{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "intel-microcode", "libc-bin", "libc6", "python3-cryptography", "python3-jinja2", "ubuntu-pro-client" ] } }, "diff": { "deb": [ { "name": "intel-microcode", "from_version": { "source_package_name": "intel-microcode", "source_package_version": "3.20240312.1build1", "version": "3.20240312.1build1" }, "to_version": { "source_package_name": "intel-microcode", "source_package_version": "3.20240514.0ubuntu0.24.04.1", "version": "3.20240514.0ubuntu0.24.04.1" }, "cves": [ { "cve": "CVE-2023-45733", "url": "https://ubuntu.com/security/CVE-2023-45733", "cve_description": "Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access.", "cve_priority": "medium", "cve_public_date": "2024-05-16 21:15:00 UTC" }, { "cve": "CVE-2023-46103", "url": "https://ubuntu.com/security/CVE-2023-46103", "cve_description": "Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.", "cve_priority": "medium", "cve_public_date": "2024-05-16 21:15:00 UTC" }, { "cve": "CVE-2023-45745", "url": "https://ubuntu.com/security/CVE-2023-45745", "cve_description": "Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.", "cve_priority": "medium", "cve_public_date": "2024-05-16 21:15:00 UTC" }, { "cve": "CVE-2023-47855", "url": "https://ubuntu.com/security/CVE-2023-47855", "cve_description": "Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.", "cve_priority": "medium", "cve_public_date": "2024-05-16 21:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2023-45733", "url": "https://ubuntu.com/security/CVE-2023-45733", "cve_description": "Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access.", "cve_priority": "medium", "cve_public_date": "2024-05-16 21:15:00 UTC" }, { "cve": "CVE-2023-46103", "url": "https://ubuntu.com/security/CVE-2023-46103", "cve_description": "Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access.", "cve_priority": "medium", "cve_public_date": "2024-05-16 21:15:00 UTC" }, { "cve": "CVE-2023-45745", "url": "https://ubuntu.com/security/CVE-2023-45745", "cve_description": "Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.", "cve_priority": "medium", "cve_public_date": "2024-05-16 21:15:00 UTC" }, { "cve": "CVE-2023-47855", "url": "https://ubuntu.com/security/CVE-2023-47855", "cve_description": "Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.", "cve_priority": "medium", "cve_public_date": "2024-05-16 21:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: New upstream microcode datafile 20240514", " - Updated microcodes:", " sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400", " sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632", " sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400", " sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632", " sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400", " sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632", " sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632", " sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400", " sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632", " sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256", " sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256", " sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208", " sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808", " sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208", " sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040", " sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240", " sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256", " sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256", " sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960", " sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960", " - CVE-2023-45733 (INTEL-SA-01051)", " - CVE-2023-46103 (INTEL-SA-01052)", " - CVE-2023-45745 (INTEL-SA-01036)", " - CVE-2023-47855 (INTEL-SA-01036)", " * source: update symlinks to reflect id of the latest release, 20240514 ", "" ], "package": "intel-microcode", "version": "3.20240514.0ubuntu0.24.04.1", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Alex Murray ", "date": "Wed, 15 May 2024 13:27:08 +0930" } ], "notes": null }, { "name": "libc-bin", "from_version": { "source_package_name": "glibc", "source_package_version": "2.39-0ubuntu8.1", "version": "2.39-0ubuntu8.1" }, "to_version": { "source_package_name": "glibc", "source_package_version": "2.39-0ubuntu8.2", "version": "2.39-0ubuntu8.2" }, "cves": [ { "cve": "CVE-2024-33599", "url": "https://ubuntu.com/security/CVE-2024-33599", "cve_description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33600", "url": "https://ubuntu.com/security/CVE-2024-33600", "cve_description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33601", "url": "https://ubuntu.com/security/CVE-2024-33601", "cve_description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33602", "url": "https://ubuntu.com/security/CVE-2024-33602", "cve_description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-33599", "url": "https://ubuntu.com/security/CVE-2024-33599", "cve_description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33600", "url": "https://ubuntu.com/security/CVE-2024-33600", "cve_description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33601", "url": "https://ubuntu.com/security/CVE-2024-33601", "cve_description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33602", "url": "https://ubuntu.com/security/CVE-2024-33602", "cve_description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Stack-based buffer overflow", " - debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-", " based buffer overflow in netgroup cache.", " - CVE-2024-33599", " * SECURITY UPDATE: Null pointer", " - debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid", " null pointer crashes after notfound response.", " - debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do", " not send missing not-found response in addgetnetgrentX.", " - CVE-2024-33600", " * SECURITY UPDATE: Memory corruption", " - debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-", " 2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.", " - CVE-2024-33601", " - CVE-2024-33602", "" ], "package": "glibc", "version": "2.39-0ubuntu8.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Paulo Flabiano Smorigo ", "date": "Tue, 30 Apr 2024 15:02:13 -0300" } ], "notes": null }, { "name": "libc6", "from_version": { "source_package_name": "glibc", "source_package_version": "2.39-0ubuntu8.1", "version": "2.39-0ubuntu8.1" }, "to_version": { "source_package_name": "glibc", "source_package_version": "2.39-0ubuntu8.2", "version": "2.39-0ubuntu8.2" }, "cves": [ { "cve": "CVE-2024-33599", "url": "https://ubuntu.com/security/CVE-2024-33599", "cve_description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33600", "url": "https://ubuntu.com/security/CVE-2024-33600", "cve_description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33601", "url": "https://ubuntu.com/security/CVE-2024-33601", "cve_description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33602", "url": "https://ubuntu.com/security/CVE-2024-33602", "cve_description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-33599", "url": "https://ubuntu.com/security/CVE-2024-33599", "cve_description": "nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33600", "url": "https://ubuntu.com/security/CVE-2024-33600", "cve_description": "nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33601", "url": "https://ubuntu.com/security/CVE-2024-33601", "cve_description": "nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" }, { "cve": "CVE-2024-33602", "url": "https://ubuntu.com/security/CVE-2024-33602", "cve_description": "nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.", "cve_priority": "medium", "cve_public_date": "2024-05-06 20:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Stack-based buffer overflow", " - debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-", " based buffer overflow in netgroup cache.", " - CVE-2024-33599", " * SECURITY UPDATE: Null pointer", " - debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid", " null pointer crashes after notfound response.", " - debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do", " not send missing not-found response in addgetnetgrentX.", " - CVE-2024-33600", " * SECURITY UPDATE: Memory corruption", " - debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-", " 2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.", " - CVE-2024-33601", " - CVE-2024-33602", "" ], "package": "glibc", "version": "2.39-0ubuntu8.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Paulo Flabiano Smorigo ", "date": "Tue, 30 Apr 2024 15:02:13 -0300" } ], "notes": null }, { "name": "python3-cryptography", "from_version": { "source_package_name": "python-cryptography", "source_package_version": "41.0.7-4build3", "version": "41.0.7-4build3" }, "to_version": { "source_package_name": "python-cryptography", "source_package_version": "41.0.7-4ubuntu0.1", "version": "41.0.7-4ubuntu0.1" }, "cves": [ { "cve": "CVE-2024-26130", "url": "https://ubuntu.com/security/CVE-2024-26130", "cve_description": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.", "cve_priority": "medium", "cve_public_date": "2024-02-21 17:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-26130", "url": "https://ubuntu.com/security/CVE-2024-26130", "cve_description": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.", "cve_priority": "medium", "cve_public_date": "2024-02-21 17:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: null pointer dereference", " - debian/patches/CVE-2024-26130.patch: null check before dereference", " - CVE-2024-26130", "" ], "package": "python-cryptography", "version": "41.0.7-4ubuntu0.1", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Jorge Sancho Larraz ", "date": "Mon, 27 May 2024 09:18:06 +0200" } ], "notes": null }, { "name": "python3-jinja2", "from_version": { "source_package_name": "jinja2", "source_package_version": "3.1.2-1ubuntu1", "version": "3.1.2-1ubuntu1" }, "to_version": { "source_package_name": "jinja2", "source_package_version": "3.1.2-1ubuntu1.1", "version": "3.1.2-1ubuntu1.1" }, "cves": [ { "cve": "CVE-2024-34064", "url": "https://ubuntu.com/security/CVE-2024-34064", "cve_description": "Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4.", "cve_priority": "medium", "cve_public_date": "2024-05-06 15:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-34064", "url": "https://ubuntu.com/security/CVE-2024-34064", "cve_description": "Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4.", "cve_priority": "medium", "cve_public_date": "2024-05-06 15:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Cross-Site scripting in xmlattr filter", " - debian/patches/CVE-2024-34064.patch: disallow invalid characters ", " in keys to xmlattr filter", " - CVE-2024-34064", "" ], "package": "jinja2", "version": "3.1.2-1ubuntu1.1", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Nick Galanis ", "date": "Tue, 21 May 2024 15:32:08 +0100" } ], "notes": null }, { "name": "ubuntu-pro-client", "from_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2.3", "version": "31.2.3" }, "to_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "32.3~24.04", "version": "32.3~24.04" }, "cves": [], "launchpad_bugs_fixed": [ 2060732, 2067319, 2066929, 2065573, 2065616, 2060732, 2033313, 2031192 ], "changes": [ { "cves": [], "log": [ "", " * Backport 32.3 to noble (LP: #2060732)", "" ], "package": "ubuntu-advantage-tools", "version": "32.3~24.04", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2060732 ], "author": "Renan Rodrigo ", "date": "Tue, 28 May 2024 15:15:48 -0300" }, { "cves": [], "log": [ "", " * d/apparmor: adjust the profiles to account for usr-merge consequences", " (LP: #2067319)", "" ], "package": "ubuntu-advantage-tools", "version": "32.3", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2067319 ], "author": "Renan Rodrigo ", "date": "Tue, 28 May 2024 14:43:12 -0300" }, { "cves": [], "log": [ "", " * d/apparmor: adjust rules for violations found during testing (LP: #2066929)", "" ], "package": "ubuntu-advantage-tools", "version": "32.2", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2066929 ], "author": "Grant Orndorff ", "date": "Thu, 23 May 2024 10:47:11 -0500" }, { "cves": [], "log": [ "", " * d/apparmor: allow access for /etc/os-release on all supported", " profiles (LP: #2065573)", " * apport: get path for timer job status from the correct place (LP: #2065616)", "" ], "package": "ubuntu-advantage-tools", "version": "32.1", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2065573, 2065616 ], "author": "Lucas Moura ", "date": "Tue, 14 May 2024 11:22:35 +0200" }, { "cves": [], "log": [ "", " * d/postinst: ensure migrations happen in correct package postinst (GH: #2982)", " * d/apparmor: introduce new ubuntu_pro_esm_cache apparmor policy", " * New upstream release 32 (LP: #2060732)", " - api:", " + u.pro.attach.token.full_token_attach.v1: add support for attach", " with token", " + u.pro.services.disable.v1: add support for disable operation", " + u.pro.services.enable.v1: add support for enable operation", " + u.pro.detach.v1: add support for detach operation", " + u.pro.status.is_attached.v1: add extra fields to API response", " + u.pro.services.dependencies.v1: add support for service dependencies", " + u.pro.security.fix.*.plan.v1: update ESM cache during plan API", " if needed", " - apt_news: add architectures and packages selectors filters for apt news", " - cli:", " + improved cli/log message for unexpected errors (GH: #2600)", " + properly handle setting empty config values (GH: #2925)", " - cloud-init: support ubuntu_pro user-data", " - collect-logs: update default output file to pro_logs.tar.gz (LP: #2033313)", " - config: create public and private config (GH: #2809)", " - entitlements:", " + update logic that checks if a service is enabled (LP: #2031192)", " - fips: warn/confirm with user if enabling fips downgrades the kernel", " - fix: warn users if ESM cache cannot be updated (GH: #2841)", " - logging:", " + use journald logging for all systemd services", " + add redundancy to secret redaction", " - messaging:", " + add consistent messaging for end of contract state", " + make explicit that unattached enable/disable is a noop (GH: #2487)", " + make explicit that disabling a disabled service is a noop", " + make explicit that enabling an enabled service is a noop", " - notices: filter unreadable notices when listing notices (GH: #2898)", "" ], "package": "ubuntu-advantage-tools", "version": "32", "urgency": "medium", "distributions": "oracular", "launchpad_bugs_fixed": [ 2060732, 2033313, 2031192 ], "author": "Lucas Moura ", "date": "Tue, 09 Apr 2024 17:33:36 -0300" } ], "notes": null } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 24.04 noble image from release image serial 20240525 to 20240529", "from_series": "noble", "to_series": "noble", "from_serial": "20240525", "to_serial": "20240529", "from_manifest_filename": "release_manifest.previous", "to_manifest_filename": "manifest.current" }