Latest Changelogs for all releases
Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).
| ruby3.0 | Jul 4th 23:07 | ||
|---|---|---|---|
| Release: jammy | Repo: main | Level: updates | New version: 3.0.2-7ubuntu2.13 |
| Packages in group: | libruby3.0 ruby3.0-dev ruby3.0-doc | ||
|
ruby3.0 (3.0.2-7ubuntu2.13) jammy-security; urgency=medium * SECURITY UPDATE: STARTTLS stripping via pre-injected tagged response
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 17 Jun 2026 08:57:18 -0300 |
|||
| CVE-2026-42246 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man | ||
| CVE-2026-42257 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net:: | ||
| ruby3.2 | Jul 4th 21:07 | ||
|---|---|---|---|
| Release: noble | Repo: main | Level: updates | New version: 3.2.3-1ubuntu0.24.04.8 |
| Packages in group: | libruby3.2 ruby3.2-dev ruby3.2-doc | ||
|
ruby3.2 (3.2.3-1ubuntu0.24.04.8) noble-security; urgency=medium * SECURITY UPDATE: STARTTLS stripping via pre-injected tagged response
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 17 Jun 2026 08:29:20 -0300 |
|||
| CVE-2026-42246 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man | ||
| CVE-2026-42257 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net:: | ||
| ruby3.2 | Jul 4th 18:07 | ||
|---|---|---|---|
| Release: noble | Repo: main | Level: security | New version: 3.2.3-1ubuntu0.24.04.8 |
| Packages in group: | libruby3.2 ruby3.2-dev ruby3.2-doc | ||
|
ruby3.2 (3.2.3-1ubuntu0.24.04.8) noble-security; urgency=medium * SECURITY UPDATE: STARTTLS stripping via pre-injected tagged response
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 17 Jun 2026 08:29:20 -0300 |
|||
| CVE-2026-42246 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man | ||
| CVE-2026-42257 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net:: | ||
| ruby3.0 | Jul 4th 18:07 | ||
|---|---|---|---|
| Release: jammy | Repo: main | Level: security | New version: 3.0.2-7ubuntu2.13 |
| Packages in group: | libruby3.0 ruby3.0-dev ruby3.0-doc | ||
|
ruby3.0 (3.0.2-7ubuntu2.13) jammy-security; urgency=medium * SECURITY UPDATE: STARTTLS stripping via pre-injected tagged response
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 17 Jun 2026 08:57:18 -0300 |
|||
| CVE-2026-42246 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man | ||
| CVE-2026-42257 | Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net:: | ||
| vim | Jul 4th 16:07 | ||
|---|---|---|---|
| Release: resolute | Repo: universe | Level: security | New version: 2:9.1.2141-1ubuntu4.6 |
| Packages in group: | vim-gtk3 vim-gui-common vim-motif vim-nox | ||
|
vim (2:9.1.2141-1ubuntu4.6) resolute-security; urgency=medium * SECURITY UPDATE: Out-of-bounds write.
-- Kyle Kernick <email address hidden> Tue, 30 Jun 2026 11:00:04 -0600 |
|||
| CVE-2026-55693 | Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fields | ||
| CVE-2026-55892 | Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iterat | ||
| CVE-2026-55895 | Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the ne | ||
| CVE-2026-57452 | Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xch | ||
| CVE-2026-57453 | Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell | ||
| More... | |||
| cifs-utils | Jul 3rd 23:07 | ||
|---|---|---|---|
| Release: questing | Repo: main | Level: updates | New version: 2:7.4-1ubuntu0.25.10.2 |
| Packages in group: | |||
|
cifs-utils (2:7.4-1ubuntu0.25.10.2) questing-security; urgency=medium * SECURITY REGRESSION: regression with kerberos mounts (LP: #2159053)
-- Marc Deslauriers <email address hidden> Fri, 03 Jul 2026 12:54:52 -0400 |
|||
| 2159053 | fix for CVE-2026-12505 introduced regression with kerberos mounts | ||
| CVE-2026-12505 | A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information | ||
| cifs-utils | Jul 3rd 22:07 | ||
|---|---|---|---|
| Release: resolute | Repo: main | Level: updates | New version: 2:7.4-1ubuntu0.26.04.2 |
| Packages in group: | |||
|
cifs-utils (2:7.4-1ubuntu0.26.04.2) resolute-security; urgency=medium * SECURITY REGRESSION: regression with kerberos mounts (LP: #2159053)
-- Marc Deslauriers <email address hidden> Fri, 03 Jul 2026 12:52:00 -0400 |
|||
| 2159053 | fix for CVE-2026-12505 introduced regression with kerberos mounts | ||
| CVE-2026-12505 | A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information | ||
| cifs-utils | Jul 3rd 22:07 | ||
|---|---|---|---|
| Release: noble | Repo: main | Level: updates | New version: 2:7.0-2ubuntu0.4 |
| Packages in group: | |||
|
cifs-utils (2:7.0-2ubuntu0.4) noble-security; urgency=medium * SECURITY REGRESSION: regression with kerberos mounts (LP: #2159053)
-- Marc Deslauriers <email address hidden> Fri, 03 Jul 2026 12:55:30 -0400 |
|||
| 2159053 | fix for CVE-2026-12505 introduced regression with kerberos mounts | ||
| CVE-2026-12505 | A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information | ||
| cifs-utils | Jul 3rd 22:07 | ||
|---|---|---|---|
| Release: jammy | Repo: main | Level: updates | New version: 2:6.14-1ubuntu0.5 |
| Packages in group: | |||
|
cifs-utils (2:6.14-1ubuntu0.5) jammy-security; urgency=medium * SECURITY REGRESSION: regression with kerberos mounts (LP: #2159053)
-- Marc Deslauriers <email address hidden> Fri, 03 Jul 2026 12:55:58 -0400 |
|||
| 2159053 | fix for CVE-2026-12505 introduced regression with kerberos mounts | ||
| CVE-2026-12505 | A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information | ||
| vim | Jul 3rd 21:07 | ||
|---|---|---|---|
| Release: questing | Repo: main | Level: security | New version: 2:9.1.0967-1ubuntu6.8 |
| Packages in group: | vim-common vim-doc vim-runtime vim-tiny xxd | ||
|
vim (2:9.1.0967-1ubuntu6.8) questing-security; urgency=medium * SECURITY UPDATE: Out-of-bounds write.
-- Kyle Kernick <email address hidden> Tue, 30 Jun 2026 11:36:30 -0600 |
|||
| CVE-2026-55693 | Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fields | ||
| CVE-2026-55892 | Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iterat | ||
| CVE-2026-55895 | Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the ne | ||
| CVE-2026-57452 | Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xch | ||
| CVE-2026-57455 | Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a word | ||
| More... | |||
| cifs-utils | Jul 3rd 21:07 | ||
|---|---|---|---|
| Release: questing | Repo: main | Level: security | New version: 2:7.4-1ubuntu0.25.10.2 |
| Packages in group: | |||
|
cifs-utils (2:7.4-1ubuntu0.25.10.2) questing-security; urgency=medium * SECURITY REGRESSION: regression with kerberos mounts (LP: #2159053)
-- Marc Deslauriers <email address hidden> Fri, 03 Jul 2026 12:54:52 -0400 |
|||
| 2159053 | fix for CVE-2026-12505 introduced regression with kerberos mounts | ||
| CVE-2026-12505 | A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information | ||
| cifs-utils | Jul 3rd 20:07 | ||
|---|---|---|---|
| Release: resolute | Repo: main | Level: security | New version: 2:7.4-1ubuntu0.26.04.2 |
| Packages in group: | |||
|
cifs-utils (2:7.4-1ubuntu0.26.04.2) resolute-security; urgency=medium * SECURITY REGRESSION: regression with kerberos mounts (LP: #2159053)
-- Marc Deslauriers <email address hidden> Fri, 03 Jul 2026 12:52:00 -0400 |
|||
| 2159053 | fix for CVE-2026-12505 introduced regression with kerberos mounts | ||
| CVE-2026-12505 | A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information | ||
| cifs-utils | Jul 3rd 20:07 | ||
|---|---|---|---|
| Release: noble | Repo: main | Level: security | New version: 2:7.0-2ubuntu0.4 |
| Packages in group: | |||
|
cifs-utils (2:7.0-2ubuntu0.4) noble-security; urgency=medium * SECURITY REGRESSION: regression with kerberos mounts (LP: #2159053)
-- Marc Deslauriers <email address hidden> Fri, 03 Jul 2026 12:55:30 -0400 |
|||
| 2159053 | fix for CVE-2026-12505 introduced regression with kerberos mounts | ||
| CVE-2026-12505 | A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information | ||
| vim | Jul 3rd 20:07 | ||
|---|---|---|---|
| Release: jammy | Repo: main | Level: security | New version: 2:8.2.3995-1ubuntu2.33 |
| Packages in group: | vim-common vim-doc vim-runtime vim-tiny xxd | ||
|
vim (2:8.2.3995-1ubuntu2.33) jammy-security; urgency=medium * SECURITY UPDATE: Path Traversal in zip.vim
-- Kyle Kernick <email address hidden> Tue, 30 Jun 2026 11:46:22 -0600 |
|||
| CVE-2026-35177 | Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary f | ||
| CVE-2026-55693 | Vim is an open source, command line text editor. Prior to 9.2.0653, the tree_count_words() function in src/spellfile.c fills in the word-count fields | ||
| CVE-2026-55892 | Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iterat | ||
| CVE-2026-55895 | Vim is an open source, command line text editor. Prior to 9.2.0663, a Vimscript code injection vulnerability exists in s:NetrwLocalRmFile() in the ne | ||
| CVE-2026-57452 | Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xch | ||
| More... | |||
| cifs-utils | Jul 3rd 20:07 | ||
|---|---|---|---|
| Release: jammy | Repo: main | Level: security | New version: 2:6.14-1ubuntu0.5 |
| Packages in group: | |||
|
cifs-utils (2:6.14-1ubuntu0.5) jammy-security; urgency=medium * SECURITY REGRESSION: regression with kerberos mounts (LP: #2159053)
-- Marc Deslauriers <email address hidden> Fri, 03 Jul 2026 12:55:58 -0400 |
|||
| 2159053 | fix for CVE-2026-12505 introduced regression with kerberos mounts | ||
| CVE-2026-12505 | A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information | ||