UbuntuUpdates.org

Latest Changelogs for all releases

All releases Bionic Focal Jammy Noble Oracular Plucky Xenial
Include all PPAs Exclude daily builds PPAs Exclude all PPAs
Include levels: securityupdatesproposedbackportsbase

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

linux-signed-oem-6.8 Apr 24th 15:07
Release: noble Repo: main Level: proposed New version: 6.8.0-1028.28
Packages in group:  linux-image-6.8.0-1004-oem linux-image-6.8.0-1005-oem linux-image-6.8.0-1006-oem linux-image-6.8.0-1008-oem linux-image-6.8.0-1010-oem linux-image-6.8.0-1012-oem linux-image-6.8.0-1016-oem linux-image-6.8.0-1018-oem linux-image-6.8.0-1021-oem linux-image-6.8.0-1022-oem linux-image-6.8.0-1024-oem (... see all)

  linux-signed-oem-6.8 (6.8.0-1028.28) noble; urgency=medium

  * Main version: 6.8.0-1028.28

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Kuan-Ying Lee <email address hidden> Wed, 23 Apr 2025 15:27:21 +0800

1786013 Packaging resync

linux-meta-oem-6.8 Apr 24th 15:07
Release: noble Repo: main Level: proposed New version: 6.8.0-1028.28
Packages in group:  linux-headers-oem-24.04 linux-headers-oem-24.04a linux-image-oem-24.04 linux-image-oem-24.04a linux-image-uc-oem-24.04 linux-image-uc-oem-24.04a linux-modules-ipu6-oem-24.04 linux-modules-ipu6-oem-24.04a linux-modules-iwlwifi-oem-24.04 linux-modules-iwlwifi-oem-24.04a linux-modules-usbio-oem-24.04 (... see all)

  linux-meta-oem-6.8 (6.8.0-1028.28) noble; urgency=medium

  * Main version: 6.8.0-1028.28

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/dkms-versions -- resync from main package

 -- Kuan-Ying Lee <email address hidden> Wed, 23 Apr 2025 15:22:55 +0800

1786013 Packaging resync

linux-oem-6.8 Apr 24th 15:07
Release: noble Repo: main Level: proposed New version: 6.8.0-1028.28
Packages in group:  linux-buildinfo-6.8.0-1004-oem linux-buildinfo-6.8.0-1005-oem linux-buildinfo-6.8.0-1006-oem linux-buildinfo-6.8.0-1008-oem linux-buildinfo-6.8.0-1010-oem linux-buildinfo-6.8.0-1012-oem linux-buildinfo-6.8.0-1016-oem linux-buildinfo-6.8.0-1018-oem linux-buildinfo-6.8.0-1021-oem linux-buildinfo-6.8.0-1022-oem linux-buildinfo-6.8.0-1024-oem (... see all)

  linux-oem-6.8 (6.8.0-1028.28) noble; urgency=medium

  * noble/linux-oem-6.8: 6.8.0-1028.28 -proposed tracker (LP: #2107125)

  * Packaging resync (LP: #1786013)
    - [Packaging] debian.oem/dkms-versions -- update from kernel-versions
      (main/2025.04.14)

  [ Ubuntu: 6.8.0-60.63 ]

  * noble/linux: 6.8.0-60.63 -proposed tracker (LP: #2107138)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2025.04.14)
  * Missing upstream commits for LP: #2102181 (LP: #2107336)
    - libperf cpumap: Add any, empty and min helpers
    - libperf cpumap: Ensure empty cpumap is NULL from alloc
  * Noble update: upstream stable patchset 2025-04-10 (LP: #2106770)
    - memblock: use numa_valid_node() helper to check for invalid node ID
    - jbd2: increase IO priority for writing revoke records
    - jbd2: flush filesystem device before updating tail sequence
    - dm array: fix unreleased btree blocks on closing a faulty array cursor
    - dm array: fix cursor index when skipping across block boundaries
    - exfat: fix the infinite loop in __exfat_free_cluster()
    - erofs: fix PSI memstall accounting
    - ASoC: rt722: add delay time to wait for the calibration procedure
    - ASoC: mediatek: disable buffer pre-allocation
    - selftests/alsa: Fix circular dependency involving global-timer
    - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    - net: 802: LLC+SNAP OID:PID lookup on start of skb data
    - tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog
    - tcp/dccp: allow a connection when sk_max_ack_backlog is zero
    - net: libwx: fix firmware mailbox abnormal return
    - pds_core: limit loop over fw name list
    - bnxt_en: Fix possible memory leak when hwrm_req_replace fails
    - cxgb4: Avoid removal of uninserted tid
    - ice: fix incorrect PHY settings for 100 GB/s
    - igc: return early when failing to read EECD register
    - tls: Fix tls_sw_sendmsg error handling
    - eth: gve: use appropriate helper to set xdp_features
    - Bluetooth: hci_sync: Fix not setting Random Address when required
    - Bluetooth: MGMT: Fix Add Device to responding before completing
    - Bluetooth: btnxpuart: Fix driver sending truncated data
    - tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset
    - riscv: Fix early ftrace nop patching
    - memblock tests: fix implicit declaration of function 'numa_valid_node'
    - iio: imu: inv_icm42600: fix timestamps after suspend if sensor is on
    - netfilter: nf_tables: imbalance in flowtable binding
    - drm/mediatek: stop selecting foreign drivers
    - [Config] updateconfigs for MTK_SMI
    - drm/mediatek: Fix YCbCr422 color format issue for DP
    - drm/mediatek: Fix mode valid issue for dp
    - drm/mediatek: Add return value check when reading DPCD
    - cpuidle: riscv-sbi: fix device node release in early exit of
      for_each_possible_cpu
    - scsi: ufs: qcom: Power off

(See more...)
1786013 Packaging resync
2102181 Noble update: upstream stable patchset 2025-03-13
2107336 Missing upstream commits for LP: #2102181
2106770 Noble update: upstream stable patchset 2025-04-10
2106638 intel_idle: add Granite Rapids Xeon (D) support
More...

openssh Apr 24th 14:07
Release: plucky Repo: universe Level: security New version: 1:9.9p1-3ubuntu3.1
Packages in group:  openssh-client-gssapi openssh-server-gssapi openssh-tests ssh-askpass-gnome

  openssh (1:9.9p1-3ubuntu3.1) plucky-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Fri, 11 Apr 2025 07:33:19 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin

openssh Apr 24th 14:07
Release: plucky Repo: main Level: security New version: 1:9.9p1-3ubuntu3.1
Packages in group:  openssh-client openssh-server openssh-sftp-server ssh

  openssh (1:9.9p1-3ubuntu3.1) plucky-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Fri, 11 Apr 2025 07:33:19 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin

openssh Apr 24th 14:07
Release: oracular Repo: main Level: security New version: 1:9.7p1-7ubuntu4.3
Packages in group:  openssh-client openssh-server openssh-sftp-server ssh

  openssh (1:9.7p1-7ubuntu4.3) oracular-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Fri, 11 Apr 2025 07:37:08 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin

openssh Apr 24th 14:07
Release: noble Repo: universe Level: security New version: 1:9.6p1-3ubuntu13.11
Packages in group:  openssh-tests ssh-askpass-gnome

  openssh (1:9.6p1-3ubuntu13.11) noble-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Tue, 22 Apr 2025 07:51:46 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin

libarchive Apr 24th 14:07
Release: noble Repo: universe Level: security New version: 3.7.2-2ubuntu0.4
Packages in group:  libarchive-tools

  libarchive (3.7.2-2ubuntu0.4) noble-security; urgency=medium

  * SECURITY UPDATE: DoS via null pointer deref
    - debian/patches/CVE-2025-1632_25724.patch: check return code of
      archive_entry_pathname() in unzip/bsdunzip.c.
    - CVE-2025-1632
  * SECURITY UPDATE: DoS via crafted TAR archive
    - debian/patches/CVE-2025-1632_25724.patch: make sure ltime is valid in
      tar/util.c.
    - CVE-2025-25724

 -- Marc Deslauriers <email address hidden> Thu, 10 Apr 2025 13:28:58 -0400

CVE-2025-1632 A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. Th
CVE-2025-25724 list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspeci

linux-restricted-signatures-oem-6.8 Apr 24th 14:07
Release: noble Repo: restricted Level: proposed New version: 6.8.0-1028.28
Packages in group:  linux-modules-nvidia-535-open-6.8.0-1004-oem linux-modules-nvidia-535-open-6.8.0-1005-oem linux-modules-nvidia-535-open-6.8.0-1006-oem linux-modules-nvidia-535-open-6.8.0-1008-oem linux-modules-nvidia-535-open-6.8.0-1010-oem linux-modules-nvidia-535-open-6.8.0-1012-oem linux-modules-nvidia-535-open-6.8.0-1016-oem linux-modules-nvidia-535-open-6.8.0-1018-oem linux-modules-nvidia-535-open-6.8.0-1021-oem linux-modules-nvidia-535-open-6.8.0-1022-oem linux-modules-nvidia-535-open-6.8.0-1024-oem (... see all)

  linux-restricted-signatures-oem-6.8 (6.8.0-1028.28) noble; urgency=medium

  * Main version: 6.8.0-1028.28

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Kuan-Ying Lee <email address hidden> Wed, 23 Apr 2025 15:24:13 +0800

1786013 Packaging resync

linux-restricted-modules-oem-6.8 Apr 24th 14:07
Release: noble Repo: restricted Level: proposed New version: 6.8.0-1028.28
Packages in group:  linux-modules-nvidia-470-6.8.0-1004-oem linux-modules-nvidia-470-6.8.0-1005-oem linux-modules-nvidia-470-6.8.0-1006-oem linux-modules-nvidia-470-6.8.0-1008-oem linux-modules-nvidia-470-6.8.0-1010-oem linux-modules-nvidia-470-6.8.0-1012-oem linux-modules-nvidia-470-6.8.0-1016-oem linux-modules-nvidia-470-6.8.0-1018-oem linux-modules-nvidia-470-6.8.0-1021-oem linux-modules-nvidia-470-6.8.0-1022-oem linux-modules-nvidia-470-6.8.0-1024-oem (... see all)

  linux-restricted-modules-oem-6.8 (6.8.0-1028.28) noble; urgency=medium

  * Main version: 6.8.0-1028.28

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Kuan-Ying Lee <email address hidden> Wed, 23 Apr 2025 15:24:13 +0800

1786013 Packaging resync

openssh Apr 24th 14:07
Release: noble Repo: main Level: security New version: 1:9.6p1-3ubuntu13.11
Packages in group:  openssh-client openssh-server openssh-sftp-server ssh

  openssh (1:9.6p1-3ubuntu13.11) noble-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Tue, 22 Apr 2025 07:51:46 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin

openssh Apr 24th 14:07
Release: jammy Repo: universe Level: security New version: 1:8.9p1-3ubuntu0.13
Packages in group:  openssh-tests ssh-askpass-gnome

  openssh (1:8.9p1-3ubuntu0.13) jammy-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Fri, 11 Apr 2025 08:05:47 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin

openssh Apr 24th 14:07
Release: jammy Repo: main Level: security New version: 1:8.9p1-3ubuntu0.13
Packages in group:  openssh-client openssh-server openssh-sftp-server ssh

  openssh (1:8.9p1-3ubuntu0.13) jammy-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Fri, 11 Apr 2025 08:05:47 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin

openssh Apr 24th 14:07
Release: focal Repo: universe Level: security New version: 1:8.2p1-4ubuntu0.13
Packages in group:  openssh-tests ssh-askpass-gnome

  openssh (1:8.2p1-4ubuntu0.13) focal-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Fri, 11 Apr 2025 08:16:08 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin

openssh Apr 24th 14:07
Release: focal Repo: main Level: security New version: 1:8.2p1-4ubuntu0.13
Packages in group:  openssh-client openssh-server openssh-sftp-server ssh

  openssh (1:8.2p1-4ubuntu0.13) focal-security; urgency=medium

  * SECURITY UPDATE: incorrect DisableForwarding directive behaviour
    - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
    - CVE-2025-32728

 -- Marc Deslauriers <email address hidden> Fri, 11 Apr 2025 08:16:08 -0400

CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwardin



About   -   Send Feedback to @ubuntu_updates