "source_package_version": "3.22.0-1", "version": "3.22.0-1" }, "to_version": { "source_package_name": "logrotate", "source_package_version": "3.22.0-1build1", "version": "3.22.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "logrotate", "version": "3.22.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:35:42 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "lshw", "from_version": { "source_package_name": "lshw", "source_package_version": "02.19.git.2021.06.19.996aaad9c7-2.1ubuntu1", "version": "02.19.git.2021.06.19.996aaad9c7-2.1ubuntu1" }, "to_version": { "source_package_name": "lshw", "source_package_version": "02.19.git.2021.06.19.996aaad9c7-2.1ubuntu2", "version": "02.19.git.2021.06.19.996aaad9c7-2.1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "lshw", "version": "02.19.git.2021.06.19.996aaad9c7-2.1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:36:08 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "lxd-agent-loader", "from_version": { "source_package_name": "lxd-agent-loader", "source_package_version": "0.8", "version": "0.8" }, "to_version": { "source_package_name": "lxd-agent-loader", "source_package_version": "0.8build1", "version": "0.8build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "lxd-agent-loader", "version": "0.8build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:36:39 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "lxd-installer", "from_version": { "source_package_name": "lxd-installer", "source_package_version": "13ubuntu0", "version": "13ubuntu0" }, "to_version": { "source_package_name": "lxd-installer", "source_package_version": "14ubuntu0", "version": "14ubuntu0" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * lxd-installer-service: use 6/stable for Ubuntu 26.04", " * d/tests/install-on-demand: update the expected channel for 26.04", " * d/tests/no-install-on-source: update the expected channel for 26.04", "" ], "package": "lxd-installer", "version": "14ubuntu0", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Simon Deziel ", "date": "Thu, 04 Dec 2025 17:40:24 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "mawk", "from_version": { "source_package_name": "mawk", "source_package_version": "1.3.4.20250131-1", "version": "1.3.4.20250131-1" }, "to_version": { "source_package_name": "mawk", "source_package_version": "1.3.4.20250131-1build1", "version": "1.3.4.20250131-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "mawk", "version": "1.3.4.20250131-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:36:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "modemmanager", "from_version": { "source_package_name": "modemmanager", "source_package_version": "1.24.2-1fakesync1", "version": "1.24.2-1fakesync1" }, "to_version": { "source_package_name": "modemmanager", "source_package_version": "1.24.2-2fakesync1", "version": "1.24.2-2fakesync1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fake sync due to mismatching orig tarball", "" ], "package": "modemmanager", "version": "1.24.2-2fakesync1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Gianfranco Costamagna ", "date": "Fri, 12 Dec 2025 10:22:09 +0100" }, { "cves": [], "log": [ "", " [ Helmut Grohne ]", " * Improve cross building: (Closes: #1087277)", " + Move documentation dependencies to B-D-I.", " + Mark python3-dbus and python3-gi with the nocheck build profile.", "", " [ Arnaud Ferraris ]", " * d/control: fix gobject-introspection dependencies", " `libgirepository1.0-dev shouldn't be used anymore as it isn't", " multiarch-friendly. Instead, use a recent `gobject-introspection` and", " explicitly (build) depend on the needed `gir1.2-*-dev` packages.", " (Closes: #1118899)", " * d/gbp.conf: add default commit messages.", " This makes it more consistent with other packages for which I'm the", " primary maintainer.", " * d/watch: convert to version 5.", " Use the new Gitlab template for easier management, but override the", " matching pattern so we only get stable (pre)releases, which have an even", " minor version number.", " * d/copyright: fix copyright notice for mmcli.", " This is actually GPL-2+, not GPL-3. (Closes: #1116309)", "" ], "package": "modemmanager", "version": "1.24.2-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arnaud Ferraris ", "date": "Wed, 29 Oct 2025 17:27:49 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "motd-news-config", "from_version": { "source_package_name": "base-files", "source_package_version": "14ubuntu4", "version": "14ubuntu4" }, "to_version": { "source_package_name": "base-files", "source_package_version": "14ubuntu5", "version": "14ubuntu5" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * logos: Use the correct Ubuntu logo, and resize it a bit smaller: 72px tall", " * logos: Add SVG variants of the Ubuntu logo", "" ], "package": "base-files", "version": "14ubuntu5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Alessandro Astone ", "date": "Thu, 04 Dec 2025 16:35:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "mtr-tiny", "from_version": { "source_package_name": "mtr", "source_package_version": "0.95-1.1ubuntu1", "version": "0.95-1.1ubuntu1" }, "to_version": { "source_package_name": "mtr", "source_package_version": "0.95-1.1ubuntu2", "version": "0.95-1.1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "mtr", "version": "0.95-1.1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:38:05 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "multipath-tools", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.11.1-3ubuntu2", "version": "0.11.1-3ubuntu2" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.12.0-1ubuntu1", "version": "0.12.0-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2126024 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2126024). Remaining changes:", " - d/rules: don't build the multipath-tools binary package on i386; only kpartx.", " - d/p/enable-find-multipaths.patch: re-enable find_multipaths by", " default -- see the removed 'add_find-multipaths.patch' (LP #1463046)", " - d/t/initramfs: determine extracted main cpio path dynamically", " - d/NEWS: add removal of kpartx-boot package", " - d/rules: remove -Bsymbolic-functions from LDFLAGS", " - d/rules: install friendly names multipath.conf by default", " - d/initramfs: fix multipathd process lingering when local-* initramfs", " scripts are not executed. The multipathd process is started by a script in", " init-top/ (which is executed unconditionally) so it should be", " stopped by an init-bottom script, not a local-bottom script which is", " not always executed (LP #2080474).", " + This is affecting the Ubuntu installer, where we execute (perhaps", " accidentally) the nfs-* scripts instead of the local-* scripts.", " - d/initramfs/scripts/init-top: ensure the bindings file exists before", " calling multipathd -B in the initramfs. This prevents multipathd -B from", " failing and exiting immediately (LP #2120444).", "" ], "package": "multipath-tools", "version": "0.12.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2126024 ], "author": "Jonas Jelten ", "date": "Mon, 01 Dec 2025 16:41:43 +0100" }, { "cves": [], "log": [ "", " * [faa43cc] New upstream version 0.12.0", " * [6be5e93] Refresh patches", " * [9e3a45d] Install multipathd-queueing.service", "" ], "package": "multipath-tools", "version": "0.12.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Sun, 14 Sep 2025 19:44:45 +0200" }, { "cves": [], "log": [ "", " * Upload to unstable", "" ], "package": "multipath-tools", "version": "0.11.1-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Chris Hofstaedtler ", "date": "Tue, 12 Aug 2025 11:33:45 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-base", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20250216-2build1", "version": "6.5+20250216-2build1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Revert change using NCURSES_SBOOL in tic.h which interfered with", " sign-extension in tigetflag (Closes: #1121191).", "" ], "package": "ncurses", "version": "6.5+20251123-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 24 Nov 2025 20:50:02 +0100" }, { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Correct expression for TINFO_LIB variable in misc/ncurses-config.in", " (Closes: #1121208).", " * Add a smoke autopkgtest which builds a simple program, catching the", " above problem.", "" ], "package": "ncurses", "version": "6.5+20251122-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sun, 23 Nov 2025 14:55:47 +0100" }, { "cves": [], "log": [ "", " * Upload to unstable.", "" ], "package": "ncurses", "version": "6.5+20251115-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Thu, 20 Nov 2025 20:52:35 +0100" }, { "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "log": [ "", " * New upstream patchlevel.", " - Add a buffer-limit check in postprocess_termcap (report/testcase", " by Yifan Zhang (CVE-2025-6141, Closes: #1107937)).", " - Formatting improvements for terminfo.5 (Closes: #1096164).", " * Refresh patch 02-debian-backspace.diff.", " * Drop the redundant Rules-Requires-Root field from debian/control.", "" ], "package": "ncurses", "version": "6.5+20251115-1", "urgency": "low", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 17 Nov 2025 18:46:28 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-bin", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20250216-2build1", "version": "6.5+20250216-2build1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Revert change using NCURSES_SBOOL in tic.h which interfered with", " sign-extension in tigetflag (Closes: #1121191).", "" ], "package": "ncurses", "version": "6.5+20251123-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 24 Nov 2025 20:50:02 +0100" }, { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Correct expression for TINFO_LIB variable in misc/ncurses-config.in", " (Closes: #1121208).", " * Add a smoke autopkgtest which builds a simple program, catching the", " above problem.", "" ], "package": "ncurses", "version": "6.5+20251122-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sun, 23 Nov 2025 14:55:47 +0100" }, { "cves": [], "log": [ "", " * Upload to unstable.", "" ], "package": "ncurses", "version": "6.5+20251115-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Thu, 20 Nov 2025 20:52:35 +0100" }, { "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "log": [ "", " * New upstream patchlevel.", " - Add a buffer-limit check in postprocess_termcap (report/testcase", " by Yifan Zhang (CVE-2025-6141, Closes: #1107937)).", " - Formatting improvements for terminfo.5 (Closes: #1096164).", " * Refresh patch 02-debian-backspace.diff.", " * Drop the redundant Rules-Requires-Root field from debian/control.", "" ], "package": "ncurses", "version": "6.5+20251115-1", "urgency": "low", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 17 Nov 2025 18:46:28 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ncurses-term", "from_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20250216-2build1", "version": "6.5+20250216-2build1" }, "to_version": { "source_package_name": "ncurses", "source_package_version": "6.5+20251123-1", "version": "6.5+20251123-1" }, "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Revert change using NCURSES_SBOOL in tic.h which interfered with", " sign-extension in tigetflag (Closes: #1121191).", "" ], "package": "ncurses", "version": "6.5+20251123-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 24 Nov 2025 20:50:02 +0100" }, { "cves": [], "log": [ "", " * New upstream patchlevel.", " - Correct expression for TINFO_LIB variable in misc/ncurses-config.in", " (Closes: #1121208).", " * Add a smoke autopkgtest which builds a simple program, catching the", " above problem.", "" ], "package": "ncurses", "version": "6.5+20251122-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Sun, 23 Nov 2025 14:55:47 +0100" }, { "cves": [], "log": [ "", " * Upload to unstable.", "" ], "package": "ncurses", "version": "6.5+20251115-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Thu, 20 Nov 2025 20:52:35 +0100" }, { "cves": [ { "cve": "CVE-2025-6141", "url": "https://ubuntu.com/security/CVE-2025-6141", "cve_description": "A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.", "cve_priority": "low", "cve_public_date": "2025-06-16 22:16:00 UTC" } ], "log": [ "", " * New upstream patchlevel.", " - Add a buffer-limit check in postprocess_termcap (report/testcase", " by Yifan Zhang (CVE-2025-6141, Closes: #1107937)).", " - Formatting improvements for terminfo.5 (Closes: #1096164).", " * Refresh patch 02-debian-backspace.diff.", " * Drop the redundant Rules-Requires-Root field from debian/control.", "" ], "package": "ncurses", "version": "6.5+20251115-1", "urgency": "low", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Sven Joachim ", "date": "Mon, 17 Nov 2025 18:46:28 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "networkd-dispatcher", "from_version": { "source_package_name": "networkd-dispatcher", "source_package_version": "2.2.4-1.1", "version": "2.2.4-1.1" }, "to_version": { "source_package_name": "networkd-dispatcher", "source_package_version": "2.2.4-1.1build1", "version": "2.2.4-1.1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "networkd-dispatcher", "version": "2.2.4-1.1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:39:09 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "nftables", "from_version": { "source_package_name": "nftables", "source_package_version": "1.1.5-2", "version": "1.1.5-2" }, "to_version": { "source_package_name": "nftables", "source_package_version": "1.1.6-1", "version": "1.1.6-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * [76930dd] d/watch: add `Matching-Pattern`, use `@PACKAGE@` in `Source:`", " * [2ffdc3a] New upstream version 1.1.6 (Closes: #1121439)", " - Complete lightweight tunnel template support, including vxlan,", " geneve and erspan", " - Support for wildcard in netdev hooks", " - Support to pass up bridge frame to the bridge device for local", " processing", " - fib expression correct bytecode for Big Endian and other Big Endian", " fixes", " - man nft(8) documentation updates", " * [5e550d0] d/patches: drop upstreamed patches", " * [8db0897] d/control: bump min. version for libnftnl-dev build-dep to", " 1.3.1", " * [0a941cd] d/rules: drop obsolete configure option", " * [7a1086c] d/rules: suppress running of test-suites", " * [33bbeba] d/tests: drop obsolete minimum kernel-version checks from", " test-runners", " * [baaeb07] d/t/internaltest-monitor.sh: use `-H` option to test with", " installed nft", " * [705fbab] d/t/internaltest-py.sh: use `-H` option to test with", " installed nft", " * [64c9797] d/t/internaltest-json-echo.sh: run new test-suite", " * [4d2ee27] d/t/control: add gawk dependency for shell test-suite", " * [201eb5a] d/rules: use `$(DEB_SOURCE)` for source package name", " * [d12f0ee] d/rules: use `$(SOURCE_DATE_EPOCH)` for build time-stamp", " * [c380eb1] d/p/fix-man-page-typo.patch: new patch to fix typo", "" ], "package": "nftables", "version": "1.1.6-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Jeremy Sowden ", "date": "Sun, 07 Dec 2025 09:07:32 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "ntfs-3g", "from_version": { "source_package_name": "ntfs-3g", "source_package_version": "1:2022.10.3-5", "version": "1:2022.10.3-5" }, "to_version": { "source_package_name": "ntfs-3g", "source_package_version": "1:2022.10.3-5build1", "version": "1:2022.10.3-5build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "ntfs-3g", "version": "1:2022.10.3-5build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:39:27 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-client", "from_version": { "source_package_name": "openssh", "source_package_version": "1:10.0p1-5ubuntu5", "version": "1:10.0p1-5ubuntu5" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:10.2p1-2ubuntu1", "version": "1:10.2p1-2ubuntu1" }, "cves": [ { "cve": "CVE-2025-61984", "url": "https://ubuntu.com/security/CVE-2025-61984", "cve_description": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" }, { "cve": "CVE-2025-61985", "url": "https://ubuntu.com/security/CVE-2025-61985", "cve_description": "ssh in OpenSSH before 10.1 allows the '\\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2130054 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130054). Remaining changes:", " - debian/rules: modify dh_installsystemd invocations for", " socket-activated sshd", " - debian/README.Debian: document systemd socket activation.", " - debian/.gitignore: drop file", " - debian/openssh-server.ucf-md5sum: update for Ubuntu delta", " - d/p/systemd-socket-activation.patch:", " + Fix sshd re-execution behavior when socket activation is used", " + Adapt sshd-session and sshd-auth for systemd socket activation", " + Allow AF_VSOCK sockets", " - debian/tests/systemd-socket-activation: Add autopkgtest for systemd socket", " activation functionality.", " - debian/patches: Immediately report interactive instructions to PAM clients", " - debian/patches: sshconnect2: Write kbd-interactive messages as utf-8", " - debian/control: Build-Depends: systemd-dev", " - d/p/sshd-socket-generator.patch: add generator for socket activation", " - debian/openssh-server.install: install sshd-socket-generator", " - debian/openssh-server.postinst: restart whichever systemd unit is enabled", " - d/t/sshd-socket-generator: add dep8 test for sshd-socket-generator", " - ssh.socket: adjust unit for socket activation by default", " - debian/rules: explicitly enable LTO", " - d/t/ssh-gssapi: disable -e in cleanup()", " - d/p/test-set-UsePAM-no-on-some-tests.patch: set UsePAM=no for some tests", " - d/openssh-server.links: add full sshd.service -> ssh.service alias", " (LP #2087949)", " - document /etc/ssh/sshd_config.d/*.conf better in sshd_config", " (LP #2088207)", " - d/rules,d/control: do not build with wtmpdb support", " - d/t/control: add breaks-testbed restriction to tests", " - d/tests: do not fail when $HOME/.ssh exists", " - test: workaround test failure caused by uutils dd (LP #2125943)", " * Dropped:", " - authfd: fallback to default if $SSH_AUTH_SOCK is unset (LP #2125549)", " [ This was not the right fix, so do not carry it anymore ]", "" ], "package": "openssh", "version": "1:10.2p1-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130054 ], "author": "Nick Rosbrook ", "date": "Tue, 02 Dec 2025 16:22:16 -0500" }, { "cves": [], "log": [ "", " * ssh-session-cleanup: Update pattern for sshd-session split in 9.8", " (closes: #1117965).", " * Link ssh against ssh-pkcs11.o directly (closes: #1117638, #1117720).", "" ], "package": "openssh", "version": "1:10.2p1-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 17 Oct 2025 10:14:14 +0100" }, { "cves": [], "log": [ "", " * New upstream release:", " - ssh-keygen(1): fix download of keys from PKCS#11 tokens.", "" ], "package": "openssh", "version": "1:10.2p1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 10 Oct 2025 14:50:27 +0100" }, { "cves": [], "log": [ "", " * Don't reuse c->isatty for signalling that the remote channel has a tty", " attached (closes: #1117574, #1117594).", " * Link ssh-keygen directly against ssh-pkcs11.c.", "" ], "package": "openssh", "version": "1:10.1p1-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 09 Oct 2025 00:54:25 +0100" }, { "cves": [ { "cve": "CVE-2025-61984", "url": "https://ubuntu.com/security/CVE-2025-61984", "cve_description": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" }, { "cve": "CVE-2025-61985", "url": "https://ubuntu.com/security/CVE-2025-61985", "cve_description": "ssh in OpenSSH before 10.1 allows the '\\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" } ], "log": [ "", " [ Allison Karlitskaya ]", " * sshd@.service: Support ephemeral keys from VM/container hosts.", "", " [ Colin Watson ]", " * New upstream release:", " - ssh(1): add a warning when the connection negotiates a non-post", " quantum key agreement algorithm.", " - ssh(1), sshd(8): major changes to handling of DSCP marking/IPQoS: by", " default, interactive traffic is assigned to the EF (Expedited", " Forwarding) class, while non-interactive traffic uses the operating", " system default DSCP marking.", " - ssh(1), sshd(8): deprecate support for IPv4 type-of-service (ToS)", " keywords in the IPQoS configuration directive.", " - ssh-add(1): when adding certificates to an agent, set the expiry to", " the certificate expiry time plus a short (5 min) grace period.", " - All: remove experimental support for XMSS keys.", " - ssh-agent(1), sshd(8): move agent listener sockets from /tmp to under", " ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8).", " - CVE-2025-61984: ssh(1): disallow control characters in usernames", " passed via the commandline or expanded using %-sequences from the", " configuration file (closes: #1117529),", " - CVE-2025-61985: ssh(1): disallow \\0 characters in ssh:// URIs (closes:", " #1117530).", " - ssh(1), sshd(8): add SIGINFO handlers to log active channel and", " session information.", " - sshd(8): when refusing a certificate for user authentication, log", " enough information to identify the certificate in addition to the", " reason why it was being denied. Makes debugging certificate", " authorisation problems a bit easier.", " - ssh(1), ssh-agent(1): support ed25519 keys hosted on PKCS#11 tokens.", " - ssh(1): add an ssh_config(5) RefuseConnection option that, when", " encountered while processing an active section in a configuration,", " terminates ssh(1) with an error message that contains the argument to", " the option.", " - sshd(8): make the X11 display number check relative to", " X11DisplayOffset. This will allow people to use X11DisplayOffset to", " configure much higher port ranges if they really want, while not", " changing the default behaviour.", " - ssh(1): fix delay on X client startup when ObscureKeystrokeTiming is", " enabled.", " - sshd(8): increase the maximum size of the supported configuration from", " 256KB to 4MB, which ought to be enough for anybody. Fail early and", " visibly when this limit is breached.", " - sftp(1): during sftp uploads, avoid a condition where a failed write", " could be ignored if a subsequent write succeeded. This is unlikely but", " technically possible because sftp servers are allowed to reorder", " requests.", " - sshd(8): avoid a race condition when the sshd-auth process exits that", " could cause a spurious error message to be logged.", " - sshd(8): log at level INFO when PerSourcePenalties actually blocks", " access to a source address range. Previously this was logged at level", " VERBOSE, which hid enforcement actions under default config settings.", " - sshd(8): Make the MaxStartups and PerSourceNetBlockSize options", " first-match-wins as advertised.", " - ssh(1): fix an incorrect return value check in the local forward", " cancellation path that would cause failed cancellations not to be", " logged.", " - sshd(8): make \"Match !final\" not trigger a second parsing pass of", " ssh_config (unless hostname canonicalisation or a separate \"Match", " final\" does).", " - ssh(1): better debug diagnostics when loading keys. Will now list key", " fingerprint and algorithm (not just algorithm number) as well as", " making it explicit which keys didn't load.", " - All: fix a number of memory leaks found by LeakSanitizer, Coverity and", " manual inspection.", " - sshd(8): Output the current name for PermitRootLogin's", " \"prohibit-password\" in sshd -T instead of its deprecated alias", " \"without-password\" (closes: #1095922).", " - ssh(1): make writing known_hosts lines more atomic by writing the", " entire line in one operation and using unbuffered stdio.", " - sshd(8): check the username didn't change during the PAM transactions.", " - sshd(8): don't log audit messages with UNKNOWN hostname to avoid slow", " DNS lookups in the audit subsystem.", " - All: when making a copy of struct passwd, ensure struct fields are", " non-NULL.", " - sshd(8): handle futex_time64 properly in seccomp sandbox.", " - Add contrib/gnome-ssh-askpass4 for GNOME 40+ using the GCR API.", " - ssh-agent(1): exit 0 from SIGTERM under systemd socket-activation,", " preventing a graceful shutdown of an agent via systemd from", " incorrectly marking the service as \"failed\".", " * Drop patches:", " - no-openssl-version-status.patch: Mostly applied upstream; the rest", " only applied to OpenSSL < 3, which isn't relevant to current Debian", " releases.", " - revert-ipqos-defaults.patch: This new upstream release reworks IPQoS,", " so let's see how that works in Debian (closes: #1111446).", " * debian/run-tests: Fix path to dropbear.", "" ], "package": "openssh", "version": "1:10.1p1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Tue, 07 Oct 2025 22:07:19 +0100" }, { "cves": [], "log": [ "", " * Remove some long-obsolete Conflicts (closes: #54243).", " * Fix mistracking of MaxStartups process exits in some situations (closes:", " #1080350).", "" ], "package": "openssh", "version": "1:10.0p1-8", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Sun, 10 Aug 2025 00:07:55 +0100" }, { "cves": [], "log": [ "", " * Make postinst logic for cleaning up the sshd diversion more robust.", "" ], "package": "openssh", "version": "1:10.0p1-7", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 01 Aug 2025 16:02:27 +0100" }, { "cves": [], "log": [ "", " * Temporarily divert /usr/sbin/sshd during upgrades from before", " 1:9.8p1-1~, to avoid new connections failing between unpack and", " configure (closes: #1109742).", "" ], "package": "openssh", "version": "1:10.0p1-6", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 28 Jul 2025 12:17:42 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-server", "from_version": { "source_package_name": "openssh", "source_package_version": "1:10.0p1-5ubuntu5", "version": "1:10.0p1-5ubuntu5" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:10.2p1-2ubuntu1", "version": "1:10.2p1-2ubuntu1" }, "cves": [ { "cve": "CVE-2025-61984", "url": "https://ubuntu.com/security/CVE-2025-61984", "cve_description": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" }, { "cve": "CVE-2025-61985", "url": "https://ubuntu.com/security/CVE-2025-61985", "cve_description": "ssh in OpenSSH before 10.1 allows the '\\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2130054 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130054). Remaining changes:", " - debian/rules: modify dh_installsystemd invocations for", " socket-activated sshd", " - debian/README.Debian: document systemd socket activation.", " - debian/.gitignore: drop file", " - debian/openssh-server.ucf-md5sum: update for Ubuntu delta", " - d/p/systemd-socket-activation.patch:", " + Fix sshd re-execution behavior when socket activation is used", " + Adapt sshd-session and sshd-auth for systemd socket activation", " + Allow AF_VSOCK sockets", " - debian/tests/systemd-socket-activation: Add autopkgtest for systemd socket", " activation functionality.", " - debian/patches: Immediately report interactive instructions to PAM clients", " - debian/patches: sshconnect2: Write kbd-interactive messages as utf-8", " - debian/control: Build-Depends: systemd-dev", " - d/p/sshd-socket-generator.patch: add generator for socket activation", " - debian/openssh-server.install: install sshd-socket-generator", " - debian/openssh-server.postinst: restart whichever systemd unit is enabled", " - d/t/sshd-socket-generator: add dep8 test for sshd-socket-generator", " - ssh.socket: adjust unit for socket activation by default", " - debian/rules: explicitly enable LTO", " - d/t/ssh-gssapi: disable -e in cleanup()", " - d/p/test-set-UsePAM-no-on-some-tests.patch: set UsePAM=no for some tests", " - d/openssh-server.links: add full sshd.service -> ssh.service alias", " (LP #2087949)", " - document /etc/ssh/sshd_config.d/*.conf better in sshd_config", " (LP #2088207)", " - d/rules,d/control: do not build with wtmpdb support", " - d/t/control: add breaks-testbed restriction to tests", " - d/tests: do not fail when $HOME/.ssh exists", " - test: workaround test failure caused by uutils dd (LP #2125943)", " * Dropped:", " - authfd: fallback to default if $SSH_AUTH_SOCK is unset (LP #2125549)", " [ This was not the right fix, so do not carry it anymore ]", "" ], "package": "openssh", "version": "1:10.2p1-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130054 ], "author": "Nick Rosbrook ", "date": "Tue, 02 Dec 2025 16:22:16 -0500" }, { "cves": [], "log": [ "", " * ssh-session-cleanup: Update pattern for sshd-session split in 9.8", " (closes: #1117965).", " * Link ssh against ssh-pkcs11.o directly (closes: #1117638, #1117720).", "" ], "package": "openssh", "version": "1:10.2p1-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 17 Oct 2025 10:14:14 +0100" }, { "cves": [], "log": [ "", " * New upstream release:", " - ssh-keygen(1): fix download of keys from PKCS#11 tokens.", "" ], "package": "openssh", "version": "1:10.2p1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 10 Oct 2025 14:50:27 +0100" }, { "cves": [], "log": [ "", " * Don't reuse c->isatty for signalling that the remote channel has a tty", " attached (closes: #1117574, #1117594).", " * Link ssh-keygen directly against ssh-pkcs11.c.", "" ], "package": "openssh", "version": "1:10.1p1-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 09 Oct 2025 00:54:25 +0100" }, { "cves": [ { "cve": "CVE-2025-61984", "url": "https://ubuntu.com/security/CVE-2025-61984", "cve_description": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" }, { "cve": "CVE-2025-61985", "url": "https://ubuntu.com/security/CVE-2025-61985", "cve_description": "ssh in OpenSSH before 10.1 allows the '\\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" } ], "log": [ "", " [ Allison Karlitskaya ]", " * sshd@.service: Support ephemeral keys from VM/container hosts.", "", " [ Colin Watson ]", " * New upstream release:", " - ssh(1): add a warning when the connection negotiates a non-post", " quantum key agreement algorithm.", " - ssh(1), sshd(8): major changes to handling of DSCP marking/IPQoS: by", " default, interactive traffic is assigned to the EF (Expedited", " Forwarding) class, while non-interactive traffic uses the operating", " system default DSCP marking.", " - ssh(1), sshd(8): deprecate support for IPv4 type-of-service (ToS)", " keywords in the IPQoS configuration directive.", " - ssh-add(1): when adding certificates to an agent, set the expiry to", " the certificate expiry time plus a short (5 min) grace period.", " - All: remove experimental support for XMSS keys.", " - ssh-agent(1), sshd(8): move agent listener sockets from /tmp to under", " ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8).", " - CVE-2025-61984: ssh(1): disallow control characters in usernames", " passed via the commandline or expanded using %-sequences from the", " configuration file (closes: #1117529),", " - CVE-2025-61985: ssh(1): disallow \\0 characters in ssh:// URIs (closes:", " #1117530).", " - ssh(1), sshd(8): add SIGINFO handlers to log active channel and", " session information.", " - sshd(8): when refusing a certificate for user authentication, log", " enough information to identify the certificate in addition to the", " reason why it was being denied. Makes debugging certificate", " authorisation problems a bit easier.", " - ssh(1), ssh-agent(1): support ed25519 keys hosted on PKCS#11 tokens.", " - ssh(1): add an ssh_config(5) RefuseConnection option that, when", " encountered while processing an active section in a configuration,", " terminates ssh(1) with an error message that contains the argument to", " the option.", " - sshd(8): make the X11 display number check relative to", " X11DisplayOffset. This will allow people to use X11DisplayOffset to", " configure much higher port ranges if they really want, while not", " changing the default behaviour.", " - ssh(1): fix delay on X client startup when ObscureKeystrokeTiming is", " enabled.", " - sshd(8): increase the maximum size of the supported configuration from", " 256KB to 4MB, which ought to be enough for anybody. Fail early and", " visibly when this limit is breached.", " - sftp(1): during sftp uploads, avoid a condition where a failed write", " could be ignored if a subsequent write succeeded. This is unlikely but", " technically possible because sftp servers are allowed to reorder", " requests.", " - sshd(8): avoid a race condition when the sshd-auth process exits that", " could cause a spurious error message to be logged.", " - sshd(8): log at level INFO when PerSourcePenalties actually blocks", " access to a source address range. Previously this was logged at level", " VERBOSE, which hid enforcement actions under default config settings.", " - sshd(8): Make the MaxStartups and PerSourceNetBlockSize options", " first-match-wins as advertised.", " - ssh(1): fix an incorrect return value check in the local forward", " cancellation path that would cause failed cancellations not to be", " logged.", " - sshd(8): make \"Match !final\" not trigger a second parsing pass of", " ssh_config (unless hostname canonicalisation or a separate \"Match", " final\" does).", " - ssh(1): better debug diagnostics when loading keys. Will now list key", " fingerprint and algorithm (not just algorithm number) as well as", " making it explicit which keys didn't load.", " - All: fix a number of memory leaks found by LeakSanitizer, Coverity and", " manual inspection.", " - sshd(8): Output the current name for PermitRootLogin's", " \"prohibit-password\" in sshd -T instead of its deprecated alias", " \"without-password\" (closes: #1095922).", " - ssh(1): make writing known_hosts lines more atomic by writing the", " entire line in one operation and using unbuffered stdio.", " - sshd(8): check the username didn't change during the PAM transactions.", " - sshd(8): don't log audit messages with UNKNOWN hostname to avoid slow", " DNS lookups in the audit subsystem.", " - All: when making a copy of struct passwd, ensure struct fields are", " non-NULL.", " - sshd(8): handle futex_time64 properly in seccomp sandbox.", " - Add contrib/gnome-ssh-askpass4 for GNOME 40+ using the GCR API.", " - ssh-agent(1): exit 0 from SIGTERM under systemd socket-activation,", " preventing a graceful shutdown of an agent via systemd from", " incorrectly marking the service as \"failed\".", " * Drop patches:", " - no-openssl-version-status.patch: Mostly applied upstream; the rest", " only applied to OpenSSL < 3, which isn't relevant to current Debian", " releases.", " - revert-ipqos-defaults.patch: This new upstream release reworks IPQoS,", " so let's see how that works in Debian (closes: #1111446).", " * debian/run-tests: Fix path to dropbear.", "" ], "package": "openssh", "version": "1:10.1p1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Tue, 07 Oct 2025 22:07:19 +0100" }, { "cves": [], "log": [ "", " * Remove some long-obsolete Conflicts (closes: #54243).", " * Fix mistracking of MaxStartups process exits in some situations (closes:", " #1080350).", "" ], "package": "openssh", "version": "1:10.0p1-8", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Sun, 10 Aug 2025 00:07:55 +0100" }, { "cves": [], "log": [ "", " * Make postinst logic for cleaning up the sshd diversion more robust.", "" ], "package": "openssh", "version": "1:10.0p1-7", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 01 Aug 2025 16:02:27 +0100" }, { "cves": [], "log": [ "", " * Temporarily divert /usr/sbin/sshd during upgrades from before", " 1:9.8p1-1~, to avoid new connections failing between unpack and", " configure (closes: #1109742).", "" ], "package": "openssh", "version": "1:10.0p1-6", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 28 Jul 2025 12:17:42 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-sftp-server", "from_version": { "source_package_name": "openssh", "source_package_version": "1:10.0p1-5ubuntu5", "version": "1:10.0p1-5ubuntu5" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:10.2p1-2ubuntu1", "version": "1:10.2p1-2ubuntu1" }, "cves": [ { "cve": "CVE-2025-61984", "url": "https://ubuntu.com/security/CVE-2025-61984", "cve_description": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" }, { "cve": "CVE-2025-61985", "url": "https://ubuntu.com/security/CVE-2025-61985", "cve_description": "ssh in OpenSSH before 10.1 allows the '\\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2130054 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130054). Remaining changes:", " - debian/rules: modify dh_installsystemd invocations for", " socket-activated sshd", " - debian/README.Debian: document systemd socket activation.", " - debian/.gitignore: drop file", " - debian/openssh-server.ucf-md5sum: update for Ubuntu delta", " - d/p/systemd-socket-activation.patch:", " + Fix sshd re-execution behavior when socket activation is used", " + Adapt sshd-session and sshd-auth for systemd socket activation", " + Allow AF_VSOCK sockets", " - debian/tests/systemd-socket-activation: Add autopkgtest for systemd socket", " activation functionality.", " - debian/patches: Immediately report interactive instructions to PAM clients", " - debian/patches: sshconnect2: Write kbd-interactive messages as utf-8", " - debian/control: Build-Depends: systemd-dev", " - d/p/sshd-socket-generator.patch: add generator for socket activation", " - debian/openssh-server.install: install sshd-socket-generator", " - debian/openssh-server.postinst: restart whichever systemd unit is enabled", " - d/t/sshd-socket-generator: add dep8 test for sshd-socket-generator", " - ssh.socket: adjust unit for socket activation by default", " - debian/rules: explicitly enable LTO", " - d/t/ssh-gssapi: disable -e in cleanup()", " - d/p/test-set-UsePAM-no-on-some-tests.patch: set UsePAM=no for some tests", " - d/openssh-server.links: add full sshd.service -> ssh.service alias", " (LP #2087949)", " - document /etc/ssh/sshd_config.d/*.conf better in sshd_config", " (LP #2088207)", " - d/rules,d/control: do not build with wtmpdb support", " - d/t/control: add breaks-testbed restriction to tests", " - d/tests: do not fail when $HOME/.ssh exists", " - test: workaround test failure caused by uutils dd (LP #2125943)", " * Dropped:", " - authfd: fallback to default if $SSH_AUTH_SOCK is unset (LP #2125549)", " [ This was not the right fix, so do not carry it anymore ]", "" ], "package": "openssh", "version": "1:10.2p1-2ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130054 ], "author": "Nick Rosbrook ", "date": "Tue, 02 Dec 2025 16:22:16 -0500" }, { "cves": [], "log": [ "", " * ssh-session-cleanup: Update pattern for sshd-session split in 9.8", " (closes: #1117965).", " * Link ssh against ssh-pkcs11.o directly (closes: #1117638, #1117720).", "" ], "package": "openssh", "version": "1:10.2p1-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 17 Oct 2025 10:14:14 +0100" }, { "cves": [], "log": [ "", " * New upstream release:", " - ssh-keygen(1): fix download of keys from PKCS#11 tokens.", "" ], "package": "openssh", "version": "1:10.2p1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 10 Oct 2025 14:50:27 +0100" }, { "cves": [], "log": [ "", " * Don't reuse c->isatty for signalling that the remote channel has a tty", " attached (closes: #1117574, #1117594).", " * Link ssh-keygen directly against ssh-pkcs11.c.", "" ], "package": "openssh", "version": "1:10.1p1-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Thu, 09 Oct 2025 00:54:25 +0100" }, { "cves": [ { "cve": "CVE-2025-61984", "url": "https://ubuntu.com/security/CVE-2025-61984", "cve_description": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" }, { "cve": "CVE-2025-61985", "url": "https://ubuntu.com/security/CVE-2025-61985", "cve_description": "ssh in OpenSSH before 10.1 allows the '\\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.", "cve_priority": "low", "cve_public_date": "2025-10-06 19:15:00 UTC" } ], "log": [ "", " [ Allison Karlitskaya ]", " * sshd@.service: Support ephemeral keys from VM/container hosts.", "", " [ Colin Watson ]", " * New upstream release:", " - ssh(1): add a warning when the connection negotiates a non-post", " quantum key agreement algorithm.", " - ssh(1), sshd(8): major changes to handling of DSCP marking/IPQoS: by", " default, interactive traffic is assigned to the EF (Expedited", " Forwarding) class, while non-interactive traffic uses the operating", " system default DSCP marking.", " - ssh(1), sshd(8): deprecate support for IPv4 type-of-service (ToS)", " keywords in the IPQoS configuration directive.", " - ssh-add(1): when adding certificates to an agent, set the expiry to", " the certificate expiry time plus a short (5 min) grace period.", " - All: remove experimental support for XMSS keys.", " - ssh-agent(1), sshd(8): move agent listener sockets from /tmp to under", " ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8).", " - CVE-2025-61984: ssh(1): disallow control characters in usernames", " passed via the commandline or expanded using %-sequences from the", " configuration file (closes: #1117529),", " - CVE-2025-61985: ssh(1): disallow \\0 characters in ssh:// URIs (closes:", " #1117530).", " - ssh(1), sshd(8): add SIGINFO handlers to log active channel and", " session information.", " - sshd(8): when refusing a certificate for user authentication, log", " enough information to identify the certificate in addition to the", " reason why it was being denied. Makes debugging certificate", " authorisation problems a bit easier.", " - ssh(1), ssh-agent(1): support ed25519 keys hosted on PKCS#11 tokens.", " - ssh(1): add an ssh_config(5) RefuseConnection option that, when", " encountered while processing an active section in a configuration,", " terminates ssh(1) with an error message that contains the argument to", " the option.", " - sshd(8): make the X11 display number check relative to", " X11DisplayOffset. This will allow people to use X11DisplayOffset to", " configure much higher port ranges if they really want, while not", " changing the default behaviour.", " - ssh(1): fix delay on X client startup when ObscureKeystrokeTiming is", " enabled.", " - sshd(8): increase the maximum size of the supported configuration from", " 256KB to 4MB, which ought to be enough for anybody. Fail early and", " visibly when this limit is breached.", " - sftp(1): during sftp uploads, avoid a condition where a failed write", " could be ignored if a subsequent write succeeded. This is unlikely but", " technically possible because sftp servers are allowed to reorder", " requests.", " - sshd(8): avoid a race condition when the sshd-auth process exits that", " could cause a spurious error message to be logged.", " - sshd(8): log at level INFO when PerSourcePenalties actually blocks", " access to a source address range. Previously this was logged at level", " VERBOSE, which hid enforcement actions under default config settings.", " - sshd(8): Make the MaxStartups and PerSourceNetBlockSize options", " first-match-wins as advertised.", " - ssh(1): fix an incorrect return value check in the local forward", " cancellation path that would cause failed cancellations not to be", " logged.", " - sshd(8): make \"Match !final\" not trigger a second parsing pass of", " ssh_config (unless hostname canonicalisation or a separate \"Match", " final\" does).", " - ssh(1): better debug diagnostics when loading keys. Will now list key", " fingerprint and algorithm (not just algorithm number) as well as", " making it explicit which keys didn't load.", " - All: fix a number of memory leaks found by LeakSanitizer, Coverity and", " manual inspection.", " - sshd(8): Output the current name for PermitRootLogin's", " \"prohibit-password\" in sshd -T instead of its deprecated alias", " \"without-password\" (closes: #1095922).", " - ssh(1): make writing known_hosts lines more atomic by writing the", " entire line in one operation and using unbuffered stdio.", " - sshd(8): check the username didn't change during the PAM transactions.", " - sshd(8): don't log audit messages with UNKNOWN hostname to avoid slow", " DNS lookups in the audit subsystem.", " - All: when making a copy of struct passwd, ensure struct fields are", " non-NULL.", " - sshd(8): handle futex_time64 properly in seccomp sandbox.", " - Add contrib/gnome-ssh-askpass4 for GNOME 40+ using the GCR API.", " - ssh-agent(1): exit 0 from SIGTERM under systemd socket-activation,", " preventing a graceful shutdown of an agent via systemd from", " incorrectly marking the service as \"failed\".", " * Drop patches:", " - no-openssl-version-status.patch: Mostly applied upstream; the rest", " only applied to OpenSSL < 3, which isn't relevant to current Debian", " releases.", " - revert-ipqos-defaults.patch: This new upstream release reworks IPQoS,", " so let's see how that works in Debian (closes: #1111446).", " * debian/run-tests: Fix path to dropbear.", "" ], "package": "openssh", "version": "1:10.1p1-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Tue, 07 Oct 2025 22:07:19 +0100" }, { "cves": [], "log": [ "", " * Remove some long-obsolete Conflicts (closes: #54243).", " * Fix mistracking of MaxStartups process exits in some situations (closes:", " #1080350).", "" ], "package": "openssh", "version": "1:10.0p1-8", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Sun, 10 Aug 2025 00:07:55 +0100" }, { "cves": [], "log": [ "", " * Make postinst logic for cleaning up the sshd diversion more robust.", "" ], "package": "openssh", "version": "1:10.0p1-7", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Fri, 01 Aug 2025 16:02:27 +0100" }, { "cves": [], "log": [ "", " * Temporarily divert /usr/sbin/sshd during upgrades from before", " 1:9.8p1-1~, to avoid new connections failing between unpack and", " configure (closes: #1109742).", "" ], "package": "openssh", "version": "1:10.0p1-6", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 28 Jul 2025 12:17:42 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "os-prober", "from_version": { "source_package_name": "os-prober", "source_package_version": "1.83ubuntu2", "version": "1.83ubuntu2" }, "to_version": { "source_package_name": "os-prober", "source_package_version": "1.84ubuntu1", "version": "1.84ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable. Remaining changes:", " - Ignore logger socket-errors (LP #1826294).", " This works around apparmor denials.", " - Replace newns by unshare --mount from util-linux.", " This makes os-prober run in a private mount namespace, as it was initially", " intended.", " - Mount btrfs subvolume @ when present for accessing a btrfs formatted ", " rootfs.", " - Return list of Windows partitions for WINOSDATA instead of only those", " containing the bootrecord. Add Windows10 detection.", " - Fix 50mounted-tests for grub-probe recognition.", " This fixes an issue where 50mounted-tests broke if grub-probe does not", " recognize a filesystem.", "" ], "package": "os-prober", "version": "1.84ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Simon Johnsson ", "date": "Mon, 08 Dec 2025 12:09:51 +0100" }, { "cves": [], "log": [ "", " * Team upload", "", " * Change install path, to make package usrmerge-compliant.", "" ], "package": "os-prober", "version": "1.84", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Holger Wansing ", "date": "Tue, 25 Nov 2025 22:56:51 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "overlayroot", "from_version": { "source_package_name": "cloud-initramfs-tools", "source_package_version": "0.49", "version": "0.49" }, "to_version": { "source_package_name": "cloud-initramfs-tools", "source_package_version": "0.49build1", "version": "0.49build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "cloud-initramfs-tools", "version": "0.49build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:39:33 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "procps", "from_version": { "source_package_name": "procps", "source_package_version": "2:4.0.4-8ubuntu3", "version": "2:4.0.4-8ubuntu3" }, "to_version": { "source_package_name": "procps", "source_package_version": "2:4.0.4-9ubuntu1", "version": "2:4.0.4-9ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130066, 2108979 ], "changes": [ { "cves": [], "log": [ "", " * Merge from Debian unstable (LP: #2130066). Remaining changes:", " - d/p/0010-testsuite-ps-etime-ELAPSED-doesn-t-match-full-format.patch:", " Fix test failure (FTBFS) in testsuite/ps.test/ps_output.exp due to", " invalid regex match inside LXD containers.", " - debian/sysctl.d (Ubuntu-specific):", " + 10-console-messages.conf: stop low-level kernel messages on console.", " + 10-kernel-hardening.conf: add the kptr_restrict setting", " + 10-ipv6-privacy.conf: add a file to sysctl.d to apply the defaults", " for IPv6 privacy extensions for interfaces. (LP#176125, LP#841353)", " + 10-magic-sysrq.conf: Disable most magic sysrq by default, allowing", " critical sync, remount, reboot functions. (LP#194676, LP#1025467)", " + 10-network-security.conf: enable rp_filter.", " + 10-ptrace.conf: describe new PTRACE setting.", " + 10-zeropage.conf: safe mmap_min_addr value for graceful fall-back.", " for armhf, and arm64.", " + 10-qemu.conf.s390x for qemu.", " + 10-bufferbloat.conf: set default qdisc to fq_codel", " + 10-map-count.conf: Increase vm.max_map_count to 1048576", " + ship configs in /usr, with higher priority", " This ensures that Ubuntu's defaults take precedence over", " 50-default.conf from linux-sysctl-defaults. (LP: #2108979)", " - ignore_erofs.patch: Same as ignore_eaccess but for the case", " where part of /proc is read/only.", " - Adjust logic due to rc no longer being propagated (LP#1903351)", " - ignore_eaccess.patch: If we get eaccess when opening a sysctl", " file for writing, don't error out. Otherwise package upgrades", " can fail, especially in containers.", " - Adjust logic due to rc no longer being propagated (LP#1903351)", " - Add basic autopkgtest to validate sysctl-defaults (LP#1962038)", " - d/t/stack-limit: add basic autopkgtest to validate limits", " - d/t/stack-limit: call 'pgrep systemd' instead of 'pgrep bash'", " The autopkgtest currently fails because there is no bash session, and", " pgrep returns non-zero. Use systemd because that will match for pid1.", " - d/tests: make sysctl-defaults test comprehensive", " - d/t/test_sysctyl_defaults.py: skip test if sysctl key invalid (LP#2115346)", " - d/t/control show all sysctl.d configs and make sysctl-defaults test", " Restrictions: isolation-machine (LP#2115346)", " - d/p/lp2120904-openat.patch: utilize file descriptors and openat (LP#2120904)", " - d/p/lp2120904-nullpointer.patch: fix a race when 'status' is unavailable", " in /proc/ resuting in NULL pointer (LP#2120904)", "" ], "package": "procps", "version": "2:4.0.4-9ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130066, 2108979 ], "author": "John Chittum ", "date": "Mon, 01 Dec 2025 14:50:23 -0500" }, { "cves": [], "log": [ "", " [ Craig Small ]", " * d/changelog: Fix number for skill bug", "", " [ Andrew Bower ]", " * Initialise sessions variable in w. (Closes: #1108549)", " * d/patches: get sessions even if !sd_booted()", "" ], "package": "procps", "version": "2:4.0.4-9", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Craig Small ", "date": "Wed, 30 Jul 2025 21:58:40 +1000" } ], "notes": null, "is_version_downgrade": false }, { "name": "python-babel-localedata", "from_version": { "source_package_name": "python-babel", "source_package_version": "2.17.0-1", "version": "2.17.0-1" }, "to_version": { "source_package_name": "python-babel", "source_package_version": "2.17.0-2", "version": "2.17.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Replace old py.test-3 symlink with canonical program", " * Drop \"Rules-Requires-Root: no\": it is the default now", " * Bump Standards-Version to 4.7.2", " * Replace transitional python3-tz with python3-pytz", " * Add debian/salsa-ci.yml", " * Rewrite d/watch in v5 format", "" ], "package": "python-babel", "version": "2.17.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Alexandre Detiste ", "date": "Wed, 03 Dec 2025 14:22:31 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-attr", "from_version": { "source_package_name": "python-attrs", "source_package_version": "25.3.0-1", "version": "25.3.0-1" }, "to_version": { "source_package_name": "python-attrs", "source_package_version": "25.4.0-1", "version": "25.4.0-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Migrate debian/watch to version 5 format", " * New upstream version 25.4.0", " * Move common description to source stanza", " * Refresh patches (no functional changes)", "" ], "package": "python-attrs", "version": "25.4.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Timo Röhling ", "date": "Wed, 08 Oct 2025 15:57:22 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-babel", "from_version": { "source_package_name": "python-babel", "source_package_version": "2.17.0-1", "version": "2.17.0-1" }, "to_version": { "source_package_name": "python-babel", "source_package_version": "2.17.0-2", "version": "2.17.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Replace old py.test-3 symlink with canonical program", " * Drop \"Rules-Requires-Root: no\": it is the default now", " * Bump Standards-Version to 4.7.2", " * Replace transitional python3-tz with python3-pytz", " * Add debian/salsa-ci.yml", " * Rewrite d/watch in v5 format", "" ], "package": "python-babel", "version": "2.17.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Alexandre Detiste ", "date": "Wed, 03 Dec 2025 14:22:31 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-bcrypt", "from_version": { "source_package_name": "python-bcrypt", "source_package_version": "4.3.0-2", "version": "4.3.0-2" }, "to_version": { "source_package_name": "python-bcrypt", "source_package_version": "5.0.0-2", "version": "5.0.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Team upload.", " * Accept pyo3 0.27.", "" ], "package": "python-bcrypt", "version": "5.0.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Wed, 03 Dec 2025 15:32:53 +0000" }, { "cves": [], "log": [ "", " * Team upload.", " * New upstream release.", " * Use dh-sequence-python3.", " * Standards-Version: 4.7.2.", "" ], "package": "python-bcrypt", "version": "5.0.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Wed, 22 Oct 2025 12:37:16 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-boto3", "from_version": { "source_package_name": "python-boto3", "source_package_version": "1.37.9-1", "version": "1.37.9-1" }, "to_version": { "source_package_name": "python-boto3", "source_package_version": "1.40.72-1", "version": "1.40.72-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 1.40.72", " * d/control: adjust Depends according to setup.cfg", "" ], "package": "python-boto3", "version": "1.40.72-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Thomas Bechtold ", "date": "Thu, 13 Nov 2025 09:54:30 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-botocore", "from_version": { "source_package_name": "python-botocore", "source_package_version": "1.37.9+repack-1", "version": "1.37.9+repack-1" }, "to_version": { "source_package_name": "python-botocore", "source_package_version": "1.40.72+repack-1", "version": "1.40.72+repack-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version 1.40.72+repack", " * d/control: add missing python3-dateutil and python3-jmespath Depends", "" ], "package": "python-botocore", "version": "1.40.72+repack-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Thomas Bechtold ", "date": "Thu, 13 Nov 2025 09:18:24 +0100" }, { "cves": [], "log": [ "", " * New upstream version 1.40.68+repack", " * Refresh debian/patches", " * debian/rules: skip 2 more failing TestSSOCredentialFetcher tests", "" ], "package": "python-botocore", "version": "1.40.68+repack-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Thomas Bechtold ", "date": "Fri, 07 Nov 2025 09:53:28 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-bpfcc", "from_version": { "source_package_name": "bpfcc", "source_package_version": "0.31.0+ds-7ubuntu2", "version": "0.31.0+ds-7ubuntu2" }, "to_version": { "source_package_name": "bpfcc", "source_package_version": "0.35.0+ds-1ubuntu1", "version": "0.35.0+ds-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - d/control: enable ppc64el architecture (LP 2074121).", " - d/control: include ppc64el in the arches to skip for lua", " - d/control, d/p/2003-libbpf-tools-debian.patch:", " - Build with llvm-19, FTBFS with 20.", " - d/t/control: Run testsuite as autopkgtest (LP 2052813)", " - d/rules: add back riscv64 to tool_skip_arch, fixing FTBFS", " - Removed delta, bpftool has its own package also in Ubuntu now:", " - Depend on linux-tools-generic instead of bpftool", " - Export bpftool binary to avoid system trying to use the chroot kernel", " - d/p/disable-werror-to-fix-build.patch:", " - disable Werror for now to workaround build issues on ppc64el", " reported upstream https://github.com/iovisor/bcc/pull/5331", " * d/control: Don't use a mix of versioned and unversioned build dependencies.", " * Fix build with LLVM 21, taken from upstream.", "" ], "package": "bpfcc", "version": "0.35.0+ds-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Fri, 24 Oct 2025 14:17:00 +0200" }, { "cves": [], "log": [ "", " [ Alexandre Detiste ]", " * [153d814] refresh debian/copyright-check", "", " [ Ritesh Raj Sarraf ]", " * [377ea5e] New upstream version 0.35.0+ds (Closes: #1112731)", " * [c1bab55] Bump build dependency on cmake to >= 3.12", " * [584da1e] Refresh patches", "" ], "package": "bpfcc", "version": "0.35.0+ds-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Ritesh Raj Sarraf ", "date": "Fri, 24 Oct 2025 15:21:23 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-chardet", "from_version": { "source_package_name": "chardet", "source_package_version": "5.2.0+dfsg-2", "version": "5.2.0+dfsg-2" }, "to_version": { "source_package_name": "chardet", "source_package_version": "5.2.0+dfsg-2build1", "version": "5.2.0+dfsg-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "chardet", "version": "5.2.0+dfsg-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:39:11 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-click", "from_version": { "source_package_name": "python-click", "source_package_version": "8.2.0+0.really.8.1.8-1", "version": "8.2.0+0.really.8.1.8-1" }, "to_version": { "source_package_name": "python-click", "source_package_version": "8.2.0+0.really.8.1.8-1build1", "version": "8.2.0+0.really.8.1.8-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-click", "version": "8.2.0+0.really.8.1.8-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:50:40 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-configobj", "from_version": { "source_package_name": "configobj", "source_package_version": "5.0.9-1", "version": "5.0.9-1" }, "to_version": { "source_package_name": "configobj", "source_package_version": "5.0.9-1build1", "version": "5.0.9-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "configobj", "version": "5.0.9-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:39:53 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-constantly", "from_version": { "source_package_name": "constantly", "source_package_version": "23.10.4-2", "version": "23.10.4-2" }, "to_version": { "source_package_name": "constantly", "source_package_version": "23.10.4-2build1", "version": "23.10.4-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "constantly", "version": "23.10.4-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 10:40:08 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-debian", "from_version": { "source_package_name": "python-debian", "source_package_version": "1.0.1ubuntu1", "version": "1.0.1ubuntu1" }, "to_version": { "source_package_name": "python-debian", "source_package_version": "1.0.1ubuntu2", "version": "1.0.1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-debian", "version": "1.0.1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:52:25 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-distro", "from_version": { "source_package_name": "python-distro", "source_package_version": "1.9.0-1", "version": "1.9.0-1" }, "to_version": { "source_package_name": "python-distro", "source_package_version": "1.9.0-1build1", "version": "1.9.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-distro", "version": "1.9.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 15:08:20 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-distupgrade", "from_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:26.04.2", "version": "1:26.04.2" }, "to_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:26.04.3", "version": "1:26.04.3" }, "cves": [], "launchpad_bugs_fixed": [ 2128839, 2134446 ], "changes": [ { "cves": [], "log": [ "", " * DistUpgrade: prevent upgrades when distro-info-data is outdated", " (LP: #2128839)", " * all: clean forgotten -m references", " * DistUpgrade: do not include 'LTS' in DistUpgradeController.toVersion", " (LP: #2134446)", "" ], "package": "ubuntu-release-upgrader", "version": "1:26.04.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2128839, 2134446 ], "author": "Nick Rosbrook ", "date": "Tue, 09 Dec 2025 11:43:03 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-httplib2", "from_version": { "source_package_name": "python-httplib2", "source_package_version": "0.22.0-1", "version": "0.22.0-1" }, "to_version": { "source_package_name": "python-httplib2", "source_package_version": "0.22.0-1build1", "version": "0.22.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-httplib2", "version": "0.22.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:52:59 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-hyperlink", "from_version": { "source_package_name": "hyperlink", "source_package_version": "21.0.0-6", "version": "21.0.0-6" }, "to_version": { "source_package_name": "hyperlink", "source_package_version": "21.0.0-6build1", "version": "21.0.0-6build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "hyperlink", "version": "21.0.0-6build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:11:57 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-idna", "from_version": { "source_package_name": "python-idna", "source_package_version": "3.10-1", "version": "3.10-1" }, "to_version": { "source_package_name": "python-idna", "source_package_version": "3.10-1build1", "version": "3.10-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-idna", "version": "3.10-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:53:05 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-incremental", "from_version": { "source_package_name": "incremental", "source_package_version": "24.7.2-3", "version": "24.7.2-3" }, "to_version": { "source_package_name": "incremental", "source_package_version": "24.7.2-3build1", "version": "24.7.2-3build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "incremental", "version": "24.7.2-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:12:38 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-jaraco.context", "from_version": { "source_package_name": "jaraco.context", "source_package_version": "6.0.1-1", "version": "6.0.1-1" }, "to_version": { "source_package_name": "jaraco.context", "source_package_version": "6.0.1-1build1", "version": "6.0.1-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "jaraco.context", "version": "6.0.1-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:14:16 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-jaraco.functools", "from_version": { "source_package_name": "python-jaraco.functools", "source_package_version": "4.1.0-1", "version": "4.1.0-1" }, "to_version": { "source_package_name": "python-jaraco.functools", "source_package_version": "4.1.0-1build1", "version": "4.1.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-jaraco.functools", "version": "4.1.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:53:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-jaraco.text", "from_version": { "source_package_name": "jaraco.text", "source_package_version": "4.0.0-1", "version": "4.0.0-1" }, "to_version": { "source_package_name": "jaraco.text", "source_package_version": "4.0.0-1build1", "version": "4.0.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "jaraco.text", "version": "4.0.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:14:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-json-pointer", "from_version": { "source_package_name": "python-json-pointer", "source_package_version": "2.4-3", "version": "2.4-3" }, "to_version": { "source_package_name": "python-json-pointer", "source_package_version": "2.4-3build1", "version": "2.4-3build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-json-pointer", "version": "2.4-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:53:29 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-jsonpatch", "from_version": { "source_package_name": "python-json-patch", "source_package_version": "1.32-5", "version": "1.32-5" }, "to_version": { "source_package_name": "python-json-patch", "source_package_version": "1.32-5build1", "version": "1.32-5build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-json-patch", "version": "1.32-5build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:53:24 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-jsonschema", "from_version": { "source_package_name": "python-jsonschema", "source_package_version": "4.19.2-6ubuntu1", "version": "4.19.2-6ubuntu1" }, "to_version": { "source_package_name": "python-jsonschema", "source_package_version": "4.19.2-6ubuntu2", "version": "4.19.2-6ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-jsonschema", "version": "4.19.2-6ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:54:08 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-launchpadlib", "from_version": { "source_package_name": "python-launchpadlib", "source_package_version": "2.1.0-1", "version": "2.1.0-1" }, "to_version": { "source_package_name": "python-launchpadlib", "source_package_version": "2.1.0-1build1", "version": "2.1.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-launchpadlib", "version": "2.1.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:54:18 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-magic", "from_version": { "source_package_name": "python-magic", "source_package_version": "2:0.4.27-3", "version": "2:0.4.27-3" }, "to_version": { "source_package_name": "python-magic", "source_package_version": "2:0.4.27-3build1", "version": "2:0.4.27-3build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-magic", "version": "2:0.4.27-3build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 15:09:19 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-mdurl", "from_version": { "source_package_name": "mdurl", "source_package_version": "0.1.2-1", "version": "0.1.2-1" }, "to_version": { "source_package_name": "mdurl", "source_package_version": "0.1.2-1build1", "version": "0.1.2-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "mdurl", "version": "0.1.2-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 13:55:17 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-netaddr", "from_version": { "source_package_name": "python-netaddr", "source_package_version": "1.3.0-1", "version": "1.3.0-1" }, "to_version": { "source_package_name": "python-netaddr", "source_package_version": "1.3.0-1build1", "version": "1.3.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-netaddr", "version": "1.3.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:55:05 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-ptyprocess", "from_version": { "source_package_name": "ptyprocess", "source_package_version": "0.7.0-6", "version": "0.7.0-6" }, "to_version": { "source_package_name": "ptyprocess", "source_package_version": "0.7.0-6build1", "version": "0.7.0-6build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "ptyprocess", "version": "0.7.0-6build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:47:39 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pyasn1", "from_version": { "source_package_name": "pyasn1", "source_package_version": "0.6.1-1", "version": "0.6.1-1" }, "to_version": { "source_package_name": "pyasn1", "source_package_version": "0.6.1-1build1", "version": "0.6.1-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "pyasn1", "version": "0.6.1-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:48:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pyasn1-modules", "from_version": { "source_package_name": "python-pyasn1-modules", "source_package_version": "0.4.1-2", "version": "0.4.1-2" }, "to_version": { "source_package_name": "python-pyasn1-modules", "source_package_version": "0.4.1-2build1", "version": "0.4.1-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-pyasn1-modules", "version": "0.4.1-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:56:02 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pygments", "from_version": { "source_package_name": "pygments", "source_package_version": "2.18.0+dfsg-2", "version": "2.18.0+dfsg-2" }, "to_version": { "source_package_name": "pygments", "source_package_version": "2.18.0+dfsg-2build1", "version": "2.18.0+dfsg-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "pygments", "version": "2.18.0+dfsg-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:49:03 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-serial", "from_version": { "source_package_name": "pyserial", "source_package_version": "3.5-2", "version": "3.5-2" }, "to_version": { "source_package_name": "pyserial", "source_package_version": "3.5-2build1", "version": "3.5-2build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "pyserial", "version": "3.5-2build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 15:08:11 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-service-identity", "from_version": { "source_package_name": "python-service-identity", "source_package_version": "24.2.0-1", "version": "24.2.0-1" }, "to_version": { "source_package_name": "python-service-identity", "source_package_version": "24.2.0-1build1", "version": "24.2.0-1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "python-service-identity", "version": "24.2.0-1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 11:57:34 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-software-properties", "from_version": { "source_package_name": "software-properties", "source_package_version": "0.116", "version": "0.116" }, "to_version": { "source_package_name": "software-properties", "source_package_version": "0.118", "version": "0.118" }, "cves": [], "launchpad_bugs_fixed": [ 2131967, 2134379 ], "changes": [ { "cves": [], "log": [ "", " * cloudarchive.py: Enable support for the Gazpacho Ubuntu Cloud Archive on 24.04", " (LP: #2131967).", "" ], "package": "software-properties", "version": "0.118", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131967 ], "author": "Myles Penner ", "date": "Tue, 09 Dec 2025 13:53:17 -0800" }, { "cves": [], "log": [ "", " * d/control, software-properties-qt: drop sip4 dependency due to deprecation", " (LP: #2134379)", "" ], "package": "software-properties", "version": "0.117", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2134379 ], "author": "Dominik Viererbe ", "date": "Wed, 03 Dec 2025 11:16:03 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-urllib3", "from_version": { "source_package_name": "python-urllib3", "source_package_version": "2.3.0-3", "version": "2.3.0-3" }, "to_version": { "source_package_name": "python-urllib3", "source_package_version": "2.5.0-1ubuntu1", "version": "2.5.0-1ubuntu1" }, "cves": [ { "cve": "CVE-2025-66418", "url": "https://ubuntu.com/security/CVE-2025-66418", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.", "cve_priority": "medium", "cve_public_date": "2025-12-05 16:15:00 UTC" }, { "cve": "CVE-2025-66471", "url": "https://ubuntu.com/security/CVE-2025-66471", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.", "cve_priority": "medium", "cve_public_date": "2025-12-05 17:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-66418", "url": "https://ubuntu.com/security/CVE-2025-66418", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.", "cve_priority": "medium", "cve_public_date": "2025-12-05 16:15:00 UTC" }, { "cve": "CVE-2025-66471", "url": "https://ubuntu.com/security/CVE-2025-66471", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.", "cve_priority": "medium", "cve_public_date": "2025-12-05 17:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Denial of service due to unbounded decompression chain.", " - debian/patches/CVE-2025-66418.patch: Add max_decode_links limit and", " checks in src/urllib3/response.py. Add test in test/test_response.py.", " - CVE-2025-66418", " * SECURITY UPDATE: Denial of service due to decompression bomb.", " - debian/patches/CVE-2025-66471.patch: Fix decompression bomb in", " src/urllib3/response.py. Add tests in test/test_response.py.", " - debian/patches/CVE-2025-66471-post1.patch: Remove brotli version warning", " due to intrusive backport for brotli fixes and upstream version warning", " not being appropriate for distro backporting.", " - CVE-2025-66471", "" ], "package": "python-urllib3", "version": "2.5.0-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Hlib Korzhynskyy ", "date": "Thu, 11 Dec 2025 09:58:19 -0330" }, { "cves": [], "log": [ "", " * Team upload.", " * New upstream release.", "" ], "package": "python-urllib3", "version": "2.5.0-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Colin Watson ", "date": "Mon, 18 Aug 2025 11:19:44 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.13", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.9-1", "version": "3.13.9-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.11-1", "version": "3.13.11-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127898 ], "changes": [ { "cves": [], "log": [ "", " * Python 3.13.11.", " * Fix the tempfile module in python3.13-minimal (min-tempfile.diff).", " (LP: #2127898)", " * Build with -O1 on m68k. Closes: #1121974", "" ], "package": "python3.13", "version": "3.13.11-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2127898 ], "author": "Stefano Rivera ", "date": "Sat, 06 Dec 2025 09:15:20 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.13-gdbm", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.9-1", "version": "3.13.9-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.11-1", "version": "3.13.11-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127898 ], "changes": [ { "cves": [], "log": [ "", " * Python 3.13.11.", " * Fix the tempfile module in python3.13-minimal (min-tempfile.diff).", " (LP: #2127898)", " * Build with -O1 on m68k. Closes: #1121974", "" ], "package": "python3.13", "version": "3.13.11-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2127898 ], "author": "Stefano Rivera ", "date": "Sat, 06 Dec 2025 09:15:20 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.13-minimal", "from_version": { "source_package_name": "python3.13", "source_package_version": "3.13.9-1", "version": "3.13.9-1" }, "to_version": { "source_package_name": "python3.13", "source_package_version": "3.13.11-1", "version": "3.13.11-1" }, "cves": [], "launchpad_bugs_fixed": [ 2127898 ], "changes": [ { "cves": [], "log": [ "", " * Python 3.13.11.", " * Fix the tempfile module in python3.13-minimal (min-tempfile.diff).", " (LP: #2127898)", " * Build with -O1 on m68k. Closes: #1121974", "" ], "package": "python3.13", "version": "3.13.11-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2127898 ], "author": "Stefano Rivera ", "date": "Sat, 06 Dec 2025 09:15:20 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.14-gdbm", "from_version": { "source_package_name": "python3.14", "source_package_version": "3.14.0-4", "version": "3.14.0-4" }, "to_version": { "source_package_name": "python3.14", "source_package_version": "3.14.2-1", "version": "3.14.2-1" }, "cves": [ { "cve": "CVE-2025-8291", "url": "https://ubuntu.com/security/CVE-2025-8291", "cve_description": "The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.", "cve_priority": "medium", "cve_public_date": "2025-10-07 18:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " [ Stefano Rivera ]", " * Python 3.14.2 final.", " * Re-enable JIT.", " - Mark JIT symbols optional.", " * Drop -Os from CFLAGS for sh4. Closes: #1122007", " * Build with -O1 on m68k. Closes: #1121969", "" ], "package": "python3.14", "version": "3.14.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Stefano Rivera ", "date": "Sat, 06 Dec 2025 09:20:08 -0400" }, { "cves": [ { "cve": "CVE-2025-8291", "url": "https://ubuntu.com/security/CVE-2025-8291", "cve_description": "The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory (EOCD) Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create ZIP archives that are handled differently by the 'zipfile' module compared to other ZIP implementations. Remediation maintains this behavior, but checks that the offset specified in the ZIP64 EOCD Locator record matches the expected value.", "cve_priority": "medium", "cve_public_date": "2025-10-07 18:16:00 UTC" } ], "log": [ "", " [ Stefano Rivera ]", " * Update hppa patch to the current upstream PR.", " * Add another hppa patch for SNaN behaviour changes, to help pass more", " tests. And one to skip a hanging tests in test_ctypes.", " * Don't enable dtrace support on hppa, it's not supported.", " * Add shutil to python3.14-minimal.", " * Replace docutils-0.22 with the upstream patch.", " * Patch: Prepare for Sphinx 9.", " * Add clang and llvm to control.in, missed earlier (Jochen Sprickerhof).", " Closes: #1118589.", "", " [ Matthias Klose ]", " * Update to the 3.14 branch 2025-12-01.", " * d/p/Add-Debian-specific-documentation-path-to-IDLE-menu.diff:", " Disable, doesn't apply anymore.", " * Drop patches applied upstream: python3.14-hppa.patch,", " hppa-snan.diff, docutils-0.22, sphinx-9, CVE-2025-8291.patch.", " * d/p/llvm-version.diff: Don't patch generated configure file.", " * Refresh patches.", " * Eplicitly use LLVM 21.", " * Update symbols files.", " * Disable jit, ftbfs with ModuleNotFoundError: No module named 'shlex'.", "" ], "package": "python3.14", "version": "3.14.0-5", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Mon, 01 Dec 2025 12:18:59 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "snapd", "from_version": { "source_package_name": "snapd", "source_package_version": "2.72+ubuntu26.04.1", "version": "2.72+ubuntu26.04.1" }, "to_version": { "source_package_name": "snapd", "source_package_version": "2.73+ubuntu26.04.1", "version": "2.73+ubuntu26.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2132084, 2127189, 1851490, 2121853, 2127214, 2127244, 2127766, 2118396, 2114923, 2112551, 2114779, 2112544, 2112332, 1952500, 1849346, 2098780, 2033883 ], "changes": [ { "cves": [], "log": [ "", " * New upstream release, LP: #2132084", " - FDE: do not save incomplete FDE state when resealing was skipped", " - FDE: warn of inconsistent primary or policy counter", " - Confdb: document confdb in snapctl help messages", " - Confdb: only confdb hooks wait if snaps are disabled", " - Confdb: relax confdb change conflict checks", " - Confdb: remove empty parent when removing last leaf", " - Confdb: support parsing field filters", " - Confdb: wrap confdb write values under \"values\" key", " - dm-verity for essential snaps: add new naming convention for", " verity files", " - dm-verity for essential snaps: add snap integrity discovery", " - dm-verity for essential snaps: fix verity salt calculation", " - Assertions: add hardware identity assertion", " - Assertions: add integrity stanza in snap resources revisions", " - Assertions: add request message assertion required for remote", " device management", " - Assertions: add response-message assertion for secure remote", " device management", " - Assertions: expose WithStackedBackstore in RODatabase", " - Packaging: cross-distro | install upstream NEWS file into relevant", " snapd package doc directory", " - Packaging: cross-distro | tweak how the blocks injecting", " $SNAP_MOUNT_DIR/bin are generated as required for openSUSE", " - Packaging: remove deprecated snap-gdb-shim and all references now", " that snap run --gdb is unsupported and replaced by --gdbserver", " - Preseed: call systemd-tmpfiles instead handle-writable-paths on", " uc26", " - Preseed: do not remove the /snap dir but rather all its contents", " during reset", " - snap-confine: attach name derived from security tag to BPF maps", " and programs", " - snap-confine: ensure permitted capabilities match expectation", " - snap-confine: fix cached snap-confine profile cleanup to report", " the correct error instead of masking backend setup failures", " - snap-confine: Improve validation of user controlled paths", " - snap-confine: tighten snap cgroup checks to ensure a snap cannot", " start another snap in the same cgroup, preventing incorrect", " device-filter installation", " - core-initrd: add 26.04 ubuntu-core-initramfs package", " - core-initrd: add missing order dependency for setting default", " system files", " - core-initrd: avoid scanning loop and mmc boot partitions as the", " boot disk won't be any of these", " - core-initrd: make cpio a Depends and remove from Build-Depends", " - core-initrd: start plymouth sooner and reload when gadget is", " available", " - Cross-distro: modify syscheck to account for differences in", " openSUSE 16.0+", " - Validation sets: use in-flight validation sets when calling", " 'snapctl install' from hook", " - Prompting: enable prompting for the camera interface", " - Prompting: remove polkit authentication when modifying/deleting", " prompting rules", " - LP: #2127189 Prompting: do not record notices for unchanged rules", " on snapd startup", " - AppArmor: add free and pidof to the template", " - AppArmor: adjust interfaces/profiles to cope with coreutils paths", " - Interfaces: add support for compatibility expressions", " - Interfaces: checkbox-support | complete overhaul", " - Interfaces: define vulkan-driver-libs, cuda-driver-libs, egl-", " driver-libs, gbm-driver-libs, opengl-driver-libs, and opengles-", " driver-libs", " - Interfaces: allow snaps on classic access to nvidia graphics", " libraries exported by *-driver-libs interfaces", " - Interfaces: fwupd | broaden access to /boot/efi/EFI", " - Interfaces: gsettings | set dconf-service as profile for", " ca.desrt.dconf.Writer", " - Interfaces: iscsi-initiator, dm-multipath, nvme-control | add new", " interfaces", " - Interfaces: opengl | grant read/write permission to /run/nvidia-", " persistenced/socket", " - interfaces: ros-snapd-support | add access to /v2/changes/", " - Interfaces: system-observe | read access to btrfs/ext4/zfs", " filesystem information", " - Interfaces: system-trace | allow /sys/kernel/tracing/** rw", " - Interfaces: usb-gadget | add support for ffs mounts in attributes", " - Add autocompletion to run command", " - Introduce option for disallowing auto-connection of a specific", " interface", " - Only log errors for user service operations performed as a part of", " snap removal", " - Patch snap names in service requests for parallel installed snaps", " - Simplify traits for eMMC special partitions", " - Strip apparmor_parser from debug symbols shrinking snapd size by", " ~3MB", " - Fix InstallPathMany skipping refresh control", " - Fix waiting for GDB helper to stop before attaching gdbserver", " - Protect the per-snap tmp directory against being reaped by age", " - Prevent disabling base snaps to ensure dependent snaps can be", " removed", " - Modify API endpoint /v2/logs to reject n <= 0 (except for special", " case -1 meaning all)", " - Avoid potential deadlock when task is injected after the change", " was aborted", " - Avoid race between store download stream and cache cleanup", " executing in parallel when invoked by snap download task", " - LP: #1851490 Use \"current\" instead of revision number for icons", " - LP: #2121853 Add snapctl version command", " - LP: #2127214 Ensure no more than one partition on disk can match a", " gadget partition", " - LP: #2127244 snap-confine: update AppArmor profile to allow", " read/write to journal as workaround for snap-confine fd", " inheritance prevented by newer AppArmor", " - LP: #2127766 Add new tracing mechanism with independently running", " strace and shim synchronization", "" ], "package": "snapd", "version": "2.73+ubuntu26.04.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132084, 2127189, 1851490, 2121853, 2127214, 2127244, 2127766 ], "author": "Ernest Lotter ", "date": "Fri, 21 Nov 2025 09:08:02 +0200" }, { "cves": [], "log": [ "", " * New upstream release, LP: #2118396", " - FDE: auto-repair when recovery key is used", " - FDE: revoke keys on shim update", " - FDE: revoke old TPM keys when dbx has been updated", " - FDE: do not reseal FDE hook keys every time", " - FDE: store keys in the kernel keyring when installing from initrd", " - FDE: allow disabled DMA on Core", " - FDE: snap-bootstrap: do not check for partition in scan-disk on", " CVM", " - FDE: support secboot preinstall check for 25.10+ hybrid installs", " via the /v2/system/{label} endpoint", " - FDE: support generating recovery key at install time via the", " /v2/systems/{label} endpoint", " - FDE: update passphrase quality check at install time via the", " /v2/systems/{label} endpoint", " - FDE: support replacing recovery key at runtime via the new", " /v2/system-volumes endpoint", " - FDE: support checking recovery keys at runtime via the /v2/system-", " volumes endpoint", " - FDE: support enumerating keyslots at runtime via the /v2/system-", " volumes endpoint", " - FDE: support changing passphrase at runtime via the /v2/system-", " volumes endpoint", " - FDE: support passphrase quality check at runtime via the", " /v2/system-volumes endpoint", " - FDE: update secboot to revision 3e181c8edf0f", " - Confdb: support lists and indexed paths on read and write", " - Confdb: alias references must be wrapped in brackets", " - Confdb: support indexed paths in confdb-schema assertion", " - Confdb: make API errors consistent with options", " - Confdb: fetch confdb-schema assertion on access", " - Confdb: prevent --previous from being used in read-side hooks", " - Components: fix snap command with multiple components", " - Components: set revision of seed components to x1", " - Components: unmount extra kernel-modules components mounts", " - AppArmor Prompting: add lifespan \"session\" for prompting rules", " - AppArmor Prompting: support restoring prompts after snapd restart", " - AppArmor Prompting: limit the extra information included in probed", " AppArmor features and system key", " - Notices: refactor notice state internals", " - SELinux: look for restorecon/matchpathcon at all known locations", " rather than current PATH", " - SELinux: update policy to allow watching cgroups (for RAA), and", " talking to user session agents (service mgmt/refresh)", " - Refresh App Awareness: Fix unexpected inotify file descriptor", " cleanup", " - snap-confine: workaround for glibc fchmodat() fallback and handle", " ENOSYS", " - snap-confine: add support for host policy for limiting users able", " to run snaps", " - LP: #2114923 Reject system key mismatch advise when not yet seeded", " - Use separate lanes for essential and non-essential snaps during", " seeding and allow non-essential installs to retry", " - Fix bug preventing remodel from core18 to core18 when snapd snap", " is unchanged", " - LP: #2112551 Make removal of last active revision of a snap equal", " to snap remove", " - LP: #2114779 Allow non-gpt in fallback mode to support RPi", " - Switch from using systemd LogNamespace to manually controlled", " journal quotas", " - Change snap command trace logging to only log the command names", " - Grant desktop-launch access to /v2/snaps", " - Update code for creating the snap journal stream", " - Switch from using core to snapd snap for snap debug connectivity", " - LP: #2112544 Fix offline remodel case where we switched to a", " channel without an actual refresh", " - LP: #2112332 Exclude snap/snapd/preseeding when generating preseed", " tarball", " - LP: #1952500 Fix snap command progress reporting", " - LP: #1849346 Interfaces: kerberos-tickets | add new interface", " - Interfaces: u2f | add support for Thetis Pro", " - Interfaces: u2f | add OneSpan device and fix older device", " - Interfaces: pipewire, audio-playback | support pipewire as system", " daemon", " - Interfaces: gpg-keys | allow access to GPG agent sockets", " - Interfaces: usb-gadget | add new interface", " - Interfaces: snap-fde-control, firmware-updater-support | add new", " interfaces to support FDE", " - Interfaces: timezone-control | extend to support timedatectl", " varlink", " - Interfaces: cpu-control | fix rules for accessing IRQ sysfs and", " procfs directories", " - Interfaces: microstack-support | allow SR-IOV attachments", " - Interfaces: modify AppArmor template to allow snaps to read their", " own systemd credentials", " - Interfaces: posix-mq | allow stat on /dev/mqueue", " - LP: #2098780 Interfaces: log-observe | add capability", " dac_read_search", " - Interfaces: block-devices | allow access to ZFS pools and datasets", " - LP: #2033883 Interfaces: block-devices | opt-in access to", " individual partitions", " - Interfaces: accel | add new interface to support accel kernel", " subsystem", " - Interfaces: shutdown | allow client to bind on its side of dbus", " socket", " - Interfaces: modify seccomp template to allow pwritev2", " - Interfaces: modify AppArmor template to allow reading", " /proc/sys/fs/nr_open", " - Packaging: drop snap.failure service for openSUSE", " - Packaging: add SELinux support for openSUSE", " - Packaging: disable optee when using nooptee build tag", " - Packaging: add support for static PIE builds in snapd.mk, drop", " pie.patch from openSUSE", " - Packaging: add libcap2-bin runtime dependency for ubuntu-16.04", " - Packaging: use snapd.mk for packaging on Fedora", " - Packaging: exclude .git directory", " - Packaging: fix DPKG_PARSECHANGELOG assignment", " - Packaging: fix building on Fedora with dpkg installed", "" ], "package": "snapd", "version": "2.71", "urgency": "medium", "distributions": "xenial", "launchpad_bugs_fixed": [ 2118396, 2114923, 2112551, 2114779, 2112544, 2112332, 1952500, 1849346, 2098780, 2033883 ], "author": "Ernest Lotter ", "date": "Fri, 25 Jul 2025 13:18:47 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "software-properties-common", "from_version": { "source_package_name": "software-properties", "source_package_version": "0.116", "version": "0.116" }, "to_version": { "source_package_name": "software-properties", "source_package_version": "0.118", "version": "0.118" }, "cves": [], "launchpad_bugs_fixed": [ 2131967, 2134379 ], "changes": [ { "cves": [], "log": [ "", " * cloudarchive.py: Enable support for the Gazpacho Ubuntu Cloud Archive on 24.04", " (LP: #2131967).", "" ], "package": "software-properties", "version": "0.118", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2131967 ], "author": "Myles Penner ", "date": "Tue, 09 Dec 2025 13:53:17 -0800" }, { "cves": [], "log": [ "", " * d/control, software-properties-qt: drop sip4 dependency due to deprecation", " (LP: #2134379)", "" ], "package": "software-properties", "version": "0.117", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2134379 ], "author": "Dominik Viererbe ", "date": "Wed, 03 Dec 2025 11:16:03 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "sos", "from_version": { "source_package_name": "sos", "source_package_version": "4.10.1-1", "version": "4.10.1-1" }, "to_version": { "source_package_name": "sos", "source_package_version": "4.10.2-1", "version": "4.10.2-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream release 4.10.2", "", " * For more details, full release note is available here:", " - https://github.com/sosreport/sos/releases/tag/4.10.2", "", " * d/control: Change maintainer to DPT", " * d/gbp.conf: Conform to DPT policy settings", "" ], "package": "sos", "version": "4.10.2-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Arif Ali ", "date": "Mon, 15 Dec 2025 16:52:51 +0000" } ], "notes": null, "is_version_downgrade": false }, { "name": "ssh-import-id", "from_version": { "source_package_name": "ssh-import-id", "source_package_version": "5.11-0ubuntu3", "version": "5.11-0ubuntu3" }, "to_version": { "source_package_name": "ssh-import-id", "source_package_version": "5.11-0ubuntu4", "version": "5.11-0ubuntu4" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "ssh-import-id", "version": "5.11-0ubuntu4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:02:52 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "sysvinit-utils", "from_version": { "source_package_name": "sysvinit", "source_package_version": "3.14-4ubuntu1", "version": "3.14-4ubuntu1" }, "to_version": { "source_package_name": "sysvinit", "source_package_version": "3.15-5ubuntu1", "version": "3.15-5ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130137 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130137). Remaining changes:", " - d/rules: when building for Ubuntu, skip all binaries except for sysvinit-utils", " * Changes that previously became undocumented:", " - d/rules: install sysvinit-utils into /usr", " This change is separate to only building sysvinit-utils, but it was", " previously melded into the same logical unit.", "" ], "package": "sysvinit", "version": "3.15-5ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130137 ], "author": "Ural Tunaboyu ", "date": "Fri, 31 Oct 2025 16:45:56 +0300" }, { "cves": [], "log": [ "", " * Release to unstable", "" ], "package": "sysvinit", "version": "3.15-5", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Mark Hindley ", "date": "Tue, 21 Oct 2025 08:25:58 +0100" }, { "cves": [], "log": [ "", " * Don't test for existing logfile before running logsave(8).", " (Closes: #1106830)", " * umountfs: recursively umount tmpfs. (Closes: #704108)", " * umountnfs: recursively umount network filesystems. (Closes: #444262)", " * /etc/init.d/rc: also set opost to avoid staircase effect.", " (Closes: #617249)", "" ], "package": "sysvinit", "version": "3.15-4", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Mark Hindley ", "date": "Tue, 14 Oct 2025 08:40:20 +0100" }, { "cves": [], "log": [ "", " * Update inittab on new installations to use ids consistent with", " inittab(5). (Closes: #538257)", " * Deprecate forcefsck. (Closes: #686895)", " * d/control: add Depends login (no longer Essential). (Closes: #1116288)", " * Only create .tmpfs if mount has been successful. (Closes: #719249)", " * Remove all obsolete commented AC checking code. See #326647 and", " related for discussion.", " * d/copyright: remove old FSF address (lintian).", " * d/copyright: update upstream contact and URL.", "" ], "package": "sysvinit", "version": "3.15-3", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Mark Hindley ", "date": "Wed, 08 Oct 2025 09:59:57 +0100" }, { "cves": [], "log": [ "", " * Update inittab on new installations to assume 8bit clean environment.", " (Closes: #435287)", " * Emphasise that /etc/fstab overrides /etc/default/tmpfs. (Closes: #688412) ", " * init-d-script:", " - Support TYPE=oneshot. (Closes: #1108969)", " - comply with style guidelines.", " * Add rcS option EXTRAKERNELFS and framework to support mounting", " additional kernel filesystems. Currently supported options are debugfs", " and cgroupfs2. (Closes: #539352)", "" ], "package": "sysvinit", "version": "3.15-2", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Mark Hindley ", "date": "Tue, 23 Sep 2025 08:29:46 +0100" }, { "cves": [], "log": [ "", " * New upstream version 3.15", " * d/src/README.style: add recommended initscript style.", " * d/src: comply with recommended style. (Closes: #922423)", " * init-d-script.5: document that /etc/default/$NAME environment is not", " available in script top-level. (Closes: #931867)", " * d/control, d/watch: update following upstream migration to codeberg.", "" ], "package": "sysvinit", "version": "3.15-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Mark Hindley ", "date": "Tue, 09 Sep 2025 13:40:37 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "telnet", "from_version": { "source_package_name": "inetutils", "source_package_version": "2:2.6-1ubuntu3", "version": "0.17+2.6-1ubuntu3" }, "to_version": { "source_package_name": "inetutils", "source_package_version": "2:2.6-4ubuntu1", "version": "0.17+2.6-4ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130124 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130124). Remaining changes:", " - Do not test the inetutils-ping package (LP #2009814)", " + d/t/test-root-commands: disable ping tests", " + d/t/control: remove inetutils-ping dependency", " * Drop changes:", " - d/patches/fix-ftbfs-ls-f.patch: Remove 'ls -f' test to prevent FTBFS (LP #2122271)", " [Fixed in 2.6-2]", " * New changes:", " - d/patches/inetutils-ttymsg-suppress-enoent: Fix UTMP support by ignoring ENOENT", " Thanks to Erik Auerswald", "" ], "package": "inetutils", "version": "2:2.6-4ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130124 ], "author": "Valentin Haudiquet ", "date": "Mon, 01 Dec 2025 20:38:18 +0100" }, { "cves": [], "log": [ "", " * Use URL instead of FSF postal address for GPL in debian/copyright.", " * Remove «Rules-Requires-Root: no», which is the current default.", " * Remove «Priority: optional» field, which is the current default.", " * Switch to Standards-Version 4.7.2 (no changes needed).", " * Add Builde-Depends on libcrypt-dev. (Closes: #1106935)", " * Refresh debian/upstream/signing-key.asc (update expiry dates).", "" ], "package": "inetutils", "version": "2:2.6-4", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Mon, 11 Aug 2025 00:25:19 +0200" }, { "cves": [], "log": [ "", " * Make libsystemd-dev support linux-any specific.", "" ], "package": "inetutils", "version": "2:2.6-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Sun, 22 Jun 2025 16:59:29 +0200" }, { "cves": [], "log": [ "", " * Enable libsystemd support to restore utmp functionality in", " syslogd and talkd, on systems running systemd.", " * Remove bogus test for unsorted file listing, causing indeterministic", " build failures on some systems.", "" ], "package": "inetutils", "version": "2:2.6-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Guillem Jover ", "date": "Fri, 20 Jun 2025 03:39:26 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "tmux", "from_version": { "source_package_name": "tmux", "source_package_version": "3.6a-1", "version": "3.6a-1" }, "to_version": { "source_package_name": "tmux", "source_package_version": "3.6a-2", "version": "3.6a-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " [ Sébastien Delafond ]", " * d/copyright: remove references to obsolete files & licenses", " * d/NEWS: warn about server/client incompatibility starting with 3.6", " (Closes: #1121741)", "" ], "package": "tmux", "version": "3.6a-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sebastien Delafond ", "date": "Mon, 01 Dec 2025 16:48:06 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "tnftp", "from_version": { "source_package_name": "tnftp", "source_package_version": "20230507-2build3", "version": "20230507-2build3" }, "to_version": { "source_package_name": "tnftp", "source_package_version": "20230507-2build4", "version": "20230507-2build4" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tnftp", "version": "20230507-2build4", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 15:26:42 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "tpm-udev", "from_version": { "source_package_name": "tpm-udev", "source_package_version": "0.6+nmu1ubuntu1", "version": "0.6+nmu1ubuntu1" }, "to_version": { "source_package_name": "tpm-udev", "source_package_version": "0.6+nmu1ubuntu2", "version": "0.6+nmu1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "tpm-udev", "version": "0.6+nmu1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:01 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "trace-cmd", "from_version": { "source_package_name": "trace-cmd", "source_package_version": "3.3.1-1ubuntu2", "version": "3.3.1-1ubuntu2" }, "to_version": { "source_package_name": "trace-cmd", "source_package_version": "3.3.3-1ubuntu1", "version": "3.3.3-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2130149 ], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian unstable (LP: #2130149). Remaining changes:", " - trace-utest: return non-zero when tests have failed", " - trace-utest: run trace-cmd with --compression none on s390x", " (LP 2114514)", " * Dropped changes, included in Debian:", " - debian/patches: fallback to using /usr/bin/trace-cmd in trace-utest", " - debian/tests: add trace-utest and trace-cmd-examples dep8 tests", "" ], "package": "trace-cmd", "version": "3.3.3-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130149 ], "author": "Nick Rosbrook ", "date": "Wed, 03 Dec 2025 10:09:48 -0500" }, { "cves": [], "log": [ "", " [ Nick Rosbrook ]", " * debian/patches: fallback to using /usr/bin/trace-cmd in trace-utest", " * debian/tests: add trace-utest and trace-cmd-examples dep8 tests", "", " [ Adriaan Schmidt ]", " * Fix install location for tracecmd.py", "", " [ Sudip Mukherjee ]", " * New upstream version 3.3.3", " * Fix bash-completion install path.", " * Update Standards-Version to 4.7.2", " * Remove old fsf address from d/copyright.", "" ], "package": "trace-cmd", "version": "3.3.3-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Sudip Mukherjee ", "date": "Fri, 29 Aug 2025 22:10:20 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-keyring", "from_version": { "source_package_name": "ubuntu-keyring", "source_package_version": "2023.11.28.1", "version": "2023.11.28.1" }, "to_version": { "source_package_name": "ubuntu-keyring", "source_package_version": "2023.11.28.1build1", "version": "2023.11.28.1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "ubuntu-keyring", "version": "2023.11.28.1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 15:26:56 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-release-upgrader-core", "from_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:26.04.2", "version": "1:26.04.2" }, "to_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:26.04.3", "version": "1:26.04.3" }, "cves": [], "launchpad_bugs_fixed": [ 2128839, 2134446 ], "changes": [ { "cves": [], "log": [ "", " * DistUpgrade: prevent upgrades when distro-info-data is outdated", " (LP: #2128839)", " * all: clean forgotten -m references", " * DistUpgrade: do not include 'LTS' in DistUpgradeController.toVersion", " (LP: #2134446)", "" ], "package": "ubuntu-release-upgrader", "version": "1:26.04.3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2128839, 2134446 ], "author": "Nick Rosbrook ", "date": "Tue, 09 Dec 2025 11:43:03 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ufw", "from_version": { "source_package_name": "ufw", "source_package_version": "0.36.2-9", "version": "0.36.2-9" }, "to_version": { "source_package_name": "ufw", "source_package_version": "0.36.2-9build1", "version": "0.36.2-9build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "ufw", "version": "0.36.2-9build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:40 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "unattended-upgrades", "from_version": { "source_package_name": "unattended-upgrades", "source_package_version": "2.12ubuntu4", "version": "2.12ubuntu4" }, "to_version": { "source_package_name": "unattended-upgrades", "source_package_version": "2.12ubuntu5", "version": "2.12ubuntu5" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "unattended-upgrades", "version": "2.12ubuntu5", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:04:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "usb-modeswitch-data", "from_version": { "source_package_name": "usb-modeswitch-data", "source_package_version": "20191128-7", "version": "20191128-7" }, "to_version": { "source_package_name": "usb-modeswitch-data", "source_package_version": "20191128-7build1", "version": "20191128-7build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "usb-modeswitch-data", "version": "20191128-7build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:05:47 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "usb.ids", "from_version": { "source_package_name": "usb.ids", "source_package_version": "2025.09.15-1", "version": "2025.09.15-1" }, "to_version": { "source_package_name": "usb.ids", "source_package_version": "2025.12.13-1", "version": "2025.12.13-1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * New upstream version.", "" ], "package": "usb.ids", "version": "2025.12.13-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Aurelien Jarno ", "date": "Sun, 14 Dec 2025 22:03:43 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "vim", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.0967-1ubuntu6", "version": "2:9.1.0967-1ubuntu6" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.1882-1ubuntu1", "version": "2:9.1.1882-1ubuntu1" }, "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2130146 ], "changes": [ { "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" } ], "log": [ "", " * Merge with Debian unstable (LP: #2130146). Remaining changes:", " - d/p/0001-fix-flaky-terminal-mode-test.vim:", " Fix flaky Vim terminal mode test", " - d/p/0002-disable-failing-tests-on-ppc64.patch:", " Disable some tests that were throwing an ENOMEM during build on", " ppc64el. The tests are only disabled when building on ppc64el.", " - d/p/0003-skip-test-failing-on-s390x-only.patch:", " Skip test failing on s390x", " - d/p/increase_timeout.diff: Increase timeout for the", " Test_pattern_compile_speed patch.", " - d/p/debian/ubuntu-grub-syntax.patch: Add Ubuntu-specific \"quiet\" keyword.", " - d/runtime/vimrc: \"syntax on\" is a sane default for non-tiny Vim.", " Dropping changes applied in upstream:", " - SECURITY UPDATE: Path traversal when opening specially crafted tar/zip", " archives.", " + d/p/CVE-2025-53905.patch: Replace \"echohl Error\" with call,", " remove leading slashes from name, replace tar_secure with g:tar_secure in", " runtime/autoload/tar.vim.", " + d/p/CVE-2025-53906.patch: Add need_rename, replace w! with w,", " call warning for path traversal attack, and escape leading \"../\" in", " runtime/autoload/zip.vim.", " + CVE-2025-53905", " + CVE-2025-53906", " - SECURITY UPDATE: Data loss when extracting special zip files.", " + d/p/CVE-2025-29768.patch: Substitute special characters in", " ./runtime/autoload/zip.vim.", " + CVE-2025-29768", " - SECURITY UPDATE: Code execution when editing tar files.", " + d/p/CVE-2025-27423.patch: Use escape_file instead of fname in", " ./runtime/autoload/tar.vim.", " + CVE-2025-27423", " - SECURITY UPDATE: Use after free when redirecting display command to", " register.", " + d/p/CVE-2025-26603.patch: Change redir_reg check to use", " vim_strchr command check in ./src/register.c.", " + CVE-2025-26603", " - SECURITY UPDATE: Denial of service.", " + d/p/CVE-2025-24014.patch: fix a segfault in win_line()", " in files src/gui.c, src/testdir/crash/ex_redraw_crash,", " src/testdir/test_crash.vim.", " + CVE-2025-24014", " - SECURITY UPDATE: Crash when file is inaccessible with log option.", " + d/p/CVE-2025-1215.patch: Split common_init to common_init_1", " and common_init_2 in ./src/main.c.", " + CVE-2025-1215", " - SECURITY UPDATE: Heap-buffer-overflow when switching buffers.", " + d/p/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to", " src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.", " + CVE-2025-22134", " Dropping changes applied in Debian:", " - Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", " Dropping changes that are no longer needed in Ubuntu:", " - d/p/ubuntu-mouse-off.patch: Mouse mode is actively harmful in some chroots.", " Dropping since it causes many issues with the test suite", " - d/p/ubuntu-disable-mouse-popup-test.patch: Disable mouse popup test", " Is related to ubuntu-mouse-off.patch", " - d/s/include-binaries: Add heap_overflow3 test file to include-binaries", " Dropping since it was originally added for testdata coming from a security", " update, but now the orig tarball actually contains this testdata", " * d/p/0002-disable-failing-tests-on-ppc64.patch: Skip", " Test_autocmd_SafeState", " * d/p/0003-skip-test-failing-on-s390x-only.patch: Skip", " Test_linematch_diff_grouping and", " Test_diff_overlapped_diff_blocks_will_be_merged", "" ], "package": "vim", "version": "2:9.1.1882-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130146 ], "author": "Nadzeya Hutsko ", "date": "Fri, 28 Nov 2025 14:26:41 +0100" }, { "cves": [], "log": [ "", " * Merge upstream patch v9.1.1882", " * Build without wayland on hurd", "" ], "package": "vim", "version": "2:9.1.1882-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 27 Oct 2025 20:41:30 -0400" }, { "cves": [], "log": [ "", " * Merge upstream tag v9.1.1845", " + 9.1.1843: Extend searchcount() timeout if the test is being re-run due", " to flakiness, fixes test failure on slower architectures.", "" ], "package": "vim", "version": "2:9.1.1846-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Oct 2025 14:33:33 -0400" }, { "cves": [], "log": [ "", " * Upload to unstable", " * Merge upstream tag v9.1.1829", " * Remove src/LICENSE, src/README.txt, and runtime/doc/tags.ref during clean", " * Skip tests for termdebug, since they currently fail on 32-bit", " architectures", "" ], "package": "vim", "version": "2:9.1.1829-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 06 Oct 2025 14:48:55 -0400" }, { "cves": [ { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1766 (Closes: #1115819)", " + Security fixes:", " - 9.1.1400: use-after-free when evaluating tuple fails, (Closes:", " #1110898, CVE-2025-55157)", " - 9.1.1406: crash when importing invalid tuple, CVE-2025-55158", " - 9.1.1551: path traversal issue in zip.vim if files have leading '../',", " (Closes: #1109374, CVE-2025-53906)", " - 9.1.1552: path traversal issue in tar.vim if files have leading '/',", " CVE-2025-53905", " - 9.1.1616: xxd: possible buffer overflow with bitwise output,", " CVE-2025-9390", " * Enable socketserver for vim-nox, vim-basic, and vim-gtk3", " * Enable wayland support only for GUI builds", " * Drop obsolete transitional package, vim-athena", "" ], "package": "vim", "version": "2:9.1.1766-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Tue, 23 Sep 2025 21:13:05 -0400" }, { "cves": [], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1385", "", " [ Kirill Rekhov ]", " * d/upstream/metadata: add metadata", " * Fix day-of-week for changelog entries 1:6.3-015+1, 1:6.3-010+1, 4.6-2.", "" ], "package": "vim", "version": "2:9.1.1385-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 15 May 2025 20:28:48 -0400" }, { "cves": [], "log": [ "", " * Backport v9.1.1242 and v9.1.1244 to fix crash when evaluating a variable", " name. (Closes: #1106133)", "" ], "package": "vim", "version": "2:9.1.1230-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 22 May 2025 20:48:59 -0400" }, { "cves": [ { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1230", " + Security fixes:", " - 9.1.1115: use-after-free in str_to_reg(), CVE-2025-26603", " - 9.1.1164: editing a specially crafted tar file allows code execution,", " (Closes: #1099610, CVE-2025-27423)", " - 9.1.1198: potential data loss with zip.vim and crafted zip files,", " (Closes: #1101016, CVE-2025-29768)", "" ], "package": "vim", "version": "2:9.1.1230-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 24 Mar 2025 20:59:06 -0400" }, { "cves": [ { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1113", " + Security fixes:", " - 9.1.1003: heap-buffer overflow with visual mode when using :all,", " CVE-2025-22134", " - 9.1.1043: segfault in win_line(), CVE-2025-24014", " - 9.1.1097: crash when using --log with non-existent path, CVE-2025-1215", "", " [ Andrea Pappacoda ]", " * Drop backspace and history from debian.vim (Closes: #1095155)", "" ], "package": "vim", "version": "2:9.1.1113-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Sat, 15 Feb 2025 20:43:27 -0500" }, { "cves": [], "log": [ "", " * Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", "" ], "package": "vim", "version": "2:9.1.0967-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Jan 2025 06:30:59 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "vim-common", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.0967-1ubuntu6", "version": "2:9.1.0967-1ubuntu6" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.1882-1ubuntu1", "version": "2:9.1.1882-1ubuntu1" }, "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2130146 ], "changes": [ { "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" } ], "log": [ "", " * Merge with Debian unstable (LP: #2130146). Remaining changes:", " - d/p/0001-fix-flaky-terminal-mode-test.vim:", " Fix flaky Vim terminal mode test", " - d/p/0002-disable-failing-tests-on-ppc64.patch:", " Disable some tests that were throwing an ENOMEM during build on", " ppc64el. The tests are only disabled when building on ppc64el.", " - d/p/0003-skip-test-failing-on-s390x-only.patch:", " Skip test failing on s390x", " - d/p/increase_timeout.diff: Increase timeout for the", " Test_pattern_compile_speed patch.", " - d/p/debian/ubuntu-grub-syntax.patch: Add Ubuntu-specific \"quiet\" keyword.", " - d/runtime/vimrc: \"syntax on\" is a sane default for non-tiny Vim.", " Dropping changes applied in upstream:", " - SECURITY UPDATE: Path traversal when opening specially crafted tar/zip", " archives.", " + d/p/CVE-2025-53905.patch: Replace \"echohl Error\" with call,", " remove leading slashes from name, replace tar_secure with g:tar_secure in", " runtime/autoload/tar.vim.", " + d/p/CVE-2025-53906.patch: Add need_rename, replace w! with w,", " call warning for path traversal attack, and escape leading \"../\" in", " runtime/autoload/zip.vim.", " + CVE-2025-53905", " + CVE-2025-53906", " - SECURITY UPDATE: Data loss when extracting special zip files.", " + d/p/CVE-2025-29768.patch: Substitute special characters in", " ./runtime/autoload/zip.vim.", " + CVE-2025-29768", " - SECURITY UPDATE: Code execution when editing tar files.", " + d/p/CVE-2025-27423.patch: Use escape_file instead of fname in", " ./runtime/autoload/tar.vim.", " + CVE-2025-27423", " - SECURITY UPDATE: Use after free when redirecting display command to", " register.", " + d/p/CVE-2025-26603.patch: Change redir_reg check to use", " vim_strchr command check in ./src/register.c.", " + CVE-2025-26603", " - SECURITY UPDATE: Denial of service.", " + d/p/CVE-2025-24014.patch: fix a segfault in win_line()", " in files src/gui.c, src/testdir/crash/ex_redraw_crash,", " src/testdir/test_crash.vim.", " + CVE-2025-24014", " - SECURITY UPDATE: Crash when file is inaccessible with log option.", " + d/p/CVE-2025-1215.patch: Split common_init to common_init_1", " and common_init_2 in ./src/main.c.", " + CVE-2025-1215", " - SECURITY UPDATE: Heap-buffer-overflow when switching buffers.", " + d/p/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to", " src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.", " + CVE-2025-22134", " Dropping changes applied in Debian:", " - Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", " Dropping changes that are no longer needed in Ubuntu:", " - d/p/ubuntu-mouse-off.patch: Mouse mode is actively harmful in some chroots.", " Dropping since it causes many issues with the test suite", " - d/p/ubuntu-disable-mouse-popup-test.patch: Disable mouse popup test", " Is related to ubuntu-mouse-off.patch", " - d/s/include-binaries: Add heap_overflow3 test file to include-binaries", " Dropping since it was originally added for testdata coming from a security", " update, but now the orig tarball actually contains this testdata", " * d/p/0002-disable-failing-tests-on-ppc64.patch: Skip", " Test_autocmd_SafeState", " * d/p/0003-skip-test-failing-on-s390x-only.patch: Skip", " Test_linematch_diff_grouping and", " Test_diff_overlapped_diff_blocks_will_be_merged", "" ], "package": "vim", "version": "2:9.1.1882-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130146 ], "author": "Nadzeya Hutsko ", "date": "Fri, 28 Nov 2025 14:26:41 +0100" }, { "cves": [], "log": [ "", " * Merge upstream patch v9.1.1882", " * Build without wayland on hurd", "" ], "package": "vim", "version": "2:9.1.1882-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 27 Oct 2025 20:41:30 -0400" }, { "cves": [], "log": [ "", " * Merge upstream tag v9.1.1845", " + 9.1.1843: Extend searchcount() timeout if the test is being re-run due", " to flakiness, fixes test failure on slower architectures.", "" ], "package": "vim", "version": "2:9.1.1846-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Oct 2025 14:33:33 -0400" }, { "cves": [], "log": [ "", " * Upload to unstable", " * Merge upstream tag v9.1.1829", " * Remove src/LICENSE, src/README.txt, and runtime/doc/tags.ref during clean", " * Skip tests for termdebug, since they currently fail on 32-bit", " architectures", "" ], "package": "vim", "version": "2:9.1.1829-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 06 Oct 2025 14:48:55 -0400" }, { "cves": [ { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1766 (Closes: #1115819)", " + Security fixes:", " - 9.1.1400: use-after-free when evaluating tuple fails, (Closes:", " #1110898, CVE-2025-55157)", " - 9.1.1406: crash when importing invalid tuple, CVE-2025-55158", " - 9.1.1551: path traversal issue in zip.vim if files have leading '../',", " (Closes: #1109374, CVE-2025-53906)", " - 9.1.1552: path traversal issue in tar.vim if files have leading '/',", " CVE-2025-53905", " - 9.1.1616: xxd: possible buffer overflow with bitwise output,", " CVE-2025-9390", " * Enable socketserver for vim-nox, vim-basic, and vim-gtk3", " * Enable wayland support only for GUI builds", " * Drop obsolete transitional package, vim-athena", "" ], "package": "vim", "version": "2:9.1.1766-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Tue, 23 Sep 2025 21:13:05 -0400" }, { "cves": [], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1385", "", " [ Kirill Rekhov ]", " * d/upstream/metadata: add metadata", " * Fix day-of-week for changelog entries 1:6.3-015+1, 1:6.3-010+1, 4.6-2.", "" ], "package": "vim", "version": "2:9.1.1385-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 15 May 2025 20:28:48 -0400" }, { "cves": [], "log": [ "", " * Backport v9.1.1242 and v9.1.1244 to fix crash when evaluating a variable", " name. (Closes: #1106133)", "" ], "package": "vim", "version": "2:9.1.1230-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 22 May 2025 20:48:59 -0400" }, { "cves": [ { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1230", " + Security fixes:", " - 9.1.1115: use-after-free in str_to_reg(), CVE-2025-26603", " - 9.1.1164: editing a specially crafted tar file allows code execution,", " (Closes: #1099610, CVE-2025-27423)", " - 9.1.1198: potential data loss with zip.vim and crafted zip files,", " (Closes: #1101016, CVE-2025-29768)", "" ], "package": "vim", "version": "2:9.1.1230-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 24 Mar 2025 20:59:06 -0400" }, { "cves": [ { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1113", " + Security fixes:", " - 9.1.1003: heap-buffer overflow with visual mode when using :all,", " CVE-2025-22134", " - 9.1.1043: segfault in win_line(), CVE-2025-24014", " - 9.1.1097: crash when using --log with non-existent path, CVE-2025-1215", "", " [ Andrea Pappacoda ]", " * Drop backspace and history from debian.vim (Closes: #1095155)", "" ], "package": "vim", "version": "2:9.1.1113-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Sat, 15 Feb 2025 20:43:27 -0500" }, { "cves": [], "log": [ "", " * Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", "" ], "package": "vim", "version": "2:9.1.0967-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Jan 2025 06:30:59 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "vim-runtime", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.0967-1ubuntu6", "version": "2:9.1.0967-1ubuntu6" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.1882-1ubuntu1", "version": "2:9.1.1882-1ubuntu1" }, "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2130146 ], "changes": [ { "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" } ], "log": [ "", " * Merge with Debian unstable (LP: #2130146). Remaining changes:", " - d/p/0001-fix-flaky-terminal-mode-test.vim:", " Fix flaky Vim terminal mode test", " - d/p/0002-disable-failing-tests-on-ppc64.patch:", " Disable some tests that were throwing an ENOMEM during build on", " ppc64el. The tests are only disabled when building on ppc64el.", " - d/p/0003-skip-test-failing-on-s390x-only.patch:", " Skip test failing on s390x", " - d/p/increase_timeout.diff: Increase timeout for the", " Test_pattern_compile_speed patch.", " - d/p/debian/ubuntu-grub-syntax.patch: Add Ubuntu-specific \"quiet\" keyword.", " - d/runtime/vimrc: \"syntax on\" is a sane default for non-tiny Vim.", " Dropping changes applied in upstream:", " - SECURITY UPDATE: Path traversal when opening specially crafted tar/zip", " archives.", " + d/p/CVE-2025-53905.patch: Replace \"echohl Error\" with call,", " remove leading slashes from name, replace tar_secure with g:tar_secure in", " runtime/autoload/tar.vim.", " + d/p/CVE-2025-53906.patch: Add need_rename, replace w! with w,", " call warning for path traversal attack, and escape leading \"../\" in", " runtime/autoload/zip.vim.", " + CVE-2025-53905", " + CVE-2025-53906", " - SECURITY UPDATE: Data loss when extracting special zip files.", " + d/p/CVE-2025-29768.patch: Substitute special characters in", " ./runtime/autoload/zip.vim.", " + CVE-2025-29768", " - SECURITY UPDATE: Code execution when editing tar files.", " + d/p/CVE-2025-27423.patch: Use escape_file instead of fname in", " ./runtime/autoload/tar.vim.", " + CVE-2025-27423", " - SECURITY UPDATE: Use after free when redirecting display command to", " register.", " + d/p/CVE-2025-26603.patch: Change redir_reg check to use", " vim_strchr command check in ./src/register.c.", " + CVE-2025-26603", " - SECURITY UPDATE: Denial of service.", " + d/p/CVE-2025-24014.patch: fix a segfault in win_line()", " in files src/gui.c, src/testdir/crash/ex_redraw_crash,", " src/testdir/test_crash.vim.", " + CVE-2025-24014", " - SECURITY UPDATE: Crash when file is inaccessible with log option.", " + d/p/CVE-2025-1215.patch: Split common_init to common_init_1", " and common_init_2 in ./src/main.c.", " + CVE-2025-1215", " - SECURITY UPDATE: Heap-buffer-overflow when switching buffers.", " + d/p/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to", " src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.", " + CVE-2025-22134", " Dropping changes applied in Debian:", " - Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", " Dropping changes that are no longer needed in Ubuntu:", " - d/p/ubuntu-mouse-off.patch: Mouse mode is actively harmful in some chroots.", " Dropping since it causes many issues with the test suite", " - d/p/ubuntu-disable-mouse-popup-test.patch: Disable mouse popup test", " Is related to ubuntu-mouse-off.patch", " - d/s/include-binaries: Add heap_overflow3 test file to include-binaries", " Dropping since it was originally added for testdata coming from a security", " update, but now the orig tarball actually contains this testdata", " * d/p/0002-disable-failing-tests-on-ppc64.patch: Skip", " Test_autocmd_SafeState", " * d/p/0003-skip-test-failing-on-s390x-only.patch: Skip", " Test_linematch_diff_grouping and", " Test_diff_overlapped_diff_blocks_will_be_merged", "" ], "package": "vim", "version": "2:9.1.1882-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130146 ], "author": "Nadzeya Hutsko ", "date": "Fri, 28 Nov 2025 14:26:41 +0100" }, { "cves": [], "log": [ "", " * Merge upstream patch v9.1.1882", " * Build without wayland on hurd", "" ], "package": "vim", "version": "2:9.1.1882-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 27 Oct 2025 20:41:30 -0400" }, { "cves": [], "log": [ "", " * Merge upstream tag v9.1.1845", " + 9.1.1843: Extend searchcount() timeout if the test is being re-run due", " to flakiness, fixes test failure on slower architectures.", "" ], "package": "vim", "version": "2:9.1.1846-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Oct 2025 14:33:33 -0400" }, { "cves": [], "log": [ "", " * Upload to unstable", " * Merge upstream tag v9.1.1829", " * Remove src/LICENSE, src/README.txt, and runtime/doc/tags.ref during clean", " * Skip tests for termdebug, since they currently fail on 32-bit", " architectures", "" ], "package": "vim", "version": "2:9.1.1829-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 06 Oct 2025 14:48:55 -0400" }, { "cves": [ { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1766 (Closes: #1115819)", " + Security fixes:", " - 9.1.1400: use-after-free when evaluating tuple fails, (Closes:", " #1110898, CVE-2025-55157)", " - 9.1.1406: crash when importing invalid tuple, CVE-2025-55158", " - 9.1.1551: path traversal issue in zip.vim if files have leading '../',", " (Closes: #1109374, CVE-2025-53906)", " - 9.1.1552: path traversal issue in tar.vim if files have leading '/',", " CVE-2025-53905", " - 9.1.1616: xxd: possible buffer overflow with bitwise output,", " CVE-2025-9390", " * Enable socketserver for vim-nox, vim-basic, and vim-gtk3", " * Enable wayland support only for GUI builds", " * Drop obsolete transitional package, vim-athena", "" ], "package": "vim", "version": "2:9.1.1766-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Tue, 23 Sep 2025 21:13:05 -0400" }, { "cves": [], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1385", "", " [ Kirill Rekhov ]", " * d/upstream/metadata: add metadata", " * Fix day-of-week for changelog entries 1:6.3-015+1, 1:6.3-010+1, 4.6-2.", "" ], "package": "vim", "version": "2:9.1.1385-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 15 May 2025 20:28:48 -0400" }, { "cves": [], "log": [ "", " * Backport v9.1.1242 and v9.1.1244 to fix crash when evaluating a variable", " name. (Closes: #1106133)", "" ], "package": "vim", "version": "2:9.1.1230-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 22 May 2025 20:48:59 -0400" }, { "cves": [ { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1230", " + Security fixes:", " - 9.1.1115: use-after-free in str_to_reg(), CVE-2025-26603", " - 9.1.1164: editing a specially crafted tar file allows code execution,", " (Closes: #1099610, CVE-2025-27423)", " - 9.1.1198: potential data loss with zip.vim and crafted zip files,", " (Closes: #1101016, CVE-2025-29768)", "" ], "package": "vim", "version": "2:9.1.1230-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 24 Mar 2025 20:59:06 -0400" }, { "cves": [ { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1113", " + Security fixes:", " - 9.1.1003: heap-buffer overflow with visual mode when using :all,", " CVE-2025-22134", " - 9.1.1043: segfault in win_line(), CVE-2025-24014", " - 9.1.1097: crash when using --log with non-existent path, CVE-2025-1215", "", " [ Andrea Pappacoda ]", " * Drop backspace and history from debian.vim (Closes: #1095155)", "" ], "package": "vim", "version": "2:9.1.1113-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Sat, 15 Feb 2025 20:43:27 -0500" }, { "cves": [], "log": [ "", " * Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", "" ], "package": "vim", "version": "2:9.1.0967-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Jan 2025 06:30:59 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "vim-tiny", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.0967-1ubuntu6", "version": "2:9.1.0967-1ubuntu6" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.1882-1ubuntu1", "version": "2:9.1.1882-1ubuntu1" }, "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2130146 ], "changes": [ { "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" } ], "log": [ "", " * Merge with Debian unstable (LP: #2130146). Remaining changes:", " - d/p/0001-fix-flaky-terminal-mode-test.vim:", " Fix flaky Vim terminal mode test", " - d/p/0002-disable-failing-tests-on-ppc64.patch:", " Disable some tests that were throwing an ENOMEM during build on", " ppc64el. The tests are only disabled when building on ppc64el.", " - d/p/0003-skip-test-failing-on-s390x-only.patch:", " Skip test failing on s390x", " - d/p/increase_timeout.diff: Increase timeout for the", " Test_pattern_compile_speed patch.", " - d/p/debian/ubuntu-grub-syntax.patch: Add Ubuntu-specific \"quiet\" keyword.", " - d/runtime/vimrc: \"syntax on\" is a sane default for non-tiny Vim.", " Dropping changes applied in upstream:", " - SECURITY UPDATE: Path traversal when opening specially crafted tar/zip", " archives.", " + d/p/CVE-2025-53905.patch: Replace \"echohl Error\" with call,", " remove leading slashes from name, replace tar_secure with g:tar_secure in", " runtime/autoload/tar.vim.", " + d/p/CVE-2025-53906.patch: Add need_rename, replace w! with w,", " call warning for path traversal attack, and escape leading \"../\" in", " runtime/autoload/zip.vim.", " + CVE-2025-53905", " + CVE-2025-53906", " - SECURITY UPDATE: Data loss when extracting special zip files.", " + d/p/CVE-2025-29768.patch: Substitute special characters in", " ./runtime/autoload/zip.vim.", " + CVE-2025-29768", " - SECURITY UPDATE: Code execution when editing tar files.", " + d/p/CVE-2025-27423.patch: Use escape_file instead of fname in", " ./runtime/autoload/tar.vim.", " + CVE-2025-27423", " - SECURITY UPDATE: Use after free when redirecting display command to", " register.", " + d/p/CVE-2025-26603.patch: Change redir_reg check to use", " vim_strchr command check in ./src/register.c.", " + CVE-2025-26603", " - SECURITY UPDATE: Denial of service.", " + d/p/CVE-2025-24014.patch: fix a segfault in win_line()", " in files src/gui.c, src/testdir/crash/ex_redraw_crash,", " src/testdir/test_crash.vim.", " + CVE-2025-24014", " - SECURITY UPDATE: Crash when file is inaccessible with log option.", " + d/p/CVE-2025-1215.patch: Split common_init to common_init_1", " and common_init_2 in ./src/main.c.", " + CVE-2025-1215", " - SECURITY UPDATE: Heap-buffer-overflow when switching buffers.", " + d/p/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to", " src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.", " + CVE-2025-22134", " Dropping changes applied in Debian:", " - Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", " Dropping changes that are no longer needed in Ubuntu:", " - d/p/ubuntu-mouse-off.patch: Mouse mode is actively harmful in some chroots.", " Dropping since it causes many issues with the test suite", " - d/p/ubuntu-disable-mouse-popup-test.patch: Disable mouse popup test", " Is related to ubuntu-mouse-off.patch", " - d/s/include-binaries: Add heap_overflow3 test file to include-binaries", " Dropping since it was originally added for testdata coming from a security", " update, but now the orig tarball actually contains this testdata", " * d/p/0002-disable-failing-tests-on-ppc64.patch: Skip", " Test_autocmd_SafeState", " * d/p/0003-skip-test-failing-on-s390x-only.patch: Skip", " Test_linematch_diff_grouping and", " Test_diff_overlapped_diff_blocks_will_be_merged", "" ], "package": "vim", "version": "2:9.1.1882-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130146 ], "author": "Nadzeya Hutsko ", "date": "Fri, 28 Nov 2025 14:26:41 +0100" }, { "cves": [], "log": [ "", " * Merge upstream patch v9.1.1882", " * Build without wayland on hurd", "" ], "package": "vim", "version": "2:9.1.1882-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 27 Oct 2025 20:41:30 -0400" }, { "cves": [], "log": [ "", " * Merge upstream tag v9.1.1845", " + 9.1.1843: Extend searchcount() timeout if the test is being re-run due", " to flakiness, fixes test failure on slower architectures.", "" ], "package": "vim", "version": "2:9.1.1846-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Oct 2025 14:33:33 -0400" }, { "cves": [], "log": [ "", " * Upload to unstable", " * Merge upstream tag v9.1.1829", " * Remove src/LICENSE, src/README.txt, and runtime/doc/tags.ref during clean", " * Skip tests for termdebug, since they currently fail on 32-bit", " architectures", "" ], "package": "vim", "version": "2:9.1.1829-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 06 Oct 2025 14:48:55 -0400" }, { "cves": [ { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1766 (Closes: #1115819)", " + Security fixes:", " - 9.1.1400: use-after-free when evaluating tuple fails, (Closes:", " #1110898, CVE-2025-55157)", " - 9.1.1406: crash when importing invalid tuple, CVE-2025-55158", " - 9.1.1551: path traversal issue in zip.vim if files have leading '../',", " (Closes: #1109374, CVE-2025-53906)", " - 9.1.1552: path traversal issue in tar.vim if files have leading '/',", " CVE-2025-53905", " - 9.1.1616: xxd: possible buffer overflow with bitwise output,", " CVE-2025-9390", " * Enable socketserver for vim-nox, vim-basic, and vim-gtk3", " * Enable wayland support only for GUI builds", " * Drop obsolete transitional package, vim-athena", "" ], "package": "vim", "version": "2:9.1.1766-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Tue, 23 Sep 2025 21:13:05 -0400" }, { "cves": [], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1385", "", " [ Kirill Rekhov ]", " * d/upstream/metadata: add metadata", " * Fix day-of-week for changelog entries 1:6.3-015+1, 1:6.3-010+1, 4.6-2.", "" ], "package": "vim", "version": "2:9.1.1385-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 15 May 2025 20:28:48 -0400" }, { "cves": [], "log": [ "", " * Backport v9.1.1242 and v9.1.1244 to fix crash when evaluating a variable", " name. (Closes: #1106133)", "" ], "package": "vim", "version": "2:9.1.1230-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 22 May 2025 20:48:59 -0400" }, { "cves": [ { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1230", " + Security fixes:", " - 9.1.1115: use-after-free in str_to_reg(), CVE-2025-26603", " - 9.1.1164: editing a specially crafted tar file allows code execution,", " (Closes: #1099610, CVE-2025-27423)", " - 9.1.1198: potential data loss with zip.vim and crafted zip files,", " (Closes: #1101016, CVE-2025-29768)", "" ], "package": "vim", "version": "2:9.1.1230-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 24 Mar 2025 20:59:06 -0400" }, { "cves": [ { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1113", " + Security fixes:", " - 9.1.1003: heap-buffer overflow with visual mode when using :all,", " CVE-2025-22134", " - 9.1.1043: segfault in win_line(), CVE-2025-24014", " - 9.1.1097: crash when using --log with non-existent path, CVE-2025-1215", "", " [ Andrea Pappacoda ]", " * Drop backspace and history from debian.vim (Closes: #1095155)", "" ], "package": "vim", "version": "2:9.1.1113-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Sat, 15 Feb 2025 20:43:27 -0500" }, { "cves": [], "log": [ "", " * Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", "" ], "package": "vim", "version": "2:9.1.0967-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Jan 2025 06:30:59 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "xauth", "from_version": { "source_package_name": "xauth", "source_package_version": "1:1.1.2-1.1", "version": "1:1.1.2-1.1" }, "to_version": { "source_package_name": "xauth", "source_package_version": "1:1.1.2-1.1build1", "version": "1:1.1.2-1.1build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "xauth", "version": "1:1.1.2-1.1build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:08:11 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "xfsprogs", "from_version": { "source_package_name": "xfsprogs", "source_package_version": "6.16.0-1", "version": "6.16.0-1" }, "to_version": { "source_package_name": "xfsprogs", "source_package_version": "6.17.0-2", "version": "6.17.0-2" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Fix broken quota that is caused by a bad ioctl", "" ], "package": "xfsprogs", "version": "6.17.0-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Bastian Germann ", "date": "Thu, 04 Dec 2025 16:30:59 +0100" }, { "cves": [], "log": [ "", " * New upstream release", "" ], "package": "xfsprogs", "version": "6.17.0-1", "urgency": "low", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Nathan Scott ", "date": "Mon, 20 Oct 2025 16:48:52 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "xkb-data", "from_version": { "source_package_name": "xkeyboard-config", "source_package_version": "2.42-1ubuntu1", "version": "2.42-1ubuntu1" }, "to_version": { "source_package_name": "xkeyboard-config", "source_package_version": "2.42-1ubuntu2", "version": "2.42-1ubuntu2" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "xkeyboard-config", "version": "2.42-1ubuntu2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Sat, 06 Dec 2025 12:10:32 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "xml-core", "from_version": { "source_package_name": "xml-core", "source_package_version": "0.19", "version": "0.19" }, "to_version": { "source_package_name": "xml-core", "source_package_version": "0.19build1", "version": "0.19build1" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "xml-core", "version": "0.19build1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 15:28:23 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "xxd", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.0967-1ubuntu6", "version": "2:9.1.0967-1ubuntu6" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.1882-1ubuntu1", "version": "2:9.1.1882-1ubuntu1" }, "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2130146 ], "changes": [ { "cves": [ { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" }, { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" } ], "log": [ "", " * Merge with Debian unstable (LP: #2130146). Remaining changes:", " - d/p/0001-fix-flaky-terminal-mode-test.vim:", " Fix flaky Vim terminal mode test", " - d/p/0002-disable-failing-tests-on-ppc64.patch:", " Disable some tests that were throwing an ENOMEM during build on", " ppc64el. The tests are only disabled when building on ppc64el.", " - d/p/0003-skip-test-failing-on-s390x-only.patch:", " Skip test failing on s390x", " - d/p/increase_timeout.diff: Increase timeout for the", " Test_pattern_compile_speed patch.", " - d/p/debian/ubuntu-grub-syntax.patch: Add Ubuntu-specific \"quiet\" keyword.", " - d/runtime/vimrc: \"syntax on\" is a sane default for non-tiny Vim.", " Dropping changes applied in upstream:", " - SECURITY UPDATE: Path traversal when opening specially crafted tar/zip", " archives.", " + d/p/CVE-2025-53905.patch: Replace \"echohl Error\" with call,", " remove leading slashes from name, replace tar_secure with g:tar_secure in", " runtime/autoload/tar.vim.", " + d/p/CVE-2025-53906.patch: Add need_rename, replace w! with w,", " call warning for path traversal attack, and escape leading \"../\" in", " runtime/autoload/zip.vim.", " + CVE-2025-53905", " + CVE-2025-53906", " - SECURITY UPDATE: Data loss when extracting special zip files.", " + d/p/CVE-2025-29768.patch: Substitute special characters in", " ./runtime/autoload/zip.vim.", " + CVE-2025-29768", " - SECURITY UPDATE: Code execution when editing tar files.", " + d/p/CVE-2025-27423.patch: Use escape_file instead of fname in", " ./runtime/autoload/tar.vim.", " + CVE-2025-27423", " - SECURITY UPDATE: Use after free when redirecting display command to", " register.", " + d/p/CVE-2025-26603.patch: Change redir_reg check to use", " vim_strchr command check in ./src/register.c.", " + CVE-2025-26603", " - SECURITY UPDATE: Denial of service.", " + d/p/CVE-2025-24014.patch: fix a segfault in win_line()", " in files src/gui.c, src/testdir/crash/ex_redraw_crash,", " src/testdir/test_crash.vim.", " + CVE-2025-24014", " - SECURITY UPDATE: Crash when file is inaccessible with log option.", " + d/p/CVE-2025-1215.patch: Split common_init to common_init_1", " and common_init_2 in ./src/main.c.", " + CVE-2025-1215", " - SECURITY UPDATE: Heap-buffer-overflow when switching buffers.", " + d/p/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to", " src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.", " + CVE-2025-22134", " Dropping changes applied in Debian:", " - Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", " Dropping changes that are no longer needed in Ubuntu:", " - d/p/ubuntu-mouse-off.patch: Mouse mode is actively harmful in some chroots.", " Dropping since it causes many issues with the test suite", " - d/p/ubuntu-disable-mouse-popup-test.patch: Disable mouse popup test", " Is related to ubuntu-mouse-off.patch", " - d/s/include-binaries: Add heap_overflow3 test file to include-binaries", " Dropping since it was originally added for testdata coming from a security", " update, but now the orig tarball actually contains this testdata", " * d/p/0002-disable-failing-tests-on-ppc64.patch: Skip", " Test_autocmd_SafeState", " * d/p/0003-skip-test-failing-on-s390x-only.patch: Skip", " Test_linematch_diff_grouping and", " Test_diff_overlapped_diff_blocks_will_be_merged", "" ], "package": "vim", "version": "2:9.1.1882-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2130146 ], "author": "Nadzeya Hutsko ", "date": "Fri, 28 Nov 2025 14:26:41 +0100" }, { "cves": [], "log": [ "", " * Merge upstream patch v9.1.1882", " * Build without wayland on hurd", "" ], "package": "vim", "version": "2:9.1.1882-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 27 Oct 2025 20:41:30 -0400" }, { "cves": [], "log": [ "", " * Merge upstream tag v9.1.1845", " + 9.1.1843: Extend searchcount() timeout if the test is being re-run due", " to flakiness, fixes test failure on slower architectures.", "" ], "package": "vim", "version": "2:9.1.1846-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Oct 2025 14:33:33 -0400" }, { "cves": [], "log": [ "", " * Upload to unstable", " * Merge upstream tag v9.1.1829", " * Remove src/LICENSE, src/README.txt, and runtime/doc/tags.ref during clean", " * Skip tests for termdebug, since they currently fail on 32-bit", " architectures", "" ], "package": "vim", "version": "2:9.1.1829-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 06 Oct 2025 14:48:55 -0400" }, { "cves": [ { "cve": "CVE-2025-55157", "url": "https://ubuntu.com/security/CVE-2025-55157", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-55158", "url": "https://ubuntu.com/security/CVE-2025-55158", "cve_description": "Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.", "cve_priority": "medium", "cve_public_date": "2025-08-11 23:15:00 UTC" }, { "cve": "CVE-2025-53906", "url": "https://ubuntu.com/security/CVE-2025-53906", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-53905", "url": "https://ubuntu.com/security/CVE-2025-53905", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-07-15 21:15:00 UTC" }, { "cve": "CVE-2025-9390", "url": "https://ubuntu.com/security/CVE-2025-9390", "cve_description": "A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-08-24 14:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1766 (Closes: #1115819)", " + Security fixes:", " - 9.1.1400: use-after-free when evaluating tuple fails, (Closes:", " #1110898, CVE-2025-55157)", " - 9.1.1406: crash when importing invalid tuple, CVE-2025-55158", " - 9.1.1551: path traversal issue in zip.vim if files have leading '../',", " (Closes: #1109374, CVE-2025-53906)", " - 9.1.1552: path traversal issue in tar.vim if files have leading '/',", " CVE-2025-53905", " - 9.1.1616: xxd: possible buffer overflow with bitwise output,", " CVE-2025-9390", " * Enable socketserver for vim-nox, vim-basic, and vim-gtk3", " * Enable wayland support only for GUI builds", " * Drop obsolete transitional package, vim-athena", "" ], "package": "vim", "version": "2:9.1.1766-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Tue, 23 Sep 2025 21:13:05 -0400" }, { "cves": [], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1385", "", " [ Kirill Rekhov ]", " * d/upstream/metadata: add metadata", " * Fix day-of-week for changelog entries 1:6.3-015+1, 1:6.3-010+1, 4.6-2.", "" ], "package": "vim", "version": "2:9.1.1385-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 15 May 2025 20:28:48 -0400" }, { "cves": [], "log": [ "", " * Backport v9.1.1242 and v9.1.1244 to fix crash when evaluating a variable", " name. (Closes: #1106133)", "" ], "package": "vim", "version": "2:9.1.1230-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Thu, 22 May 2025 20:48:59 -0400" }, { "cves": [ { "cve": "CVE-2025-26603", "url": "https://ubuntu.com/security/CVE-2025-26603", "cve_description": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve_priority": "medium", "cve_public_date": "2025-02-18 19:15:00 UTC" }, { "cve": "CVE-2025-27423", "url": "https://ubuntu.com/security/CVE-2025-27423", "cve_description": "Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the \":read\" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164", "cve_priority": "medium", "cve_public_date": "2025-03-03 17:15:00 UTC" }, { "cve": "CVE-2025-29768", "url": "https://ubuntu.com/security/CVE-2025-29768", "cve_description": "Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.", "cve_priority": "medium", "cve_public_date": "2025-03-13 17:15:00 UTC" } ], "log": [ "", " * Merge upstream tag v9.1.1230", " + Security fixes:", " - 9.1.1115: use-after-free in str_to_reg(), CVE-2025-26603", " - 9.1.1164: editing a specially crafted tar file allows code execution,", " (Closes: #1099610, CVE-2025-27423)", " - 9.1.1198: potential data loss with zip.vim and crafted zip files,", " (Closes: #1101016, CVE-2025-29768)", "" ], "package": "vim", "version": "2:9.1.1230-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Mon, 24 Mar 2025 20:59:06 -0400" }, { "cves": [ { "cve": "CVE-2025-22134", "url": "https://ubuntu.com/security/CVE-2025-22134", "cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003", "cve_priority": "medium", "cve_public_date": "2025-01-13 21:15:00 UTC" }, { "cve": "CVE-2025-24014", "url": "https://ubuntu.com/security/CVE-2025-24014", "cve_description": "Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.", "cve_priority": "medium", "cve_public_date": "2025-01-20 23:15:00 UTC" }, { "cve": "CVE-2025-1215", "url": "https://ubuntu.com/security/CVE-2025-1215", "cve_description": "A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.", "cve_priority": "medium", "cve_public_date": "2025-02-12 19:15:00 UTC" } ], "log": [ "", " [ James McCoy ]", " * Merge upstream tag v9.1.1113", " + Security fixes:", " - 9.1.1003: heap-buffer overflow with visual mode when using :all,", " CVE-2025-22134", " - 9.1.1043: segfault in win_line(), CVE-2025-24014", " - 9.1.1097: crash when using --log with non-existent path, CVE-2025-1215", "", " [ Andrea Pappacoda ]", " * Drop backspace and history from debian.vim (Closes: #1095155)", "" ], "package": "vim", "version": "2:9.1.1113-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Sat, 15 Feb 2025 20:43:27 -0500" }, { "cves": [], "log": [ "", " * Revert \"patch 9.1.0949: popups inconsistently shifted to the left\",", " since it breaks vim-youcompleteme's autopkgtests. (Closes: #1091729)", "" ], "package": "vim", "version": "2:9.1.0967-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "James McCoy ", "date": "Fri, 10 Jan 2025 06:30:59 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "zerofree", "from_version": { "source_package_name": "zerofree", "source_package_version": "1.1.1-1build5", "version": "1.1.1-1build5" }, "to_version": { "source_package_name": "zerofree", "source_package_version": "1.1.1-1build6", "version": "1.1.1-1build6" }, "cves": [], "launchpad_bugs_fixed": [ 2132257 ], "changes": [ { "cves": [], "log": [ "", " * No-change mass rebuild for Ubuntu 26.04 (LP: #2132257)", "" ], "package": "zerofree", "version": "1.1.1-1build6", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2132257 ], "author": "Sebastien Bacher ", "date": "Mon, 01 Dec 2025 15:30:26 +0100" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "libclang-cpp21", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.6-3ubuntu1", "version": "1:21.1.6-3ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Regenerate the control file.", " - Use RVA23U64 profile in clang (LP #2116086).", " - d/rules: Remove i386 from CLANG_GRPC_ARCHS (not built on i386).", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.6-3ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Mon, 01 Dec 2025 12:32:46 +0100" }, { "cves": [], "log": [ "", " * Fix liborc install on hurd-amd64.", " * Also call dh_python for the llvm-X.Y-tools package.", " * libunwind-X.Y-dev: Stop providing libunwind-dev. As updated in the", " package description, the unwinder is incompatible with glibc.", " * d/rules, d/*.{install,links,lintian-overrides}.in: Use a macro LLVM_LIBDIR.", " * Fix one more libclang1 lintian override.", " * Fix one more libc++-21-dev-wasm32 lintian override.", " * Update symbols files from the buildd logs, including i386.", " * Fix syntax for OR-ed build profiles.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.6-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Sun, 30 Nov 2025 08:20:46 +0100" }, { "cves": [], "log": [ "", " [ Samuel Thibault ]", " * Enable compiler-rt and disable liborc on hurd-amd64.", " (Closes: #1121222)", "", " [ Sylvestre Ledru ]", " * Enable sse2 back on i386 (closes: #1116636)", " https://lists.debian.org/debian-devel/2025/01/msg00034.html", " (remove the two patches that we are applying for disable sse2)", " It is now the same as upstream", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.6-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Thibault ", "date": "Sun, 23 Nov 2025 14:28:16 +0100" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false }, { "name": "libicu78", "from_version": { "source_package_name": "icu", "source_package_version": "76.1-4ubuntu2", "version": null }, "to_version": { "source_package_name": "icu", "source_package_version": "78.1-1ubuntu1", "version": "78.1-1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - d/p/disable-precision-fpmath-tests-on-i386.patch: add a patch to disable", " precision checking tests on i386 where an imprecise FPU hardware is used", "" ], "package": "icu", "version": "78.1-1ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Tue, 02 Dec 2025 15:17:38 +0100" }, { "cves": [], "log": [ "", " * New major upstream release.", " * Fix hppa and powerpc self-testing.", "" ], "package": "icu", "version": "78.1-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Fri, 31 Oct 2025 17:20:11 +0100" }, { "cves": [], "log": [ "", " * New major upstream release candidate version.", " * Remove now redundant Rules-Requires-Root value.", "" ], "package": "icu", "version": "78.1~rc-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Wed, 08 Oct 2025 20:11:13 +0200" }, { "cves": [], "log": [ "", " * Fix armel, armhf and x32 self-testing.", "" ], "package": "icu", "version": "77.1-3", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Sat, 23 Aug 2025 08:05:35 +0200" }, { "cves": [], "log": [ "", " * Fix 32 bit self-testing.", "" ], "package": "icu", "version": "77.1-2", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Wed, 20 Aug 2025 12:40:01 +0200" }, { "cves": [], "log": [ "", " * New major upstream release.", " * Update Standards-Version to 4.7.2 .", "" ], "package": "icu", "version": "77.1-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Laszlo Boszormenyi (GCS) ", "date": "Sat, 16 Aug 2025 07:47:20 +0200" } ], "notes": "libicu78 version '78.1-1ubuntu1' (source package icu version '78.1-1ubuntu1') was added. libicu78 version '78.1-1ubuntu1' has the same source package name, icu, as removed package libicu76. As such we can use the source package version of the removed package, '76.1-4ubuntu2', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "libllvm21", "from_version": { "source_package_name": null, "source_package_version": null, "version": null }, "to_version": { "source_package_name": "llvm-toolchain-21", "source_package_version": "1:21.1.6-3ubuntu1", "version": "1:21.1.6-3ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Merge with Debian; remaining changes:", " - Regenerate the control file.", " - Use RVA23U64 profile in clang (LP #2116086).", " - d/rules: Remove i386 from CLANG_GRPC_ARCHS (not built on i386).", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.6-3ubuntu1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Mon, 01 Dec 2025 12:32:46 +0100" }, { "cves": [], "log": [ "", " * Fix liborc install on hurd-amd64.", " * Also call dh_python for the llvm-X.Y-tools package.", " * libunwind-X.Y-dev: Stop providing libunwind-dev. As updated in the", " package description, the unwinder is incompatible with glibc.", " * d/rules, d/*.{install,links,lintian-overrides}.in: Use a macro LLVM_LIBDIR.", " * Fix one more libclang1 lintian override.", " * Fix one more libc++-21-dev-wasm32 lintian override.", " * Update symbols files from the buildd logs, including i386.", " * Fix syntax for OR-ed build profiles.", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.6-3", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Matthias Klose ", "date": "Sun, 30 Nov 2025 08:20:46 +0100" }, { "cves": [], "log": [ "", " [ Samuel Thibault ]", " * Enable compiler-rt and disable liborc on hurd-amd64.", " (Closes: #1121222)", "", " [ Sylvestre Ledru ]", " * Enable sse2 back on i386 (closes: #1116636)", " https://lists.debian.org/debian-devel/2025/01/msg00034.html", " (remove the two patches that we are applying for disable sse2)", " It is now the same as upstream", "" ], "package": "llvm-toolchain-21", "version": "1:21.1.6-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Samuel Thibault ", "date": "Sun, 23 Nov 2025 14:28:16 +0100" } ], "notes": "For a newly added package only the three most recent changelog entries are shown.", "is_version_downgrade": false }, { "name": "linux-headers-6.17.0-8", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": "linux-headers-6.17.0-8 version '6.17.0-8.8' (source package linux version '6.17.0-8.8') was added. linux-headers-6.17.0-8 version '6.17.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-6. As such we can use the source package version of the removed package, '6.17.0-6.6', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-headers-6.17.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": "linux-headers-6.17.0-8-generic version '6.17.0-8.8' (source package linux version '6.17.0-8.8') was added. linux-headers-6.17.0-8-generic version '6.17.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-6. As such we can use the source package version of the removed package, '6.17.0-6.6', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-image-6.17.0-8-generic", "from_version": { "source_package_name": "linux-signed", "source_package_version": "6.17.0-6.6", "version": null }, "to_version": { "source_package_name": "linux-signed", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [], "launchpad_bugs_fixed": [ 1786013, 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 6.17.0-8.8", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 1786013 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 18:18:46 +0100" }, { "cves": [], "log": [ "", " * Main version: 6.17.0-7.7", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-signed", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 1786013 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 10:41:43 +0200" } ], "notes": "linux-image-6.17.0-8-generic version '6.17.0-8.8' (source package linux-signed version '6.17.0-8.8') was added. linux-image-6.17.0-8-generic version '6.17.0-8.8' has the same source package name, linux-signed, as removed package linux-image-6.17.0-6-generic. As such we can use the source package version of the removed package, '6.17.0-6.6', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-modules-6.17.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": "linux-modules-6.17.0-8-generic version '6.17.0-8.8' (source package linux version '6.17.0-8.8') was added. linux-modules-6.17.0-8-generic version '6.17.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-6. As such we can use the source package version of the removed package, '6.17.0-6.6', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-tools-6.17.0-8", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": "linux-tools-6.17.0-8 version '6.17.0-8.8' (source package linux version '6.17.0-8.8') was added. linux-tools-6.17.0-8 version '6.17.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-6. As such we can use the source package version of the removed package, '6.17.0-6.6', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-tools-6.17.0-8-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "6.17.0-8.8", "version": "6.17.0-8.8" }, "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770, 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40018", "url": "https://ubuntu.com/security/CVE-2025-40018", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flushed, leading to a use-after-free. Fix this by introducing a global `exiting_module` flag, set to true in ip_vs_ftp_exit() before unregistering the pernet subsystem. In __ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns cleanup (when exiting_module is false) and defer it to __ip_vs_cleanup_batch(), which unregisters all apps after all connections are flushed. If called during module exit, unregister ip_vs_ftp immediately.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" } ], "log": [ "", " * questing/linux: 6.17.0-8.8 -proposed tracker (LP: #2131554)", "", " * crash when reading from /sys/kernel/tracing/rv/enabled_monitors", " (LP: #2131136)", " - rv: Fully convert enabled_monitors to use list_head as iterator", "", " * i40e driver is triggering VF resets on every link state change", " (LP: #2130552)", " - i40e: avoid redundant VF link state updates", "", " * kernel crash on bootup for some arm64 machines (LP: #2129770)", " - KVM: arm64: Guard PMSCR_EL1 initialization with SPE presence check", "", " * CVE-2025-40018", " - ipvs: Defer ip_vs_ftp unregister during netns cleanup", "" ], "package": "linux", "version": "6.17.0-8.8", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2131554, 2131136, 2130552, 2129770 ], "author": "Manuel Diewald ", "date": "Fri, 14 Nov 2025 17:53:03 +0100" }, { "cves": [], "log": [ "", " * questing/linux: 6.17.0-7.7 -proposed tracker (LP: #2128695)", "", " * Fix incorrect bug number for CONFIG_KERNEL_ZSTD (LP: #2127676)", " - [Config] Fix bug note for CONFIG_KERNEL_ZSTD", "", " * support Panter Lake CPU performance preferences (LP: #2127187)", " - thermal: intel: int340x: Add support for power slider", " - thermal: intel: int340x: Enable power slider interface for Panther Lake", " - thermal: intel: int340x: Add module parameter for balanced Slider", " - thermal: intel: int340x: Add module parameter to change slider offset", " - thermal: intel: int340x: Power Slider: Validate slider_balance range", "", " * [SRU][Q/P/N:hwe-6.14] mt7925: Add MBSS support (LP: #2119479)", " - wifi: mt76: mt7925: add MBSSID support", "", " * Plucky preinstalled server fails to boot on rb3gen2 (LP: #2106681) //", " Questing preinstalled server fails to boot on sa8775p boards", " (LP: #2121347)", " - [Config] move more qcom interconnect/pinctrl/gcc options to builtin", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update Ubuntu.md", "", " * r8169 can not wake on LAN via SFP moudule (LP: #2123901)", " - r8169: set EEE speed down ratio to 1", "", " * System hangs when running the memory stress test (LP: #2103680)", " - mm: page_alloc: avoid kswapd thrashing due to NUMA restrictions", "", " * Questing update: v6.17.2 upstream stable release (LP: #2128209)", " - drm/amdgpu: Enable MES lr_compute_wa by default", " - USB: serial: option: add SIMCom 8230C compositions", " - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1", " - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188", " - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188", " - rust: drm: fix `srctree/` links", " - rust: block: fix `srctree/` links", " - rust: pci: fix incorrect platform reference in PCI driver probe doc", " comment", " - rust: pci: fix incorrect platform reference in PCI driver unbind doc", " comment", " - serial: qcom-geni: Fix blocked task", " - nvmem: layouts: fix automatic module loading", " - drivers/misc/amd-sbi/Kconfig: select REGMAP_I2C", " - binder: fix double-free in dbitmap", " - serial: stm32: allow selecting console when the driver is module", " - [Config] stm32: do not select console when driver is module", " - staging: axis-fifo: fix maximum TX packet length check", " - staging: axis-fifo: fix TX handling on copy_from_user() failure", " - staging: axis-fifo: flush RX FIFO on read errors", " - driver core: faux: Set power.no_pm for faux devices", " - driver core/PM: Set power.no_callbacks along with power.no_pm", " - Revert \"crypto: testmgr - desupport SHA-1 for FIPS 140\"", " - crypto: zstd - Fix compression bug caused by truncation", " - crypto: rng - Ensure set_ent is always present", " - net/9p: fix double req put in p9_fd_cancelled", " - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O", " - f2fs: fix to do sanity check on node footer for non inode dnode", " - ring buffer: Propagate __rb_map_vma return value to caller", " - Linux 6.17.2", "" ], "package": "linux", "version": "6.17.0-7.7", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2128695, 2127676, 2127187, 2119479, 2106681, 2121347, 1786013, 2123901, 2103680, 2128209 ], "author": "Edoardo Canepa ", "date": "Sat, 18 Oct 2025 08:01:45 +0200" } ], "notes": "linux-tools-6.17.0-8-generic version '6.17.0-8.8' (source package linux version '6.17.0-8.8') was added. linux-tools-6.17.0-8-generic version '6.17.0-8.8' has the same source package name, linux, as removed package linux-headers-6.17.0-6. As such we can use the source package version of the removed package, '6.17.0-6.6', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [ { "name": "libclang-cpp20", "from_version": { "source_package_name": "llvm-toolchain-20", "source_package_version": "1:20.1.8-0ubuntu6", "version": "1:20.1.8-0ubuntu6" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "libicu76", "from_version": { "source_package_name": "icu", "source_package_version": "76.1-4ubuntu2", "version": "76.1-4ubuntu2" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-6.17.0-6", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-6.17.0-6-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-6.17.0-6-generic", "from_version": { "source_package_name": "linux-signed", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-modules-6.17.0-6-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-6.17.0-6", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-6.17.0-6-generic", "from_version": { "source_package_name": "linux", "source_package_version": "6.17.0-6.6", "version": "6.17.0-6.6" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "notes": "Changelog diff for Ubuntu 26.04 resolute image from daily image serial 20251202 to 20251216", "from_series": "resolute", "to_series": "resolute", "from_serial": "20251202", "to_serial": "20251216", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }