{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "cloud-init", "kpartx", "libc-bin", "libc6", "python3-idna", "python3-jinja2", "ubuntu-advantage-tools", "ubuntu-pro-client", "ubuntu-pro-client-l10n", "xxd" ] } }, "diff": { "deb": [ { "name": "cloud-init", "from_version": { "source_package_name": "cloud-init", "source_package_version": "24.1.3-0ubuntu1~20.04.1", "version": "24.1.3-0ubuntu1~20.04.1" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "24.1.3-0ubuntu1~20.04.4", "version": "24.1.3-0ubuntu1~20.04.4" }, "cves": [], "launchpad_bugs_fixed": [ 2064132, 2064300, 2064132 ], "changes": [ { "cves": [], "log": [ "", " * cherry-pick 51c6569f: fix(snapd): ubuntu do not snap refresh when", " snap absent (LP: #2064132)", " - fix in 24.1.3-0ubuntu1~20.04.2 did not handle package_upgrade case", "" ], "package": "cloud-init", "version": "24.1.3-0ubuntu1~20.04.4", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2064132 ], "author": "Chad Smith ", "date": "Fri, 03 May 2024 15:38:58 -0600" }, { "cves": [], "log": [ "", " * d/p/cli-retain-file-argument-as-main-cmd-arg.patch: retain ability to", " provide -f or --file on the command line before cloud-init subcommands", " init, modules or single (LP: #2064300)", "" ], "package": "cloud-init", "version": "24.1.3-0ubuntu1~20.04.3", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2064300 ], "author": "Chad Smith ", "date": "Tue, 30 Apr 2024 15:49:35 -0600" }, { "cves": [], "log": [ "", " * cherry-pick a6f7577d: bug(package_update): avoid snap refresh in", " images without (LP: #2064132)", "" ], "package": "cloud-init", "version": "24.1.3-0ubuntu1~20.04.2", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2064132 ], "author": "Chad Smith ", "date": "Mon, 29 Apr 2024 10:02:56 -0600" } ], "notes": null }, { "name": "kpartx", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.8.3-1ubuntu2.3", "version": "0.8.3-1ubuntu2.3" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.8.3-1ubuntu2.4", "version": "0.8.3-1ubuntu2.4" }, "cves": [], "launchpad_bugs_fixed": [ 2064201 ], "changes": [ { "cves": [], "log": [ "", " * Use Debian-specific partx path in kpartx rule (LP: #2064201)", " - d/p/lp2064201-kpartx-rules-use-Debian-specific-partx-path.patch", "" ], "package": "multipath-tools", "version": "0.8.3-1ubuntu2.4", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2064201 ], "author": "Chengen Du ", "date": "Tue, 30 Apr 2024 07:49:10 +0000" } ], "notes": null }, { "name": "libc-bin", "from_version": { "source_package_name": "glibc", "source_package_version": "2.31-0ubuntu9.15", "version": "2.31-0ubuntu9.15" }, "to_version": { "source_package_name": "glibc", "source_package_version": "2.31-0ubuntu9.16", "version": "2.31-0ubuntu9.16" }, "cves": [ { "cve": "CVE-2024-33599", "url": "https://ubuntu.com/security/CVE-2024-33599", "cve_description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33600", "url": "https://ubuntu.com/security/CVE-2024-33600", "cve_description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33601", "url": "https://ubuntu.com/security/CVE-2024-33601", "cve_description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33602", "url": "https://ubuntu.com/security/CVE-2024-33602", "cve_description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-33599", "url": "https://ubuntu.com/security/CVE-2024-33599", "cve_description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33600", "url": "https://ubuntu.com/security/CVE-2024-33600", "cve_description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33601", "url": "https://ubuntu.com/security/CVE-2024-33601", "cve_description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33602", "url": "https://ubuntu.com/security/CVE-2024-33602", "cve_description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Stack-based buffer overflow", " - debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-", " based buffer overflow in netgroup cache.", " - CVE-2024-33599", " * SECURITY UPDATE: Null pointer", " - debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid", " null pointer crashes after notfound response.", " - debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do", " not send missing not-found response in addgetnetgrentX.", " - CVE-2024-33600", " * SECURITY UPDATE: Memory corruption", " - debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-", " 2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.", " - CVE-2024-33601", " - CVE-2024-33602", "" ], "package": "glibc", "version": "2.31-0ubuntu9.16", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Paulo Flabiano Smorigo ", "date": "Tue, 30 Apr 2024 15:20:18 -0300" } ], "notes": null }, { "name": "libc6", "from_version": { "source_package_name": "glibc", "source_package_version": "2.31-0ubuntu9.15", "version": "2.31-0ubuntu9.15" }, "to_version": { "source_package_name": "glibc", "source_package_version": "2.31-0ubuntu9.16", "version": "2.31-0ubuntu9.16" }, "cves": [ { "cve": "CVE-2024-33599", "url": "https://ubuntu.com/security/CVE-2024-33599", "cve_description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33600", "url": "https://ubuntu.com/security/CVE-2024-33600", "cve_description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33601", "url": "https://ubuntu.com/security/CVE-2024-33601", "cve_description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33602", "url": "https://ubuntu.com/security/CVE-2024-33602", "cve_description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-33599", "url": "https://ubuntu.com/security/CVE-2024-33599", "cve_description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33600", "url": "https://ubuntu.com/security/CVE-2024-33600", "cve_description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33601", "url": "https://ubuntu.com/security/CVE-2024-33601", "cve_description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33602", "url": "https://ubuntu.com/security/CVE-2024-33602", "cve_description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Stack-based buffer overflow", " - debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-", " based buffer overflow in netgroup cache.", " - CVE-2024-33599", " * SECURITY UPDATE: Null pointer", " - debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid", " null pointer crashes after notfound response.", " - debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do", " not send missing not-found response in addgetnetgrentX.", " - CVE-2024-33600", " * SECURITY UPDATE: Memory corruption", " - debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-", " 2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.", " - CVE-2024-33601", " - CVE-2024-33602", "" ], "package": "glibc", "version": "2.31-0ubuntu9.16", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Paulo Flabiano Smorigo ", "date": "Tue, 30 Apr 2024 15:20:18 -0300" } ], "notes": null }, { "name": "python3-idna", "from_version": { "source_package_name": "python-idna", "source_package_version": "2.8-1", "version": "2.8-1" }, "to_version": { "source_package_name": "python-idna", "source_package_version": "2.8-1ubuntu0.1", "version": "2.8-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2024-3651", "url": "https://ubuntu.com/security/CVE-2024-3651", "cve_description": "[potential DoS via resource consumption via specially crafted inputs to idna.encode()]", "cve_priority": "medium", "cve_public_date": "2024-04-23" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-3651", "url": "https://ubuntu.com/security/CVE-2024-3651", "cve_description": "[potential DoS via resource consumption via specially crafted inputs to idna.encode()]", "cve_priority": "medium", "cve_public_date": "2024-04-23" } ], "log": [ "", " * SECURITY UPDATE: resource exhaustion", " - debian/patches/CVE-2024-3651.patch: checks input before processing", " - CVE-2024-3651 ", "" ], "package": "python-idna", "version": "2.8-1ubuntu0.1", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Jorge Sancho Larraz ", "date": "Fri, 10 May 2024 11:13:36 +0200" } ], "notes": null }, { "name": "python3-jinja2", "from_version": { "source_package_name": "jinja2", "source_package_version": "2.10.1-2ubuntu0.2", "version": "2.10.1-2ubuntu0.2" }, "to_version": { "source_package_name": "jinja2", "source_package_version": "2.10.1-2ubuntu0.3", "version": "2.10.1-2ubuntu0.3" }, "cves": [ { "cve": "CVE-2024-34064", "url": "https://ubuntu.com/security/CVE-2024-34064", "cve_description": "Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4.", "cve_priority": "medium", "cve_public_date": "2024-05-06 15:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-34064", "url": "https://ubuntu.com/security/CVE-2024-34064", "cve_description": "Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4.", "cve_priority": "medium", "cve_public_date": "2024-05-06 15:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Cross-Site scripting in xmlattr filter", " - debian/patches/CVE-2024-34064.patch: disallow invalid characters ", " in keys to xmlattr filter", " - CVE-2024-34064", "" ], "package": "jinja2", "version": "2.10.1-2ubuntu0.3", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Nick Galanis ", "date": "Tue, 21 May 2024 09:35:36 +0100" } ], "notes": null }, { "name": "ubuntu-advantage-tools", "from_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2.3~20.04", "version": "31.2.3~20.04" }, "to_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "32.3~20.04", "version": "32.3~20.04" }, "cves": [], "launchpad_bugs_fixed": [ 2060732, 2067319, 2066929, 2065573, 2065616, 2060732, 2033313, 2031192 ], "changes": [ { "cves": [], "log": [ "", " * Backport 32.3 to focal (LP: #2060732)", "" ], "package": "ubuntu-advantage-tools", "version": "32.3~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2060732 ], "author": "Renan Rodrigo ", "date": "Tue, 28 May 2024 15:15:39 -0300" }, { "cves": [], "log": [ "", " * d/apparmor: adjust the profiles to account for usr-merge consequences", " (LP: #2067319)", "" ], "package": "ubuntu-advantage-tools", "version": "32.3", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2067319 ], "author": "Renan Rodrigo ", "date": "Tue, 28 May 2024 14:43:12 -0300" }, { "cves": [], "log": [ "", " * d/apparmor: adjust rules for violations found during testing (LP: #2066929)", "" ], "package": "ubuntu-advantage-tools", "version": "32.2", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2066929 ], "author": "Grant Orndorff ", "date": "Thu, 23 May 2024 10:47:11 -0500" }, { "cves": [], "log": [ "", " * d/apparmor: allow access for /etc/os-release on all supported", " profiles (LP: #2065573)", " * apport: get path for timer job status from the correct place (LP: #2065616)", "" ], "package": "ubuntu-advantage-tools", "version": "32.1", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2065573, 2065616 ], "author": "Lucas Moura ", "date": "Tue, 14 May 2024 11:22:35 +0200" }, { "cves": [], "log": [ "", " * d/postinst: ensure migrations happen in correct package postinst (GH: #2982)", " * d/apparmor: introduce new ubuntu_pro_esm_cache apparmor policy", " * New upstream release 32 (LP: #2060732)", " - api:", " + u.pro.attach.token.full_token_attach.v1: add support for attach", " with token", " + u.pro.services.disable.v1: add support for disable operation", " + u.pro.services.enable.v1: add support for enable operation", " + u.pro.detach.v1: add support for detach operation", " + u.pro.status.is_attached.v1: add extra fields to API response", " + u.pro.services.dependencies.v1: add support for service dependencies", " + u.pro.security.fix.*.plan.v1: update ESM cache during plan API", " if needed", " - apt_news: add architectures and packages selectors filters for apt news", " - cli:", " + improved cli/log message for unexpected errors (GH: #2600)", " + properly handle setting empty config values (GH: #2925)", " - cloud-init: support ubuntu_pro user-data", " - collect-logs: update default output file to pro_logs.tar.gz (LP: #2033313)", " - config: create public and private config (GH: #2809)", " - entitlements:", " + update logic that checks if a service is enabled (LP: #2031192)", " - fips: warn/confirm with user if enabling fips downgrades the kernel", " - fix: warn users if ESM cache cannot be updated (GH: #2841)", " - logging:", " + use journald logging for all systemd services", " + add redundancy to secret redaction", " - messaging:", " + add consistent messaging for end of contract state", " + make explicit that unattached enable/disable is a noop (GH: #2487)", " + make explicit that disabling a disabled service is a noop", " + make explicit that enabling an enabled service is a noop", " - notices: filter unreadable notices when listing notices (GH: #2898)", "" ], "package": "ubuntu-advantage-tools", "version": "32", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2060732, 2033313, 2031192 ], "author": "Lucas Moura ", "date": "Tue, 09 Apr 2024 17:33:36 -0300" } ], "notes": null }, { "name": "ubuntu-pro-client", "from_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2.3~20.04", "version": "31.2.3~20.04" }, "to_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "32.3~20.04", "version": "32.3~20.04" }, "cves": [], "launchpad_bugs_fixed": [ 2060732, 2067319, 2066929, 2065573, 2065616, 2060732, 2033313, 2031192 ], "changes": [ { "cves": [], "log": [ "", " * Backport 32.3 to focal (LP: #2060732)", "" ], "package": "ubuntu-advantage-tools", "version": "32.3~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2060732 ], "author": "Renan Rodrigo ", "date": "Tue, 28 May 2024 15:15:39 -0300" }, { "cves": [], "log": [ "", " * d/apparmor: adjust the profiles to account for usr-merge consequences", " (LP: #2067319)", "" ], "package": "ubuntu-advantage-tools", "version": "32.3", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2067319 ], "author": "Renan Rodrigo ", "date": "Tue, 28 May 2024 14:43:12 -0300" }, { "cves": [], "log": [ "", " * d/apparmor: adjust rules for violations found during testing (LP: #2066929)", "" ], "package": "ubuntu-advantage-tools", "version": "32.2", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2066929 ], "author": "Grant Orndorff ", "date": "Thu, 23 May 2024 10:47:11 -0500" }, { "cves": [], "log": [ "", " * d/apparmor: allow access for /etc/os-release on all supported", " profiles (LP: #2065573)", " * apport: get path for timer job status from the correct place (LP: #2065616)", "" ], "package": "ubuntu-advantage-tools", "version": "32.1", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2065573, 2065616 ], "author": "Lucas Moura ", "date": "Tue, 14 May 2024 11:22:35 +0200" }, { "cves": [], "log": [ "", " * d/postinst: ensure migrations happen in correct package postinst (GH: #2982)", " * d/apparmor: introduce new ubuntu_pro_esm_cache apparmor policy", " * New upstream release 32 (LP: #2060732)", " - api:", " + u.pro.attach.token.full_token_attach.v1: add support for attach", " with token", " + u.pro.services.disable.v1: add support for disable operation", " + u.pro.services.enable.v1: add support for enable operation", " + u.pro.detach.v1: add support for detach operation", " + u.pro.status.is_attached.v1: add extra fields to API response", " + u.pro.services.dependencies.v1: add support for service dependencies", " + u.pro.security.fix.*.plan.v1: update ESM cache during plan API", " if needed", " - apt_news: add architectures and packages selectors filters for apt news", " - cli:", " + improved cli/log message for unexpected errors (GH: #2600)", " + properly handle setting empty config values (GH: #2925)", " - cloud-init: support ubuntu_pro user-data", " - collect-logs: update default output file to pro_logs.tar.gz (LP: #2033313)", " - config: create public and private config (GH: #2809)", " - entitlements:", " + update logic that checks if a service is enabled (LP: #2031192)", " - fips: warn/confirm with user if enabling fips downgrades the kernel", " - fix: warn users if ESM cache cannot be updated (GH: #2841)", " - logging:", " + use journald logging for all systemd services", " + add redundancy to secret redaction", " - messaging:", " + add consistent messaging for end of contract state", " + make explicit that unattached enable/disable is a noop (GH: #2487)", " + make explicit that disabling a disabled service is a noop", " + make explicit that enabling an enabled service is a noop", " - notices: filter unreadable notices when listing notices (GH: #2898)", "" ], "package": "ubuntu-advantage-tools", "version": "32", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2060732, 2033313, 2031192 ], "author": "Lucas Moura ", "date": "Tue, 09 Apr 2024 17:33:36 -0300" } ], "notes": null }, { "name": "ubuntu-pro-client-l10n", "from_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2.3~20.04", "version": "31.2.3~20.04" }, "to_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "32.3~20.04", "version": "32.3~20.04" }, "cves": [], "launchpad_bugs_fixed": [ 2060732, 2067319, 2066929, 2065573, 2065616, 2060732, 2033313, 2031192 ], "changes": [ { "cves": [], "log": [ "", " * Backport 32.3 to focal (LP: #2060732)", "" ], "package": "ubuntu-advantage-tools", "version": "32.3~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2060732 ], "author": "Renan Rodrigo ", "date": "Tue, 28 May 2024 15:15:39 -0300" }, { "cves": [], "log": [ "", " * d/apparmor: adjust the profiles to account for usr-merge consequences", " (LP: #2067319)", "" ], "package": "ubuntu-advantage-tools", "version": "32.3", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2067319 ], "author": "Renan Rodrigo ", "date": "Tue, 28 May 2024 14:43:12 -0300" }, { "cves": [], "log": [ "", " * d/apparmor: adjust rules for violations found during testing (LP: #2066929)", "" ], "package": "ubuntu-advantage-tools", "version": "32.2", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2066929 ], "author": "Grant Orndorff ", "date": "Thu, 23 May 2024 10:47:11 -0500" }, { "cves": [], "log": [ "", " * d/apparmor: allow access for /etc/os-release on all supported", " profiles (LP: #2065573)", " * apport: get path for timer job status from the correct place (LP: #2065616)", "" ], "package": "ubuntu-advantage-tools", "version": "32.1", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2065573, 2065616 ], "author": "Lucas Moura ", "date": "Tue, 14 May 2024 11:22:35 +0200" }, { "cves": [], "log": [ "", " * d/postinst: ensure migrations happen in correct package postinst (GH: #2982)", " * d/apparmor: introduce new ubuntu_pro_esm_cache apparmor policy", " * New upstream release 32 (LP: #2060732)", " - api:", " + u.pro.attach.token.full_token_attach.v1: add support for attach", " with token", " + u.pro.services.disable.v1: add support for disable operation", " + u.pro.services.enable.v1: add support for enable operation", " + u.pro.detach.v1: add support for detach operation", " + u.pro.status.is_attached.v1: add extra fields to API response", " + u.pro.services.dependencies.v1: add support for service dependencies", " + u.pro.security.fix.*.plan.v1: update ESM cache during plan API", " if needed", " - apt_news: add architectures and packages selectors filters for apt news", " - cli:", " + improved cli/log message for unexpected errors (GH: #2600)", " + properly handle setting empty config values (GH: #2925)", " - cloud-init: support ubuntu_pro user-data", " - collect-logs: update default output file to pro_logs.tar.gz (LP: #2033313)", " - config: create public and private config (GH: #2809)", " - entitlements:", " + update logic that checks if a service is enabled (LP: #2031192)", " - fips: warn/confirm with user if enabling fips downgrades the kernel", " - fix: warn users if ESM cache cannot be updated (GH: #2841)", " - logging:", " + use journald logging for all systemd services", " + add redundancy to secret redaction", " - messaging:", " + add consistent messaging for end of contract state", " + make explicit that unattached enable/disable is a noop (GH: #2487)", " + make explicit that disabling a disabled service is a noop", " + make explicit that enabling an enabled service is a noop", " - notices: filter unreadable notices when listing notices (GH: #2898)", "" ], "package": "ubuntu-advantage-tools", "version": "32", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2060732, 2033313, 2031192 ], "author": "Lucas Moura ", "date": "Tue, 09 Apr 2024 17:33:36 -0300" } ], "notes": null }, { "name": "xxd", "from_version": { "source_package_name": "vim", "source_package_version": "2:8.1.2269-1ubuntu5.22", "version": "2:8.1.2269-1ubuntu5.22" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:8.1.2269-1ubuntu5.23", "version": "2:8.1.2269-1ubuntu5.23" }, "cves": [], "launchpad_bugs_fixed": [ 2064687 ], "changes": [ { "cves": [], "log": [ "", " * Ensure Ubuntu codenames are current (LP: #2064687).", "" ], "package": "vim", "version": "2:8.1.2269-1ubuntu5.23", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2064687 ], "author": "Simon Quigley ", "date": "Thu, 02 May 2024 21:36:35 -0500" } ], "notes": null } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 20.04 focal image from release image serial 20240514 to 20240606", "from_series": "focal", "to_series": "focal", "from_serial": "20240514", "to_serial": "20240606", "from_manifest_filename": "release_manifest.previous", "to_manifest_filename": "manifest.current" }