{
"summary": {
"snap": {
"added": [],
"removed": [],
"diff": []
},
"deb": {
"added": [
"linux-headers-6.11.0-14-generic",
"linux-image-6.11.0-14-generic",
"linux-modules-6.11.0-14-generic",
"linux-riscv-headers-6.11.0-14",
"linux-riscv-tools-6.11.0-14",
"linux-tools-6.11.0-14-generic"
],
"removed": [
"linux-headers-6.11.0-13-generic",
"linux-image-6.11.0-13-generic",
"linux-modules-6.11.0-13-generic",
"linux-riscv-headers-6.11.0-13",
"linux-riscv-tools-6.11.0-13",
"linux-tools-6.11.0-13-generic"
],
"diff": [
"bash",
"bsdextrautils",
"bsdutils",
"eject",
"fdisk",
"git",
"git-man",
"libblkid1:riscv64",
"libfdisk1:riscv64",
"libmount1:riscv64",
"libnspr4:riscv64",
"libpolkit-agent-1-0:riscv64",
"libpolkit-gobject-1-0:riscv64",
"libpython3.12-minimal:riscv64",
"libpython3.12-stdlib:riscv64",
"libpython3.12t64:riscv64",
"libsmartcols1:riscv64",
"libuuid1:riscv64",
"libxml2:riscv64",
"linux-headers-generic",
"linux-headers-virtual",
"linux-image-virtual",
"linux-libc-dev:riscv64",
"linux-tools-common",
"linux-virtual",
"mount",
"polkitd",
"python3.12",
"python3.12-gdbm",
"python3.12-minimal",
"rsync",
"util-linux",
"uuid-runtime",
"vim",
"vim-common",
"vim-runtime",
"vim-tiny",
"xxd"
]
}
},
"diff": {
"deb": [
{
"name": "bash",
"from_version": {
"source_package_name": "bash",
"source_package_version": "5.2.32-1ubuntu1",
"version": "5.2.32-1ubuntu1"
},
"to_version": {
"source_package_name": "bash",
"source_package_version": "5.2.32-1ubuntu1.1",
"version": "5.2.32-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2083131
],
"changes": [
{
"cves": [],
"log": [
"",
" * Add configure-strtold-check.patch (LP: #2083131)",
""
],
"package": "bash",
"version": "5.2.32-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2083131
],
"author": "Agathe Porte <agathe.porte@canonical.com>",
"date": "Sat, 26 Oct 2024 13:07:59 +0200"
}
],
"notes": null
},
{
"name": "bsdextrautils",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "bsdutils",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "1:2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "1:2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "eject",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "fdisk",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "git",
"from_version": {
"source_package_name": "git",
"source_package_version": "1:2.45.2-1ubuntu1",
"version": "1:2.45.2-1ubuntu1"
},
"to_version": {
"source_package_name": "git",
"source_package_version": "1:2.45.2-1ubuntu1.1",
"version": "1:2.45.2-1ubuntu1.1"
},
"cves": [
{
"cve": "CVE-2024-50349",
"url": "https://ubuntu.com/security/CVE-2024-50349",
"cve_description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This allows attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. This issue has been patch via commits `7725b81` and `c903985` which are included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 19:15:00 UTC"
},
{
"cve": "CVE-2024-52006",
"url": "https://ubuntu.com/security/CVE-2024-52006",
"cve_description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most notably, .NET and node.js) interpret single Carriage Return characters as newlines, which renders the protections against CVE-2020-5260 incomplete for credential helpers that treat Carriage Returns in this way. This issue has been addressed in commit `b01b9b8` which is included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 19:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-50349",
"url": "https://ubuntu.com/security/CVE-2024-50349",
"cve_description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This allows attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. This issue has been patch via commits `7725b81` and `c903985` which are included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 19:15:00 UTC"
},
{
"cve": "CVE-2024-52006",
"url": "https://ubuntu.com/security/CVE-2024-52006",
"cve_description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most notably, .NET and node.js) interpret single Carriage Return characters as newlines, which renders the protections against CVE-2020-5260 incomplete for credential helpers that treat Carriage Returns in this way. This issue has been addressed in commit `b01b9b8` which is included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 19:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: crafted URL susceptibility",
" - debian/patches/CVE-2024-50349-1.patch: sanitize credentials",
" in credential.c, strbuf.c, strbuf.h,",
" t/t0300-credentials.sh.",
" - debian/patches/CVE-2024-50349-2.patch: credential sanitize",
" the user prompt in credential.c, credential.h,",
" t/t0300-credentials.sh, t/t5541-http-push-smart.sh,",
" t/t5550-http-fetch-dumb.sh, t/t5551-http-fetch-smart.sh.",
" - CVE-2024-50349",
" * SECURITY UPDATE: Git may pass on Carriage Returns",
" - debian/patches/CVE-2024-52006.patch: disallow carriage",
" returns in the protocol by default in credential.c,",
" credential.h, t/t0300-credentials.sh.",
" - CVE-2024-52006",
""
],
"package": "git",
"version": "1:2.45.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>",
"date": "Mon, 13 Jan 2025 16:42:59 -0300"
}
],
"notes": null
},
{
"name": "git-man",
"from_version": {
"source_package_name": "git",
"source_package_version": "1:2.45.2-1ubuntu1",
"version": "1:2.45.2-1ubuntu1"
},
"to_version": {
"source_package_name": "git",
"source_package_version": "1:2.45.2-1ubuntu1.1",
"version": "1:2.45.2-1ubuntu1.1"
},
"cves": [
{
"cve": "CVE-2024-50349",
"url": "https://ubuntu.com/security/CVE-2024-50349",
"cve_description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This allows attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. This issue has been patch via commits `7725b81` and `c903985` which are included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 19:15:00 UTC"
},
{
"cve": "CVE-2024-52006",
"url": "https://ubuntu.com/security/CVE-2024-52006",
"cve_description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most notably, .NET and node.js) interpret single Carriage Return characters as newlines, which renders the protections against CVE-2020-5260 incomplete for credential helpers that treat Carriage Returns in this way. This issue has been addressed in commit `b01b9b8` which is included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 19:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-50349",
"url": "https://ubuntu.com/security/CVE-2024-50349",
"cve_description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This allows attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. This issue has been patch via commits `7725b81` and `c903985` which are included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 19:15:00 UTC"
},
{
"cve": "CVE-2024-52006",
"url": "https://ubuntu.com/security/CVE-2024-52006",
"cve_description": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most notably, .NET and node.js) interpret single Carriage Return characters as newlines, which renders the protections against CVE-2020-5260 incomplete for credential helpers that treat Carriage Returns in this way. This issue has been addressed in commit `b01b9b8` which is included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 19:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: crafted URL susceptibility",
" - debian/patches/CVE-2024-50349-1.patch: sanitize credentials",
" in credential.c, strbuf.c, strbuf.h,",
" t/t0300-credentials.sh.",
" - debian/patches/CVE-2024-50349-2.patch: credential sanitize",
" the user prompt in credential.c, credential.h,",
" t/t0300-credentials.sh, t/t5541-http-push-smart.sh,",
" t/t5550-http-fetch-dumb.sh, t/t5551-http-fetch-smart.sh.",
" - CVE-2024-50349",
" * SECURITY UPDATE: Git may pass on Carriage Returns",
" - debian/patches/CVE-2024-52006.patch: disallow carriage",
" returns in the protocol by default in credential.c,",
" credential.h, t/t0300-credentials.sh.",
" - CVE-2024-52006",
""
],
"package": "git",
"version": "1:2.45.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>",
"date": "Mon, 13 Jan 2025 16:42:59 -0300"
}
],
"notes": null
},
{
"name": "libblkid1:riscv64",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "libfdisk1:riscv64",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "libmount1:riscv64",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "libnspr4:riscv64",
"from_version": {
"source_package_name": "nspr",
"source_package_version": "2:4.35-1.1ubuntu1",
"version": "2:4.35-1.1ubuntu1"
},
"to_version": {
"source_package_name": "nspr",
"source_package_version": "2:4.35-1.1ubuntu1.1",
"version": "2:4.35-1.1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2081110
],
"changes": [
{
"cves": [],
"log": [
"",
" * d/p/fix-ftbfs-incompatible-thread-start-type.patch: Fix FTBFS due",
" to incompatible native thread start types (LP: #2081110)",
""
],
"package": "nspr",
"version": "2:4.35-1.1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2081110
],
"author": "Lena Voytek <lena.voytek@canonical.com>",
"date": "Fri, 11 Oct 2024 08:27:41 -0700"
}
],
"notes": null
},
{
"name": "libpolkit-agent-1-0:riscv64",
"from_version": {
"source_package_name": "policykit-1",
"source_package_version": "124-2ubuntu1",
"version": "124-2ubuntu1"
},
"to_version": {
"source_package_name": "policykit-1",
"source_package_version": "124-2ubuntu1.24.10.2",
"version": "124-2ubuntu1.24.10.2"
},
"cves": [],
"launchpad_bugs_fixed": [
2089145,
2089145
],
"changes": [
{
"cves": [],
"log": [
"",
" * debian/patches/git-action-directories.patch:",
" - fix incorrect call to get instance's priv. (lp: #2089145)",
""
],
"package": "policykit-1",
"version": "124-2ubuntu1.24.10.2",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2089145
],
"author": "Nathan Pratta Teodosio <nteodosio@ubuntu.com>",
"date": "Mon, 02 Dec 2024 12:59:52 +0100"
},
{
"cves": [],
"log": [
"",
" * debian/patches/git-action-directories.patch:",
" - cherry pick an upstream change to allow alternative directories for",
" the actions files (lp: #2089145)",
""
],
"package": "policykit-1",
"version": "124-2ubuntu1.24.10.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2089145
],
"author": "Nathan Pratta Teodosio <nteodosio@ubuntu.com>",
"date": "Wed, 27 Nov 2024 15:20:27 +0100"
}
],
"notes": null
},
{
"name": "libpolkit-gobject-1-0:riscv64",
"from_version": {
"source_package_name": "policykit-1",
"source_package_version": "124-2ubuntu1",
"version": "124-2ubuntu1"
},
"to_version": {
"source_package_name": "policykit-1",
"source_package_version": "124-2ubuntu1.24.10.2",
"version": "124-2ubuntu1.24.10.2"
},
"cves": [],
"launchpad_bugs_fixed": [
2089145,
2089145
],
"changes": [
{
"cves": [],
"log": [
"",
" * debian/patches/git-action-directories.patch:",
" - fix incorrect call to get instance's priv. (lp: #2089145)",
""
],
"package": "policykit-1",
"version": "124-2ubuntu1.24.10.2",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2089145
],
"author": "Nathan Pratta Teodosio <nteodosio@ubuntu.com>",
"date": "Mon, 02 Dec 2024 12:59:52 +0100"
},
{
"cves": [],
"log": [
"",
" * debian/patches/git-action-directories.patch:",
" - cherry pick an upstream change to allow alternative directories for",
" the actions files (lp: #2089145)",
""
],
"package": "policykit-1",
"version": "124-2ubuntu1.24.10.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2089145
],
"author": "Nathan Pratta Teodosio <nteodosio@ubuntu.com>",
"date": "Wed, 27 Nov 2024 15:20:27 +0100"
}
],
"notes": null
},
{
"name": "libpython3.12-minimal:riscv64",
"from_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1",
"version": "3.12.7-1ubuntu1"
},
"to_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1.1",
"version": "3.12.7-1ubuntu1.1"
},
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: memory exhaustion issue in asyncio",
" - debian/patches/CVE-2024-12254.patch: ensure to pause the protocol if",
" needed in Lib/asyncio/selector_events.py,",
" Lib/test/test_asyncio/test_selector_events.py.",
" - CVE-2024-12254",
""
],
"package": "python3.12",
"version": "3.12.7-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
"date": "Fri, 17 Jan 2025 11:55:27 -0500"
}
],
"notes": null
},
{
"name": "libpython3.12-stdlib:riscv64",
"from_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1",
"version": "3.12.7-1ubuntu1"
},
"to_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1.1",
"version": "3.12.7-1ubuntu1.1"
},
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: memory exhaustion issue in asyncio",
" - debian/patches/CVE-2024-12254.patch: ensure to pause the protocol if",
" needed in Lib/asyncio/selector_events.py,",
" Lib/test/test_asyncio/test_selector_events.py.",
" - CVE-2024-12254",
""
],
"package": "python3.12",
"version": "3.12.7-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
"date": "Fri, 17 Jan 2025 11:55:27 -0500"
}
],
"notes": null
},
{
"name": "libpython3.12t64:riscv64",
"from_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1",
"version": "3.12.7-1ubuntu1"
},
"to_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1.1",
"version": "3.12.7-1ubuntu1.1"
},
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: memory exhaustion issue in asyncio",
" - debian/patches/CVE-2024-12254.patch: ensure to pause the protocol if",
" needed in Lib/asyncio/selector_events.py,",
" Lib/test/test_asyncio/test_selector_events.py.",
" - CVE-2024-12254",
""
],
"package": "python3.12",
"version": "3.12.7-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
"date": "Fri, 17 Jan 2025 11:55:27 -0500"
}
],
"notes": null
},
{
"name": "libsmartcols1:riscv64",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "libuuid1:riscv64",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "libxml2:riscv64",
"from_version": {
"source_package_name": "libxml2",
"source_package_version": "2.12.7+dfsg-3",
"version": "2.12.7+dfsg-3"
},
"to_version": {
"source_package_name": "libxml2",
"source_package_version": "2.12.7+dfsg-3ubuntu0.1",
"version": "2.12.7+dfsg-3ubuntu0.1"
},
"cves": [
{
"cve": "CVE-2024-40896",
"url": "https://ubuntu.com/security/CVE-2024-40896",
"cve_description": "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.",
"cve_priority": "medium",
"cve_public_date": "2024-12-23 17:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-40896",
"url": "https://ubuntu.com/security/CVE-2024-40896",
"cve_description": "In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting \"checked\"). This makes classic XXE attacks possible.",
"cve_priority": "medium",
"cve_public_date": "2024-12-23 17:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: XXE via custom SAX handlers",
" - debian/patches/CVE-2024-40896.patch: fix XXE protection in",
" downstream code in parser.c.",
" - CVE-2024-40896",
""
],
"package": "libxml2",
"version": "2.12.7+dfsg-3ubuntu0.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
"date": "Wed, 15 Jan 2025 11:26:35 -0500"
}
],
"notes": null
},
{
"name": "linux-headers-generic",
"from_version": {
"source_package_name": "linux-meta-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": "linux-meta-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [],
"log": [
"",
" * Main version: 6.11.0-14.15.1",
""
],
"package": "linux-meta-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:25:57 +0100"
}
],
"notes": null
},
{
"name": "linux-headers-virtual",
"from_version": {
"source_package_name": "linux-meta-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": "linux-meta-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [],
"log": [
"",
" * Main version: 6.11.0-14.15.1",
""
],
"package": "linux-meta-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:25:57 +0100"
}
],
"notes": null
},
{
"name": "linux-image-virtual",
"from_version": {
"source_package_name": "linux-meta-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": "linux-meta-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [],
"log": [
"",
" * Main version: 6.11.0-14.15.1",
""
],
"package": "linux-meta-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:25:57 +0100"
}
],
"notes": null
},
{
"name": "linux-libc-dev:riscv64",
"from_version": {
"source_package_name": "linux",
"source_package_version": "6.11.0-13.14",
"version": "6.11.0-13.14"
},
"to_version": {
"source_package_name": "linux",
"source_package_version": "6.11.0-14.15",
"version": "6.11.0-14.15"
},
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"launchpad_bugs_fixed": [
2093483
],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"log": [
"",
" * oracular/linux: 6.11.0-14.15 -proposed tracker (LP: #2093483)",
"",
" * CVE-2024-53164",
" - net: sched: fix ordering of qlen adjustment",
"",
" * CVE-2024-53103",
" - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer",
""
],
"package": "linux",
"version": "6.11.0-14.15",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2093483
],
"author": "Manuel Diewald <manuel.diewald@canonical.com>",
"date": "Fri, 10 Jan 2025 18:31:51 +0100"
}
],
"notes": null
},
{
"name": "linux-tools-common",
"from_version": {
"source_package_name": "linux",
"source_package_version": "6.11.0-13.14",
"version": "6.11.0-13.14"
},
"to_version": {
"source_package_name": "linux",
"source_package_version": "6.11.0-14.15",
"version": "6.11.0-14.15"
},
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"launchpad_bugs_fixed": [
2093483
],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"log": [
"",
" * oracular/linux: 6.11.0-14.15 -proposed tracker (LP: #2093483)",
"",
" * CVE-2024-53164",
" - net: sched: fix ordering of qlen adjustment",
"",
" * CVE-2024-53103",
" - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer",
""
],
"package": "linux",
"version": "6.11.0-14.15",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2093483
],
"author": "Manuel Diewald <manuel.diewald@canonical.com>",
"date": "Fri, 10 Jan 2025 18:31:51 +0100"
}
],
"notes": null
},
{
"name": "linux-virtual",
"from_version": {
"source_package_name": "linux-meta-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": "linux-meta-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [],
"log": [
"",
" * Main version: 6.11.0-14.15.1",
""
],
"package": "linux-meta-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:25:57 +0100"
}
],
"notes": null
},
{
"name": "mount",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "polkitd",
"from_version": {
"source_package_name": "policykit-1",
"source_package_version": "124-2ubuntu1",
"version": "124-2ubuntu1"
},
"to_version": {
"source_package_name": "policykit-1",
"source_package_version": "124-2ubuntu1.24.10.2",
"version": "124-2ubuntu1.24.10.2"
},
"cves": [],
"launchpad_bugs_fixed": [
2089145,
2089145
],
"changes": [
{
"cves": [],
"log": [
"",
" * debian/patches/git-action-directories.patch:",
" - fix incorrect call to get instance's priv. (lp: #2089145)",
""
],
"package": "policykit-1",
"version": "124-2ubuntu1.24.10.2",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2089145
],
"author": "Nathan Pratta Teodosio <nteodosio@ubuntu.com>",
"date": "Mon, 02 Dec 2024 12:59:52 +0100"
},
{
"cves": [],
"log": [
"",
" * debian/patches/git-action-directories.patch:",
" - cherry pick an upstream change to allow alternative directories for",
" the actions files (lp: #2089145)",
""
],
"package": "policykit-1",
"version": "124-2ubuntu1.24.10.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2089145
],
"author": "Nathan Pratta Teodosio <nteodosio@ubuntu.com>",
"date": "Wed, 27 Nov 2024 15:20:27 +0100"
}
],
"notes": null
},
{
"name": "python3.12",
"from_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1",
"version": "3.12.7-1ubuntu1"
},
"to_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1.1",
"version": "3.12.7-1ubuntu1.1"
},
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: memory exhaustion issue in asyncio",
" - debian/patches/CVE-2024-12254.patch: ensure to pause the protocol if",
" needed in Lib/asyncio/selector_events.py,",
" Lib/test/test_asyncio/test_selector_events.py.",
" - CVE-2024-12254",
""
],
"package": "python3.12",
"version": "3.12.7-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
"date": "Fri, 17 Jan 2025 11:55:27 -0500"
}
],
"notes": null
},
{
"name": "python3.12-gdbm",
"from_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1",
"version": "3.12.7-1ubuntu1"
},
"to_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1.1",
"version": "3.12.7-1ubuntu1.1"
},
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: memory exhaustion issue in asyncio",
" - debian/patches/CVE-2024-12254.patch: ensure to pause the protocol if",
" needed in Lib/asyncio/selector_events.py,",
" Lib/test/test_asyncio/test_selector_events.py.",
" - CVE-2024-12254",
""
],
"package": "python3.12",
"version": "3.12.7-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
"date": "Fri, 17 Jan 2025 11:55:27 -0500"
}
],
"notes": null
},
{
"name": "python3.12-minimal",
"from_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1",
"version": "3.12.7-1ubuntu1"
},
"to_version": {
"source_package_name": "python3.12",
"source_package_version": "3.12.7-1ubuntu1.1",
"version": "3.12.7-1ubuntu1.1"
},
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-12254",
"url": "https://ubuntu.com/security/CVE-2024-12254",
"cve_description": "Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not \"pause\" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the \"high-water mark\". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.",
"cve_priority": "medium",
"cve_public_date": "2024-12-06 16:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: memory exhaustion issue in asyncio",
" - debian/patches/CVE-2024-12254.patch: ensure to pause the protocol if",
" needed in Lib/asyncio/selector_events.py,",
" Lib/test/test_asyncio/test_selector_events.py.",
" - CVE-2024-12254",
""
],
"package": "python3.12",
"version": "3.12.7-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
"date": "Fri, 17 Jan 2025 11:55:27 -0500"
}
],
"notes": null
},
{
"name": "rsync",
"from_version": {
"source_package_name": "rsync",
"source_package_version": "3.3.0-1",
"version": "3.3.0-1"
},
"to_version": {
"source_package_name": "rsync",
"source_package_version": "3.3.0-1ubuntu0.1",
"version": "3.3.0-1ubuntu0.1"
},
"cves": [
{
"cve": "CVE-2024-12088",
"url": "https://ubuntu.com/security/CVE-2024-12088",
"cve_description": "A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
},
{
"cve": "CVE-2024-12087",
"url": "https://ubuntu.com/security/CVE-2024-12087",
"cve_description": "A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
},
{
"cve": "CVE-2024-12086",
"url": "https://ubuntu.com/security/CVE-2024-12086",
"cve_description": "A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
},
{
"cve": "CVE-2024-12085",
"url": "https://ubuntu.com/security/CVE-2024-12085",
"cve_description": "A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
},
{
"cve": "CVE-2024-12084",
"url": "https://ubuntu.com/security/CVE-2024-12084",
"cve_description": "A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.",
"cve_priority": "high",
"cve_public_date": "2025-01-15 15:15:00 UTC"
},
{
"cve": "CVE-2024-12747",
"url": "https://ubuntu.com/security/CVE-2024-12747",
"cve_description": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-12088",
"url": "https://ubuntu.com/security/CVE-2024-12088",
"cve_description": "A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
},
{
"cve": "CVE-2024-12087",
"url": "https://ubuntu.com/security/CVE-2024-12087",
"cve_description": "A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
},
{
"cve": "CVE-2024-12086",
"url": "https://ubuntu.com/security/CVE-2024-12086",
"cve_description": "A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
},
{
"cve": "CVE-2024-12085",
"url": "https://ubuntu.com/security/CVE-2024-12085",
"cve_description": "A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
},
{
"cve": "CVE-2024-12084",
"url": "https://ubuntu.com/security/CVE-2024-12084",
"cve_description": "A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.",
"cve_priority": "high",
"cve_public_date": "2025-01-15 15:15:00 UTC"
},
{
"cve": "CVE-2024-12747",
"url": "https://ubuntu.com/security/CVE-2024-12747",
"cve_description": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.",
"cve_priority": "medium",
"cve_public_date": "2025-01-14 18:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: safe links bypass vulnerability",
" - d/p/CVE-2024-12088/0001-make-safe-links-stricter.patch: reject",
" links where a \"../\" component is included in the destination",
" - CVE-2024-12088",
" * SECURITY UPDATE: arbitrary file write via symbolic links",
" - d/p/CVE-2024-12087/0001-Refuse-a-duplicate-dirlist.patch: refuse",
" malicious duplicate flist for dir",
" - d/p/CVE-2024-12087/0002-range-check-dir_ndx-before-use.patch: refuse",
" invalid dir_ndx",
" - d/p/fix_flag_got_dir_flist_collision.patch: fix flag collision",
" - CVE-2024-12087",
" * SECURITY UPDATE: arbitrary client file leak",
" - d/p/CVE-2024-12086/0001-refuse-fuzzy-options-when-fuzzy-not-selected.patch:",
" refuse fuzzy options when not selected",
" - d/p/CVE-2024-12086/0002-added-secure_relative_open.patch: safe",
" implementation to open a file relative to a base directory",
" - d/p/CVE-2024-12086/0003-receiver-use-secure_relative_open-for-basis-file.patch:",
" ensure secure file access for basis file",
" - d/p/CVE-2024-12086/0004-disallow-.-elements-in-relpath-for-secure_relative_o.patch:",
" disallow \"../\" in relative path",
" - CVE-2024-12086",
" * SECURITY UPDATE: information leak via uninitialized stack contents",
" - d/p/CVE-2024-12085/0001-prevent-information-leak-off-the-stack.patch:",
" prevent information leak by zeroing",
" - CVE-2024-12085",
" * SECURITY UPDATE: heap buffer overflow in checksum parsing",
" - d/p/CVE-2024-12084/0001-Some-checksum-buffer-fixes.patch: fix",
" checksum buffer issues, better length check",
" - d/p/CVE-2024-12084/0002-Another-cast-when-multiplying-integers.patch:",
" fix multiplying size by a better cast",
" - CVE-2024-12084",
" * SECURITY UPDATE: symlink race condition",
" - d/p/CVE-2024-12747/0001-fixed-symlink-race-condition-in-sender.patch:",
" do_open_checklinks to prevent symlink race",
" - CVE-2024-12747",
""
],
"package": "rsync",
"version": "3.3.0-1ubuntu0.1",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Sudhakar Verma <sudhakar.verma@canonical.com>",
"date": "Tue, 28 Jan 2025 14:02:37 +0530"
}
],
"notes": null
},
{
"name": "util-linux",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "uuid-runtime",
"from_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1",
"version": "2.40.2-1ubuntu1"
},
"to_version": {
"source_package_name": "util-linux",
"source_package_version": "2.40.2-1ubuntu1.1",
"version": "2.40.2-1ubuntu1.1"
},
"cves": [],
"launchpad_bugs_fixed": [
2090972
],
"changes": [
{
"cves": [],
"log": [
"",
" * Read the ext4 superblock with O_DIRECT if the first read produces a",
" checksum failure. This fixes a race where the underlying superblock",
" can be changed in memory but not on disk, resulting in checksum",
" failures which in turn causes systemd-udevd to remove by-uuid and",
" by-label symlinks. (LP: #2090972)",
" - d/p/ubuntu/lp2090972-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch",
""
],
"package": "util-linux",
"version": "2.40.2-1ubuntu1.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2090972
],
"author": "Matthew Ruffell <matthew.ruffell@canonical.com>",
"date": "Thu, 05 Dec 2024 13:02:57 +1300"
}
],
"notes": null
},
{
"name": "vim",
"from_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.2",
"version": "2:9.1.0496-1ubuntu6.2"
},
"to_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.3",
"version": "2:9.1.0496-1ubuntu6.3"
},
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: Heap-buffer-overflow when switching buffers.",
" - debian/patches/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to",
" src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.",
" - CVE-2025-22134",
""
],
"package": "vim",
"version": "2:9.1.0496-1ubuntu6.3",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>",
"date": "Thu, 16 Jan 2025 14:17:18 -0330"
}
],
"notes": null
},
{
"name": "vim-common",
"from_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.2",
"version": "2:9.1.0496-1ubuntu6.2"
},
"to_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.3",
"version": "2:9.1.0496-1ubuntu6.3"
},
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: Heap-buffer-overflow when switching buffers.",
" - debian/patches/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to",
" src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.",
" - CVE-2025-22134",
""
],
"package": "vim",
"version": "2:9.1.0496-1ubuntu6.3",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>",
"date": "Thu, 16 Jan 2025 14:17:18 -0330"
}
],
"notes": null
},
{
"name": "vim-runtime",
"from_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.2",
"version": "2:9.1.0496-1ubuntu6.2"
},
"to_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.3",
"version": "2:9.1.0496-1ubuntu6.3"
},
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: Heap-buffer-overflow when switching buffers.",
" - debian/patches/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to",
" src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.",
" - CVE-2025-22134",
""
],
"package": "vim",
"version": "2:9.1.0496-1ubuntu6.3",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>",
"date": "Thu, 16 Jan 2025 14:17:18 -0330"
}
],
"notes": null
},
{
"name": "vim-tiny",
"from_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.2",
"version": "2:9.1.0496-1ubuntu6.2"
},
"to_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.3",
"version": "2:9.1.0496-1ubuntu6.3"
},
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: Heap-buffer-overflow when switching buffers.",
" - debian/patches/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to",
" src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.",
" - CVE-2025-22134",
""
],
"package": "vim",
"version": "2:9.1.0496-1ubuntu6.3",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>",
"date": "Thu, 16 Jan 2025 14:17:18 -0330"
}
],
"notes": null
},
{
"name": "xxd",
"from_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.2",
"version": "2:9.1.0496-1ubuntu6.2"
},
"to_version": {
"source_package_name": "vim",
"source_package_version": "2:9.1.0496-1ubuntu6.3",
"version": "2:9.1.0496-1ubuntu6.3"
},
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"launchpad_bugs_fixed": [],
"changes": [
{
"cves": [
{
"cve": "CVE-2025-22134",
"url": "https://ubuntu.com/security/CVE-2025-22134",
"cve_description": "When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visual mode before opening other windows and buffers and therefore fix this bug. In addition it does verify that it won't try to access a position if the position is greater than the corresponding buffer line. Impact is medium since the user must have switched on visual mode when executing the :all ex command. The Vim project would like to thank github user gandalf4a for reporting this issue. The issue has been fixed as of Vim patch v9.1.1003",
"cve_priority": "medium",
"cve_public_date": "2025-01-13 21:15:00 UTC"
}
],
"log": [
"",
" * SECURITY UPDATE: Heap-buffer-overflow when switching buffers.",
" - debian/patches/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to",
" src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.",
" - CVE-2025-22134",
""
],
"package": "vim",
"version": "2:9.1.0496-1ubuntu6.3",
"urgency": "medium",
"distributions": "oracular-security",
"launchpad_bugs_fixed": [],
"author": "Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>",
"date": "Thu, 16 Jan 2025 14:17:18 -0330"
}
],
"notes": null
}
],
"snap": []
},
"added": {
"deb": [
{
"name": "linux-headers-6.11.0-14-generic",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": null
},
"to_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"launchpad_bugs_fixed": [
2093479,
2093483
],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"log": [
"",
" * oracular/linux-riscv: 6.11.0-14.15.1 -proposed tracker (LP: #2093479)",
"",
" [ Ubuntu: 6.11.0-14.15 ]",
"",
" * oracular/linux: 6.11.0-14.15 -proposed tracker (LP: #2093483)",
" * CVE-2024-53164",
" - net: sched: fix ordering of qlen adjustment",
" * CVE-2024-53103",
" - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer",
""
],
"package": "linux-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2093479,
2093483
],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:01:27 +0100"
}
],
"notes": "linux-headers-6.11.0-14-generic version '6.11.0-14.15.1' (source package linux-riscv version '6.11.0-14.15.1') was added. linux-headers-6.11.0-14-generic version '6.11.0-14.15.1' has the same source package name, linux-riscv, as removed package linux-headers-6.11.0-13-generic. As such we can use the source package version of the removed package, '6.11.0-13.14.1', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package."
},
{
"name": "linux-image-6.11.0-14-generic",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": null
},
"to_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"launchpad_bugs_fixed": [
2093479,
2093483
],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"log": [
"",
" * oracular/linux-riscv: 6.11.0-14.15.1 -proposed tracker (LP: #2093479)",
"",
" [ Ubuntu: 6.11.0-14.15 ]",
"",
" * oracular/linux: 6.11.0-14.15 -proposed tracker (LP: #2093483)",
" * CVE-2024-53164",
" - net: sched: fix ordering of qlen adjustment",
" * CVE-2024-53103",
" - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer",
""
],
"package": "linux-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2093479,
2093483
],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:01:27 +0100"
}
],
"notes": "linux-image-6.11.0-14-generic version '6.11.0-14.15.1' (source package linux-riscv version '6.11.0-14.15.1') was added. linux-image-6.11.0-14-generic version '6.11.0-14.15.1' has the same source package name, linux-riscv, as removed package linux-headers-6.11.0-13-generic. As such we can use the source package version of the removed package, '6.11.0-13.14.1', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package."
},
{
"name": "linux-modules-6.11.0-14-generic",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": null
},
"to_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"launchpad_bugs_fixed": [
2093479,
2093483
],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"log": [
"",
" * oracular/linux-riscv: 6.11.0-14.15.1 -proposed tracker (LP: #2093479)",
"",
" [ Ubuntu: 6.11.0-14.15 ]",
"",
" * oracular/linux: 6.11.0-14.15 -proposed tracker (LP: #2093483)",
" * CVE-2024-53164",
" - net: sched: fix ordering of qlen adjustment",
" * CVE-2024-53103",
" - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer",
""
],
"package": "linux-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2093479,
2093483
],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:01:27 +0100"
}
],
"notes": "linux-modules-6.11.0-14-generic version '6.11.0-14.15.1' (source package linux-riscv version '6.11.0-14.15.1') was added. linux-modules-6.11.0-14-generic version '6.11.0-14.15.1' has the same source package name, linux-riscv, as removed package linux-headers-6.11.0-13-generic. As such we can use the source package version of the removed package, '6.11.0-13.14.1', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package."
},
{
"name": "linux-riscv-headers-6.11.0-14",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": null
},
"to_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"launchpad_bugs_fixed": [
2093479,
2093483
],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"log": [
"",
" * oracular/linux-riscv: 6.11.0-14.15.1 -proposed tracker (LP: #2093479)",
"",
" [ Ubuntu: 6.11.0-14.15 ]",
"",
" * oracular/linux: 6.11.0-14.15 -proposed tracker (LP: #2093483)",
" * CVE-2024-53164",
" - net: sched: fix ordering of qlen adjustment",
" * CVE-2024-53103",
" - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer",
""
],
"package": "linux-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2093479,
2093483
],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:01:27 +0100"
}
],
"notes": "linux-riscv-headers-6.11.0-14 version '6.11.0-14.15.1' (source package linux-riscv version '6.11.0-14.15.1') was added. linux-riscv-headers-6.11.0-14 version '6.11.0-14.15.1' has the same source package name, linux-riscv, as removed package linux-headers-6.11.0-13-generic. As such we can use the source package version of the removed package, '6.11.0-13.14.1', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package."
},
{
"name": "linux-riscv-tools-6.11.0-14",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": null
},
"to_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"launchpad_bugs_fixed": [
2093479,
2093483
],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"log": [
"",
" * oracular/linux-riscv: 6.11.0-14.15.1 -proposed tracker (LP: #2093479)",
"",
" [ Ubuntu: 6.11.0-14.15 ]",
"",
" * oracular/linux: 6.11.0-14.15 -proposed tracker (LP: #2093483)",
" * CVE-2024-53164",
" - net: sched: fix ordering of qlen adjustment",
" * CVE-2024-53103",
" - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer",
""
],
"package": "linux-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2093479,
2093483
],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:01:27 +0100"
}
],
"notes": "linux-riscv-tools-6.11.0-14 version '6.11.0-14.15.1' (source package linux-riscv version '6.11.0-14.15.1') was added. linux-riscv-tools-6.11.0-14 version '6.11.0-14.15.1' has the same source package name, linux-riscv, as removed package linux-headers-6.11.0-13-generic. As such we can use the source package version of the removed package, '6.11.0-13.14.1', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package."
},
{
"name": "linux-tools-6.11.0-14-generic",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": null
},
"to_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-14.15.1",
"version": "6.11.0-14.15.1"
},
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"launchpad_bugs_fixed": [
2093479,
2093483
],
"changes": [
{
"cves": [
{
"cve": "CVE-2024-53164",
"url": "https://ubuntu.com/security/CVE-2024-53164",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.",
"cve_priority": "medium",
"cve_public_date": "2024-12-27 14:15:00 UTC"
},
{
"cve": "CVE-2024-53103",
"url": "https://ubuntu.com/security/CVE-2024-53103",
"cve_description": "In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.",
"cve_priority": "high",
"cve_public_date": "2024-12-02 08:15:00 UTC"
}
],
"log": [
"",
" * oracular/linux-riscv: 6.11.0-14.15.1 -proposed tracker (LP: #2093479)",
"",
" [ Ubuntu: 6.11.0-14.15 ]",
"",
" * oracular/linux: 6.11.0-14.15 -proposed tracker (LP: #2093483)",
" * CVE-2024-53164",
" - net: sched: fix ordering of qlen adjustment",
" * CVE-2024-53103",
" - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer",
""
],
"package": "linux-riscv",
"version": "6.11.0-14.15.1",
"urgency": "medium",
"distributions": "oracular",
"launchpad_bugs_fixed": [
2093479,
2093483
],
"author": "Emil Renner Berthing <emil.renner.berthing@canonical.com>",
"date": "Tue, 21 Jan 2025 16:01:27 +0100"
}
],
"notes": "linux-tools-6.11.0-14-generic version '6.11.0-14.15.1' (source package linux-riscv version '6.11.0-14.15.1') was added. linux-tools-6.11.0-14-generic version '6.11.0-14.15.1' has the same source package name, linux-riscv, as removed package linux-headers-6.11.0-13-generic. As such we can use the source package version of the removed package, '6.11.0-13.14.1', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package."
}
],
"snap": []
},
"removed": {
"deb": [
{
"name": "linux-headers-6.11.0-13-generic",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": null,
"source_package_version": null,
"version": null
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [],
"notes": null
},
{
"name": "linux-image-6.11.0-13-generic",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": null,
"source_package_version": null,
"version": null
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [],
"notes": null
},
{
"name": "linux-modules-6.11.0-13-generic",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": null,
"source_package_version": null,
"version": null
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [],
"notes": null
},
{
"name": "linux-riscv-headers-6.11.0-13",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": null,
"source_package_version": null,
"version": null
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [],
"notes": null
},
{
"name": "linux-riscv-tools-6.11.0-13",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": null,
"source_package_version": null,
"version": null
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [],
"notes": null
},
{
"name": "linux-tools-6.11.0-13-generic",
"from_version": {
"source_package_name": "linux-riscv",
"source_package_version": "6.11.0-13.14.1",
"version": "6.11.0-13.14.1"
},
"to_version": {
"source_package_name": null,
"source_package_version": null,
"version": null
},
"cves": [],
"launchpad_bugs_fixed": [],
"changes": [],
"notes": null
}
],
"snap": []
},
"notes": "Changelog diff for Ubuntu 24.10 oracular image from release image serial 20250110 to 20250129",
"from_series": "oracular",
"to_series": "oracular",
"from_serial": "20250110",
"to_serial": "20250129",
"from_manifest_filename": "release_manifest.previous",
"to_manifest_filename": "manifest.current"
}