UbuntuUpdates.org

Latest Changelogs for all releases

All releases Bionic Focal Jammy Noble Plucky Questing
Include all PPAs Exclude daily builds PPAs Exclude all PPAs
Include levels: securityupdatesbackportsproposedbase

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

linux-signed-azure-fde Apr 3rd 14:09
Release: jammy Repo: main Level: proposed New version: 5.15.0-1110.119.1
Packages in group:  linux-image-5.15.0-1020-azure-fde linux-image-5.15.0-1021-azure-fde linux-image-5.15.0-1024-azure-fde linux-image-5.15.0-1030-azure-fde linux-image-5.15.0-1032-azure-fde linux-image-5.15.0-1033-azure-fde linux-image-5.15.0-1034-azure-fde linux-image-5.15.0-1035-azure-fde linux-image-5.15.0-1036-azure-fde linux-image-5.15.0-1038-azure-fde linux-image-5.15.0-1040-azure-fde (... see all)

  linux-signed-azure-fde (5.15.0-1110.119.1) jammy; urgency=medium

  * Master version: 5.15.0-1110.119.1

 -- John Cabaj <email address hidden> Thu, 02 Apr 2026 17:01:58 -0500

linux-meta-azure-fde Apr 3rd 14:09
Release: jammy Repo: main Level: proposed New version: 5.15.0.1110.119.86
Packages in group:  linux-azure-fde-5.15 linux-azure-fde-lts-22.04 linux-cloud-tools-azure-fde-5.15 linux-cloud-tools-azure-fde-lts-22.04 linux-headers-azure-fde-5.15 linux-headers-azure-fde-lts-22.04 linux-image-azure-fde-5.15 linux-image-azure-fde-lts-22.04 linux-modules-extra-azure-fde-5.15 linux-modules-extra-azure-fde-lts-22.04 linux-tools-azure-fde-5.15 (... see all)

  linux-meta-azure-fde (5.15.0.1110.119.86) jammy; urgency=medium

  * Bump ABI 5.15.0-1110.119

 -- John Cabaj <email address hidden> Thu, 02 Apr 2026 17:01:34 -0500

libarchive Apr 3rd 06:12
Release: questing Repo: universe Level: updates New version: 3.7.7-0ubuntu3.1
Packages in group:  libarchive-tools

  libarchive (3.7.7-0ubuntu3.1) questing-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read during streamed archive skipping
    - debian/patches/CVE-2025-5918-1.patch: Prevent EOF-skipping in
      libarchive/archive_read_open_fd.c, libarchive/archive_read_open_file.c,
      libarchive/archive_read_open_filename.c, add relevant tests in
      libarchive/test/test_read_format_rar.c
    - debian/patches/CVE-2025-5918-2.patch: Fix file skip offset handling in
      libarchive/archive_read_open_file.c
    - CVE-2025-5918
  * SECURITY UPDATE: Unbounded memory allocation during bsdtar substitution
    processing
    - debian/patches/CVE-2025-60753.patch: Advance zero-length matches in
      tar/subst.c and add tests in tar/test/test_option_s.c
    - CVE-2025-60753
  * SECURITY UPDATE: Infinite loop during RAR5 decompression
    - debian/patches/CVE-2026-4111.patch: Filter bounds in
      libarchive/archive_read_support_format_rar5.c and add loop regression
      tests in libarchive/test/test_read_format_rar5_loop_bug.c,
      libarchive/test/test_read_format_rar5_loop_bug.rar.uu
    - CVE-2026-4111

 -- Shafayat Hossain Majumder <email address hidden> Wed, 01 Apr 2026 14:23:07 -0400
CVE-2025-5918 A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowi
CVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s subst
CVE-2026-4111 A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path.

libarchive Apr 3rd 06:12
Release: questing Repo: main Level: updates New version: 3.7.7-0ubuntu3.1
Packages in group:  libarchive13t64 libarchive-dev

  libarchive (3.7.7-0ubuntu3.1) questing-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read during streamed archive skipping
    - debian/patches/CVE-2025-5918-1.patch: Prevent EOF-skipping in
      libarchive/archive_read_open_fd.c, libarchive/archive_read_open_file.c,
      libarchive/archive_read_open_filename.c, add relevant tests in
      libarchive/test/test_read_format_rar.c
    - debian/patches/CVE-2025-5918-2.patch: Fix file skip offset handling in
      libarchive/archive_read_open_file.c
    - CVE-2025-5918
  * SECURITY UPDATE: Unbounded memory allocation during bsdtar substitution
    processing
    - debian/patches/CVE-2025-60753.patch: Advance zero-length matches in
      tar/subst.c and add tests in tar/test/test_option_s.c
    - CVE-2025-60753
  * SECURITY UPDATE: Infinite loop during RAR5 decompression
    - debian/patches/CVE-2026-4111.patch: Filter bounds in
      libarchive/archive_read_support_format_rar5.c and add loop regression
      tests in libarchive/test/test_read_format_rar5_loop_bug.c,
      libarchive/test/test_read_format_rar5_loop_bug.rar.uu
    - CVE-2026-4111

 -- Shafayat Hossain Majumder <email address hidden> Wed, 01 Apr 2026 14:23:07 -0400
CVE-2025-5918 A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowi
CVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s subst
CVE-2026-4111 A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path.

libarchive Apr 3rd 06:12
Release: noble Repo: universe Level: updates New version: 3.7.2-2ubuntu0.6
Packages in group:  libarchive-tools

  libarchive (3.7.2-2ubuntu0.6) noble-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read during streamed archive skipping
    - debian/patches/CVE-2025-5918-1.patch: Prevent EOF-skipping in
      libarchive/archive_read_open_fd.c, libarchive/archive_read_open_file.c,
      libarchive/archive_read_open_filename.c, add relevant tests in
      libarchive/test/test_read_format_rar.c
    - debian/patches/CVE-2025-5918-2.patch: Fix file skip offset handling in
      libarchive/archive_read_open_file.c
    - CVE-2025-5918
  * SECURITY UPDATE: Unbounded memory allocation during bsdtar substitution
    processing
    - debian/patches/CVE-2025-60753.patch: Advance zero-length matches in
      tar/subst.c and add tests in tar/test/test_option_s.c
    - CVE-2025-60753
  * SECURITY UPDATE: Infinite loop during RAR5 decompression
    - debian/patches/CVE-2026-4111.patch: Filter bounds in
      libarchive/archive_read_support_format_rar5.c and add loop regression
      tests in libarchive/test/test_read_format_rar5_loop_bug.c,
      libarchive/test/test_read_format_rar5_loop_bug.rar.uu
    - CVE-2026-4111

 -- Shafayat Hossain Majumder <email address hidden> Wed, 01 Apr 2026 14:22:39 -0400
CVE-2025-5918 A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowi
CVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s subst
CVE-2026-4111 A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path.

libarchive Apr 3rd 06:12
Release: noble Repo: main Level: updates New version: 3.7.2-2ubuntu0.6
Packages in group:  libarchive13t64 libarchive-dev

  libarchive (3.7.2-2ubuntu0.6) noble-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read during streamed archive skipping
    - debian/patches/CVE-2025-5918-1.patch: Prevent EOF-skipping in
      libarchive/archive_read_open_fd.c, libarchive/archive_read_open_file.c,
      libarchive/archive_read_open_filename.c, add relevant tests in
      libarchive/test/test_read_format_rar.c
    - debian/patches/CVE-2025-5918-2.patch: Fix file skip offset handling in
      libarchive/archive_read_open_file.c
    - CVE-2025-5918
  * SECURITY UPDATE: Unbounded memory allocation during bsdtar substitution
    processing
    - debian/patches/CVE-2025-60753.patch: Advance zero-length matches in
      tar/subst.c and add tests in tar/test/test_option_s.c
    - CVE-2025-60753
  * SECURITY UPDATE: Infinite loop during RAR5 decompression
    - debian/patches/CVE-2026-4111.patch: Filter bounds in
      libarchive/archive_read_support_format_rar5.c and add loop regression
      tests in libarchive/test/test_read_format_rar5_loop_bug.c,
      libarchive/test/test_read_format_rar5_loop_bug.rar.uu
    - CVE-2026-4111

 -- Shafayat Hossain Majumder <email address hidden> Wed, 01 Apr 2026 14:22:39 -0400
CVE-2025-5918 A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowi
CVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s subst
CVE-2026-4111 A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path.

libarchive Apr 3rd 06:12
Release: jammy Repo: universe Level: updates New version: 3.6.0-1ubuntu1.6
Packages in group:  libarchive-tools

  libarchive (3.6.0-1ubuntu1.6) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read during streamed archive skipping
    - debian/patches/CVE-2025-5918-1.patch: Prevent EOF-skipping in
      libarchive/archive_read_open_fd.c, libarchive/archive_read_open_file.c,
      libarchive/archive_read_open_filename.c, add relevant tests in
      libarchive/test/test_read_format_rar.c
    - debian/patches/CVE-2025-5918-2.patch: Fix file skip offset handling in
      libarchive/archive_read_open_file.c
    - CVE-2025-5918
  * SECURITY UPDATE: Unbounded memory allocation during bsdtar substitution
    processing
    - debian/patches/CVE-2025-60753.patch: Advance zero-length matches in
      tar/subst.c and add tests in tar/test/test_option_s.c
    - CVE-2025-60753
  * SECURITY UPDATE: Infinite loop during RAR5 decompression
    - debian/patches/CVE-2026-4111.patch: Filter bounds in
      libarchive/archive_read_support_format_rar5.c and add loop regression
      tests in libarchive/test/test_read_format_rar5_loop_bug.c,
      libarchive/test/test_read_format_rar5_loop_bug.rar.uu
    - CVE-2026-4111

 -- Shafayat Hossain Majumder <email address hidden> Wed, 01 Apr 2026 14:22:14 -0400
CVE-2025-5918 A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowi
CVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s subst
CVE-2026-4111 A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path.

libarchive Apr 3rd 06:12
Release: jammy Repo: main Level: updates New version: 3.6.0-1ubuntu1.6
Packages in group:  libarchive13 libarchive-dev

  libarchive (3.6.0-1ubuntu1.6) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read during streamed archive skipping
    - debian/patches/CVE-2025-5918-1.patch: Prevent EOF-skipping in
      libarchive/archive_read_open_fd.c, libarchive/archive_read_open_file.c,
      libarchive/archive_read_open_filename.c, add relevant tests in
      libarchive/test/test_read_format_rar.c
    - debian/patches/CVE-2025-5918-2.patch: Fix file skip offset handling in
      libarchive/archive_read_open_file.c
    - CVE-2025-5918
  * SECURITY UPDATE: Unbounded memory allocation during bsdtar substitution
    processing
    - debian/patches/CVE-2025-60753.patch: Advance zero-length matches in
      tar/subst.c and add tests in tar/test/test_option_s.c
    - CVE-2025-60753
  * SECURITY UPDATE: Infinite loop during RAR5 decompression
    - debian/patches/CVE-2026-4111.patch: Filter bounds in
      libarchive/archive_read_support_format_rar5.c and add loop regression
      tests in libarchive/test/test_read_format_rar5_loop_bug.c,
      libarchive/test/test_read_format_rar5_loop_bug.rar.uu
    - CVE-2026-4111

 -- Shafayat Hossain Majumder <email address hidden> Wed, 01 Apr 2026 14:22:14 -0400
CVE-2025-5918 A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowi
CVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s subst
CVE-2026-4111 A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path.

ubuntu-release-upgrader Apr 3rd 03:11
Release: questing Repo: universe Level: proposed New version: 1:25.10.9
Packages in group:  ubuntu-release-upgrader-qt

  ubuntu-release-upgrader (1:25.10.9) questing; urgency=medium

  * all: clean forgotten -m references (LP: #2146830)
  * DistUpgrade: correct version number in EOL announcements
  * Run pre-build.sh: updating mirrors.

 -- Nick Rosbrook <email address hidden> Mon, 30 Mar 2026 15:13:41 -0400

snapd Apr 3rd 03:11
Release: questing Repo: universe Level: proposed New version: 2.74.1+ubuntu25.10.4
Packages in group:  golang-github-snapcore-snapd-dev golang-github-ubuntu-core-snappy-dev snap-confine snapd-xdg-open ubuntu-core-launcher ubuntu-core-snapd-units ubuntu-snappy ubuntu-snappy-cli

  snapd (2.74.1+ubuntu25.10.4) questing; urgency=medium

   * New upstream release, LP: #2138629
    - FDE: secboot fixes
    - Security: CVE-2026-3888
    - Packaging: fix deb package version number
    - Packaging: fix autopkgtest failure to install spread
    - Packaging: revert dropping transitional packages
2138629 [SRU] 2.74.1
CVE-2026-3888 Local privilege escalation in snapd on Linux allows local attackers to ...

jpeg-xl Apr 3rd 03:11
Release: questing Repo: universe Level: updates New version: 0.11.1-6ubuntu1.1
Packages in group:  libjpegxl-java libjxl-devtools libjxl-tools

  jpeg-xl (0.11.1-6ubuntu1.1) questing-security; urgency=medium

  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2026-1837.patch: Fix allocated buffer lengths in
      lib/jxl/render_pipeline/stage_cms.cc.
    - CVE-2026-1837

 -- Edwin Jiang <email address hidden> Tue, 31 Mar 2026 16:08:54 -0400
CVE-2026-1837 A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninit

linux-restricted-signatures-gcp Apr 3rd 03:11
Release: questing Repo: restricted Level: proposed New version: 6.17.0-1012.12
Packages in group:  linux-modules-nvidia-580-open-6.17.0-1003-gcp linux-modules-nvidia-580-open-6.17.0-1004-gcp linux-modules-nvidia-580-open-6.17.0-1007-gcp linux-modules-nvidia-580-open-6.17.0-1008-gcp linux-modules-nvidia-580-open-6.17.0-1009-gcp linux-modules-nvidia-580-open-6.17.0-1011-gcp linux-modules-nvidia-580-open-6.17.0-1012-gcp linux-modules-nvidia-580-server-open-6.17.0-1003-gcp linux-modules-nvidia-580-server-open-6.17.0-1004-gcp linux-modules-nvidia-580-server-open-6.17.0-1007-gcp linux-modules-nvidia-580-server-open-6.17.0-1008-gcp (... see all)

  linux-restricted-signatures-gcp (6.17.0-1012.12) questing; urgency=medium

  * Main version: 6.17.0-1012.12

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Ian Whitfield <email address hidden> Thu, 26 Mar 2026 18:23:16 -0400
1786013 Packaging resync

linux-restricted-modules-gcp Apr 3rd 03:11
Release: questing Repo: restricted Level: proposed New version: 6.17.0-1012.12
Packages in group:  linux-modules-nvidia-525-server-gcp linux-modules-nvidia-525-server-gcp-6.17 linux-modules-nvidia-525-server-open-gcp linux-modules-nvidia-525-server-open-gcp-6.17 linux-modules-nvidia-535-gcp linux-modules-nvidia-535-gcp-6.17 linux-modules-nvidia-535-open-gcp linux-modules-nvidia-535-open-gcp-6.17 linux-modules-nvidia-535-server-gcp linux-modules-nvidia-535-server-gcp-6.17 linux-modules-nvidia-535-server-open-gcp (... see all)

  linux-restricted-modules-gcp (6.17.0-1012.12) questing; urgency=medium

  * Main version: 6.17.0-1012.12

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Ian Whitfield <email address hidden> Thu, 26 Mar 2026 18:23:16 -0400
1786013 Packaging resync

ubuntu-release-upgrader Apr 3rd 03:11
Release: questing Repo: main Level: proposed New version: 1:25.10.9
Packages in group:  python3-distupgrade ubuntu-release-upgrader-core ubuntu-release-upgrader-gtk

  ubuntu-release-upgrader (1:25.10.9) questing; urgency=medium

  * all: clean forgotten -m references (LP: #2146830)
  * DistUpgrade: correct version number in EOL announcements
  * Run pre-build.sh: updating mirrors.

 -- Nick Rosbrook <email address hidden> Mon, 30 Mar 2026 15:13:41 -0400
2146830 [SRU] kubuntu-devel-release-upgrade erroneously calls \

linux-signed-gcp Apr 3rd 03:11
Release: questing Repo: main Level: proposed New version: 6.17.0-1012.12
Packages in group:  linux-image-6.17.0-1003-gcp linux-image-6.17.0-1004-gcp linux-image-6.17.0-1007-gcp linux-image-6.17.0-1008-gcp linux-image-6.17.0-1009-gcp linux-image-6.17.0-1011-gcp linux-image-6.17.0-1012-gcp

  linux-signed-gcp (6.17.0-1012.12) questing; urgency=medium

  * Main version: 6.17.0-1012.12

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Ian Whitfield <email address hidden> Thu, 26 Mar 2026 18:22:51 -0400
1786013 Packaging resync


About   -   Send Feedback to @ubuntu_updates