{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "coreutils", "distro-info-data", "gir1.2-glib-2.0", "libglib2.0-0t64", "libsqlite3-0", "python3-distupgrade", "python3-update-manager", "ubuntu-pro-client", "ubuntu-release-upgrader-core" ] } }, "diff": { "deb": [ { "name": "coreutils", "from_version": { "source_package_name": "coreutils", "source_package_version": "9.5-1ubuntu1", "version": "9.5-1ubuntu1" }, "to_version": { "source_package_name": "coreutils", "source_package_version": "9.5-1ubuntu1.25.04.1", "version": "9.5-1ubuntu1.25.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2103489 ], "changes": [ { "cves": [], "log": [ "", " * Modify d/rules to dh_auto_configure with --enable-systemd,", " and add libsystemd-dev as Build-Depends in d/control", " to solve LP: #2103489.", "" ], "package": "coreutils", "version": "9.5-1ubuntu1.25.04.1", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2103489 ], "author": "Frank Heimes ", "date": "Thu, 24 Apr 2025 10:58:04 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "distro-info-data", "from_version": { "source_package_name": "distro-info-data", "source_package_version": "0.63", "version": "0.63" }, "to_version": { "source_package_name": "distro-info-data", "source_package_version": "0.63ubuntu0.1", "version": "0.63ubuntu0.1" }, "cves": [], "launchpad_bugs_fixed": [ 2107391 ], "changes": [ { "cves": [], "log": [ "", " * Add Ubuntu 25.10 \"Questing Quokka\" (LP: #2107391)", " * Add Debian 15 \"Duke\"", "" ], "package": "distro-info-data", "version": "0.63ubuntu0.1", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2107391 ], "author": "Benjamin Drung ", "date": "Wed, 23 Apr 2025 11:40:12 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-glib-2.0", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.84.1-1", "version": "2.84.1-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.84.1-1ubuntu0.1", "version": "2.84.1-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-4373", "url": "https://ubuntu.com/security/CVE-2025-4373", "cve_description": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.", "cve_priority": "medium", "cve_public_date": "2025-05-06 15:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4373", "url": "https://ubuntu.com/security/CVE-2025-4373", "cve_description": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.", "cve_priority": "medium", "cve_public_date": "2025-05-06 15:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Integer Overflow", " - debian/patches/CVE-2025-4373-1.patch: carefully handle gssize", " in glib/gstring.c.", " - debian/patches/CVE-2025-4373-2.patch: make len_unsigned", " unsigned in glib/gstring.c", " - CVE-2025-4373", "" ], "package": "glib2.0", "version": "2.84.1-1ubuntu0.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Leonidas Da Silva Barbosa ", "date": "Mon, 12 May 2025 05:09:09 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-0t64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.84.1-1", "version": "2.84.1-1" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.84.1-1ubuntu0.1", "version": "2.84.1-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-4373", "url": "https://ubuntu.com/security/CVE-2025-4373", "cve_description": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.", "cve_priority": "medium", "cve_public_date": "2025-05-06 15:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4373", "url": "https://ubuntu.com/security/CVE-2025-4373", "cve_description": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.", "cve_priority": "medium", "cve_public_date": "2025-05-06 15:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Integer Overflow", " - debian/patches/CVE-2025-4373-1.patch: carefully handle gssize", " in glib/gstring.c.", " - debian/patches/CVE-2025-4373-2.patch: make len_unsigned", " unsigned in glib/gstring.c", " - CVE-2025-4373", "" ], "package": "glib2.0", "version": "2.84.1-1ubuntu0.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Leonidas Da Silva Barbosa ", "date": "Mon, 12 May 2025 05:09:09 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsqlite3-0", "from_version": { "source_package_name": "sqlite3", "source_package_version": "3.46.1-3", "version": "3.46.1-3" }, "to_version": { "source_package_name": "sqlite3", "source_package_version": "3.46.1-3ubuntu0.1", "version": "3.46.1-3ubuntu0.1" }, "cves": [ { "cve": "CVE-2025-29088", "url": "https://ubuntu.com/security/CVE-2025-29088", "cve_description": "In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.", "cve_priority": "medium", "cve_public_date": "2025-04-10 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-29088", "url": "https://ubuntu.com/security/CVE-2025-29088", "cve_description": "In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config (in the C-language API) can cause a denial of service (application crash). An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.", "cve_priority": "medium", "cve_public_date": "2025-04-10 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: DoS via sqlite3_db_config arguments", " - debian/patches/CVE-2025-29088.patch: harden SQLITE_DBCONFIG_LOOKASIDE", " interface against misuse in src/main.c, src/sqlite.h.in.", " - CVE-2025-29088", "" ], "package": "sqlite3", "version": "3.46.1-3ubuntu0.1", "urgency": "medium", "distributions": "plucky-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 29 Apr 2025 11:33:20 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-distupgrade", "from_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:25.04.14", "version": "1:25.04.14" }, "to_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:25.04.16", "version": "1:25.04.16" }, "cves": [], "launchpad_bugs_fixed": [ 2110594, 2110970, 2107657, 2104859, 2106202 ], "changes": [ { "cves": [], "log": [ "", " * data: remove extraneous comma in data/DistUpgrade.cfg (LP: #2110594)", " * data: add KeyDependencies= section for ubuntustudio-desktop-core", " (LP: #2110970)", "" ], "package": "ubuntu-release-upgrader", "version": "1:25.04.16", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2110594, 2110970 ], "author": "Nick Rosbrook ", "date": "Fri, 16 May 2025 07:58:55 -0400" }, { "cves": [], "log": [ "", " [ Nick Rosbrook ]", " * DistUpgradeController: exclude pre-write foreign packages from removal", " (LP: #2107657)", " * data: account for ubuntustudio-desktop-core (LP: #2104859)", " * Run pre-build.sh: updating mirrors.", "", " [ Julian Andres Klode ]", " * Only upgrade libc6 first if there are no unexpected changes (LP: #2106202)", "" ], "package": "ubuntu-release-upgrader", "version": "1:25.04.15", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2107657, 2104859, 2106202 ], "author": "Nick Rosbrook ", "date": "Thu, 24 Apr 2025 11:20:23 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-update-manager", "from_version": { "source_package_name": "update-manager", "source_package_version": "1:25.04.4", "version": "1:25.04.4" }, "to_version": { "source_package_name": "update-manager", "source_package_version": "1:25.04.5", "version": "1:25.04.5" }, "cves": [], "launchpad_bugs_fixed": [ 2109339, 2109339, 2109340 ], "changes": [ { "cves": [], "log": [ "", " * test_update_origin.py: Update to noble, and packaged archive keys", " (LP: #2109339)", " * test_update_origin: close the dpkg status file when tearing down", " (also tracked in LP: #2109339)", " * Allow output on stderr in autopkgtests (LP: #2109340)", "" ], "package": "update-manager", "version": "1:25.04.5", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2109339, 2109339, 2109340 ], "author": "Julian Andres Klode ", "date": "Fri, 25 Apr 2025 15:01:42 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-pro-client", "from_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "35", "version": "35" }, "to_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "35.1ubuntu0", "version": "35.1ubuntu0" }, "cves": [], "launchpad_bugs_fixed": [ 2106660 ], "changes": [ { "cves": [], "log": [ "", " * apt: support ESM snapshots by adding snapshot URLs for ESM repositories", " to the authentication file (released in version 35)", " * lxd: store the configuration in /var/lib/ubuntu-advantage instead of", " /var/lib/ubuntu-pro (LP: #2106660)", "" ], "package": "ubuntu-advantage-tools", "version": "35.1ubuntu0", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2106660 ], "author": "Renan Rodrigo ", "date": "Wed, 09 Apr 2025 13:19:50 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-release-upgrader-core", "from_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:25.04.14", "version": "1:25.04.14" }, "to_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:25.04.16", "version": "1:25.04.16" }, "cves": [], "launchpad_bugs_fixed": [ 2110594, 2110970, 2107657, 2104859, 2106202 ], "changes": [ { "cves": [], "log": [ "", " * data: remove extraneous comma in data/DistUpgrade.cfg (LP: #2110594)", " * data: add KeyDependencies= section for ubuntustudio-desktop-core", " (LP: #2110970)", "" ], "package": "ubuntu-release-upgrader", "version": "1:25.04.16", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2110594, 2110970 ], "author": "Nick Rosbrook ", "date": "Fri, 16 May 2025 07:58:55 -0400" }, { "cves": [], "log": [ "", " [ Nick Rosbrook ]", " * DistUpgradeController: exclude pre-write foreign packages from removal", " (LP: #2107657)", " * data: account for ubuntustudio-desktop-core (LP: #2104859)", " * Run pre-build.sh: updating mirrors.", "", " [ Julian Andres Klode ]", " * Only upgrade libc6 first if there are no unexpected changes (LP: #2106202)", "" ], "package": "ubuntu-release-upgrader", "version": "1:25.04.15", "urgency": "medium", "distributions": "plucky", "launchpad_bugs_fixed": [ 2107657, 2104859, 2106202 ], "author": "Nick Rosbrook ", "date": "Thu, 24 Apr 2025 11:20:23 -0400" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 25.04 plucky image from release image serial 20250426 to 20250527", "from_series": "plucky", "to_series": "plucky", "from_serial": "20250426", "to_serial": "20250527", "from_manifest_filename": "release_manifest.previous", "to_manifest_filename": "manifest.current" }