Latest Changelogs for all releases

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

imagemagick			May 11th 11:07
Release: questing	Repo: universe	Level: updates	New version: 8:7.1.2.3+dfsg1-1ubuntu0.1
Packages in group:	imagemagick-7-common imagemagick-7-doc imagemagick-7.q16 imagemagick-7.q16hdri libimage-magick-perl libimage-magick-q16hdri-perl libimage-magick-q16-perl libmagick++-7-headers libmagick++-7.q16-5 libmagick++-7.q16-dev libmagick++-7.q16hdri-5 (... see all)
imagemagick (8:7.1.2.3+dfsg1-1ubuntu0.1) questing-security; urgency=medium * SEURITY UPDATE: Heap information disclosure - debian/patches/CVE-2026-24481.patch: Initialize the pixels with empty values to prevent possible heap information disclosure (GHSA- 96pc-27rx-pr36) - CVE-2026-24481 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2026-24484-1.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- wg3g-gvx5-2pmv - debian/patches/CVE-2026-24484-2.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- wg3g-gvx5-2pmv - CVE-2026-24484 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2026-24485-1.patch: [PATCH] https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- pqgj-2p96-rx85 - debian/patches/CVE-2026-24485-2.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- pqgj-2p96-rx85 - CVE-2026-24485 * SECURITY UPDATE: Path traversal - debian/patches/CVE-2026-25576.patch: Fixed out of bounds read in multiple coders that read raw pixel data (GHSA-jv4p-gjwq-9r2j) - CVE-2026-25576 * SECURITY UPDATE: Memory leak - debian/patches/CVE-2026-25637.patch: Fixed possible memory leak (GHSA-gm37-qx7w-p258) - CVE-2026-25637 * SECURITY UPDATE: Memory leak - debian/patches/CVE-2026-25638.patch: Fixed memory leak when writing MSL files (GHSA-gxcx-qjqp-8vjw) - CVE-2026-25638 * SECURITY UPDATE: Out-of-bounds write - debian/patches/CVE-2026-25794.patch: Prevent out of bounds heap write in uhdr encoder (https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA -vhqj-f5cj-9x8h) - CVE-2026-25794 * SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2026-25795.patch: Fixed NULL pointer dereference in ReadSFWImage (GHSA-p33r-fqw2-rqmm) - CVE-2026-25795 * SECURITY UPDATE: Memory leak - debian/patches/CVE-2026-25796.patch: Prevent memory leak in early exits (GHSA-g2pr-qxjg-7r2w) - CVE-2026-25796 * SECURITY UPDATE: Arbitrary code execution - debian/patches/CVE-2026-25797-1.patch: Prevent code injection via PostScript header (https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA -rw6c-xp26-225v) - debian/patches/CVE-2026-25797-2.patch: Properly escape the strings that are written as raw html (GHSA-rw6c-xp26-225v) - CVE-2026-25797 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2026-25798.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- p863-5fgm-rgq4 - CVE-2026-25798 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2026-25799.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- 543g-8grm-9cw6 - CVE-2026-25799 * SECURITY UPDATE: Out of bounds heap write - debian/patches/CVE-2026-25897.patch: (See more...)
CVE-2026-24481	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap infor
CVE-2026-24484	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails
CVE-2026-24485	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD f
CVE-2026-25576	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffe
CVE-2026-25637	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR
More...

imagemagick			May 11th 10:07
Release: questing	Repo: universe	Level: security	New version: 8:7.1.2.3+dfsg1-1ubuntu0.1
Packages in group:	imagemagick-7-common imagemagick-7-doc imagemagick-7.q16 imagemagick-7.q16hdri libimage-magick-perl libimage-magick-q16hdri-perl libimage-magick-q16-perl libmagick++-7-headers libmagick++-7.q16-5 libmagick++-7.q16-dev libmagick++-7.q16hdri-5 (... see all)
imagemagick (8:7.1.2.3+dfsg1-1ubuntu0.1) questing-security; urgency=medium * SEURITY UPDATE: Heap information disclosure - debian/patches/CVE-2026-24481.patch: Initialize the pixels with empty values to prevent possible heap information disclosure (GHSA- 96pc-27rx-pr36) - CVE-2026-24481 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2026-24484-1.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- wg3g-gvx5-2pmv - debian/patches/CVE-2026-24484-2.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- wg3g-gvx5-2pmv - CVE-2026-24484 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2026-24485-1.patch: [PATCH] https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- pqgj-2p96-rx85 - debian/patches/CVE-2026-24485-2.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- pqgj-2p96-rx85 - CVE-2026-24485 * SECURITY UPDATE: Path traversal - debian/patches/CVE-2026-25576.patch: Fixed out of bounds read in multiple coders that read raw pixel data (GHSA-jv4p-gjwq-9r2j) - CVE-2026-25576 * SECURITY UPDATE: Memory leak - debian/patches/CVE-2026-25637.patch: Fixed possible memory leak (GHSA-gm37-qx7w-p258) - CVE-2026-25637 * SECURITY UPDATE: Memory leak - debian/patches/CVE-2026-25638.patch: Fixed memory leak when writing MSL files (GHSA-gxcx-qjqp-8vjw) - CVE-2026-25638 * SECURITY UPDATE: Out-of-bounds write - debian/patches/CVE-2026-25794.patch: Prevent out of bounds heap write in uhdr encoder (https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA -vhqj-f5cj-9x8h) - CVE-2026-25794 * SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2026-25795.patch: Fixed NULL pointer dereference in ReadSFWImage (GHSA-p33r-fqw2-rqmm) - CVE-2026-25795 * SECURITY UPDATE: Memory leak - debian/patches/CVE-2026-25796.patch: Prevent memory leak in early exits (GHSA-g2pr-qxjg-7r2w) - CVE-2026-25796 * SECURITY UPDATE: Arbitrary code execution - debian/patches/CVE-2026-25797-1.patch: Prevent code injection via PostScript header (https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA -rw6c-xp26-225v) - debian/patches/CVE-2026-25797-2.patch: Properly escape the strings that are written as raw html (GHSA-rw6c-xp26-225v) - CVE-2026-25797 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2026-25798.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- p863-5fgm-rgq4 - CVE-2026-25798 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2026-25799.patch: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA- 543g-8grm-9cw6 - CVE-2026-25799 * SECURITY UPDATE: Out of bounds heap write - debian/patches/CVE-2026-25897.patch: (See more...)
CVE-2026-24481	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap infor
CVE-2026-24484	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails
CVE-2026-24485	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD f
CVE-2026-25576	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffe
CVE-2026-25637	ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR
More...

linux-restricted-signatures-nvidia			May 11th 08:07
Release: resolute	Repo: restricted	Level: updates	New version: 7.0.0-1006.6+1
Packages in group:	linux-modules-nvidia-580-open-7.0.0-1006-nvidia linux-modules-nvidia-580-server-open-7.0.0-1006-nvidia linux-modules-nvidia-595-open-7.0.0-1006-nvidia linux-modules-nvidia-595-server-open-7.0.0-1006-nvidia linux-signatures-nvidia-7.0.0-1006-nvidia
`linux-restricted-signatures-nvidia (7.0.0-1006.6+1) resolute; urgency=medium * Packaging resync (LP: #1786013) - [Packaging] debian/dkms-versions -- update from kernel-versions (adhoc/d2026.04.13) -- Andy Whitcroft <email address hidden> Tue, 28 Apr 2026 07:39:59 +0100`
1786013	Packaging resync

linux-restricted-modules-nvidia			May 11th 08:07
Release: resolute	Repo: restricted	Level: updates	New version: 7.0.0-1006.6+1
Packages in group:	linux-modules-nvidia-525-server-nvidia linux-modules-nvidia-525-server-nvidia-7.0 linux-modules-nvidia-525-server-nvidia-hwe-24.04 linux-modules-nvidia-525-server-nvidia-hwe-24.04-edge linux-modules-nvidia-525-server-open-nvidia linux-modules-nvidia-525-server-open-nvidia-7.0 linux-modules-nvidia-525-server-open-nvidia-hwe-24.04 linux-modules-nvidia-525-server-open-nvidia-hwe-24.04-edge linux-modules-nvidia-535-nvidia linux-modules-nvidia-535-nvidia-7.0 linux-modules-nvidia-535-nvidia-hwe-24.04 (... see all)
`linux-restricted-modules-nvidia (7.0.0-1006.6+1) resolute; urgency=medium * Packaging resync (LP: #1786013) - [Packaging] debian/dkms-versions -- update from kernel-versions (adhoc/d2026.04.13) -- Andy Whitcroft <email address hidden> Tue, 28 Apr 2026 07:39:59 +0100`
1786013	Packaging resync

linux-signed-nvidia			May 11th 08:07
Release: resolute	Repo: main	Level: updates	New version: 7.0.0-1006.6
Packages in group:	linux-image-7.0.0-1006-nvidia
`linux-signed-nvidia (7.0.0-1006.6) resolute; urgency=medium * Main version: 7.0.0-1006.6 * Packaging resync (LP: #1786013) - [Packaging] debian/tracking-bug -- resync from main package -- Jacob Martin <email address hidden> Tue, 14 Apr 2026 16:22:01 -0500`
1786013	Packaging resync

linux-meta-nvidia			May 11th 08:07
Release: resolute	Repo: main	Level: updates	New version: 7.0.0-1006.6
Packages in group:	linux-headers-nvidia linux-headers-nvidia-7.0 linux-headers-nvidia-hwe-24.04 linux-headers-nvidia-hwe-24.04-edge linux-image-nvidia linux-image-nvidia-7.0 linux-image-nvidia-hwe-24.04 linux-image-nvidia-hwe-24.04-edge linux-nvidia linux-nvidia-7.0 linux-nvidia-hwe-24.04 (... see all)
`linux-meta-nvidia (7.0.0-1006.6) resolute; urgency=medium * Main version: 7.0.0-1006.6 -- Jacob Martin <email address hidden> Tue, 14 Apr 2026 16:21:53 -0500`

linux-nvidia-tegra-modules-signed			May 11th 08:07
Release: noble	Repo: universe	Level: updates	New version: 6.8.0-1023.23
Packages in group:	linux-nvidia-tegra-tegra-igpu-igx-2.0-defaults linux-nvidia-tegra-tegra-igpu-jetson-defaults linux-nvidia-tegra-tegra-oot-igx-2.0-defaults linux-nvidia-tegra-tegra-oot-igx-2.0-uc-defaults linux-nvidia-tegra-tegra-oot-jetson-defaults linux-nvidia-tegra-tegra-oot-jetson-uc-defaults
`linux-nvidia-tegra-modules-signed (6.8.0-1023.23) noble; urgency=medium * Main version: 6.8.0-1023.23 -- Noah Wager <email address hidden> Tue, 28 Apr 2026 12:31:59 -0700`

linux-nvidia-tegra			May 11th 08:07
Release: noble	Repo: universe	Level: updates	New version: 6.8.0-1023.23
Packages in group:	linux-nvidia-tegra-headers-6.8.0-1008 linux-nvidia-tegra-headers-6.8.0-1009 linux-nvidia-tegra-headers-6.8.0-1010 linux-nvidia-tegra-headers-6.8.0-1012 linux-nvidia-tegra-headers-6.8.0-1013 linux-nvidia-tegra-headers-6.8.0-1016 linux-nvidia-tegra-headers-6.8.0-1019 linux-nvidia-tegra-headers-6.8.0-1020 linux-nvidia-tegra-headers-6.8.0-1021 linux-nvidia-tegra-headers-6.8.0-1022 linux-nvidia-tegra-headers-6.8.0-1023 (... see all)
linux-nvidia-tegra (6.8.0-1023.23) noble; urgency=medium * noble/linux-nvidia-tegra: 6.8.0-1023.23 -proposed tracker (LP: #2147873) [ Ubuntu-realtime: 6.8.1-1048.49 ] * noble/linux-realtime: 6.8.1-1048.49 -proposed tracker (LP: #2147879) [ Ubuntu: 6.8.0-111.111 ] * noble/linux: 6.8.0-111.111 -proposed tracker (LP: #2147890) * CVE-2026-23231 - netfilter: nf_tables: fix use-after-free in nf_tables_addchain() * macvlan: observe an RCU grace period in macvlan_common_newlink() error path (LP: #2144380) // CVE-2026-23209 - macvlan: observe an RCU grace period in macvlan_common_newlink() error path * CVE-2026-23112 - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec -- Noah Wager <email address hidden> Tue, 28 Apr 2026 12:30:00 -0700
2144380	macvlan: observe an RCU grace period in macvlan_common_newlink() error path
CVE-2026-23231	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addc
CVE-2026-23209	In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice r
CVE-2026-23112	In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_i

linux-xilinx-zynqmp			May 11th 08:07
Release: jammy	Repo: universe	Level: updates	New version: 5.15.0-1070.74
Packages in group:	linux-xilinx-zynqmp-headers-5.15.0-1022 linux-xilinx-zynqmp-headers-5.15.0-1023 linux-xilinx-zynqmp-headers-5.15.0-1025 linux-xilinx-zynqmp-headers-5.15.0-1027 linux-xilinx-zynqmp-headers-5.15.0-1030 linux-xilinx-zynqmp-headers-5.15.0-1031 linux-xilinx-zynqmp-headers-5.15.0-1035 linux-xilinx-zynqmp-headers-5.15.0-1036 linux-xilinx-zynqmp-headers-5.15.0-1037 linux-xilinx-zynqmp-headers-5.15.0-1038 linux-xilinx-zynqmp-headers-5.15.0-1039 (... see all)
linux-xilinx-zynqmp (5.15.0-1070.74) jammy; urgency=medium * jammy/linux-xilinx-zynqmp: 5.15.0-1070.74 -proposed tracker (LP: #2147837) [ Ubuntu: 5.15.0-177.187 ] * jammy/linux: 5.15.0-177.187 -proposed tracker (LP: #2147840) * macvlan: observe an RCU grace period in macvlan_common_newlink() error path (LP: #2144380) // CVE-2026-23209 - macvlan: observe an RCU grace period in macvlan_common_newlink() error path * CVE-2023-2640 // CVE-2023-32629 - SAUCE: Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs" - SAUCE: overlayfs: default to userxattr when mounted from non initial user namespace * CVE-2026-23112 - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec -- Stewart Hore <email address hidden> Mon, 27 Apr 2026 22:25:04 +1000
2144380	macvlan: observe an RCU grace period in macvlan_common_newlink() error path
CVE-2026-23209	In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice r
CVE-2023-2640	On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overl ...
CVE-2023-32629	Local privilege escalation vulnerability in Ubuntu Kernels overlayfs o ...
CVE-2026-23112	In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_i

firefox			May 10th 17:08
This package belongs to a PPA: Mozilla ESR
Release: resolute	Repo: main	Level: base	New version: 150.0.2+build2-0ubuntu0.26.04.1~mt1
Packages in group:	firefox-dbg firefox-dev firefox-geckodriver firefox-locale-af firefox-locale-an firefox-locale-ar firefox-locale-as firefox-locale-ast firefox-locale-az firefox-locale-be firefox-locale-bg (... see all)
`firefox (150.0.2+build2-0ubuntu0.26.04.1~mt1) resolute; urgency=medium . * New upstream release (150.0.2+build2) .`

firefox-esr			May 10th 17:08
This package belongs to a PPA: Mozilla ESR
Release: noble	Repo: main	Level: base	New version: 140.10.2esr+build1-0ubuntu0.24.04.1~mt1
Packages in group:	firefox-esr-dbg firefox-esr-dev firefox-esr-geckodriver firefox-esr-locale-af firefox-esr-locale-an firefox-esr-locale-ar firefox-esr-locale-as firefox-esr-locale-ast firefox-esr-locale-az firefox-esr-locale-be firefox-esr-locale-bg (... see all)
`firefox-esr (140.10.2esr+build1-0ubuntu0.24.04.1~mt1) noble; urgency=medium . * New upstream stable release (FIREFOX_140_10_2esr_BUILD1)`

firefox			May 10th 17:08
This package belongs to a PPA: Mozilla ESR
Release: noble	Repo: main	Level: base	New version: 150.0.2+build2-0ubuntu0.24.04.1~mt1
Packages in group:	firefox-dbg firefox-dev firefox-geckodriver firefox-locale-af firefox-locale-an firefox-locale-ar firefox-locale-as firefox-locale-ast firefox-locale-az firefox-locale-be firefox-locale-bg (... see all)
`firefox (150.0.2+build2-0ubuntu0.24.04.1~mt1) noble; urgency=medium . * New upstream release (150.0.2+build2) .`

firefox			May 10th 17:08
This package belongs to a PPA: Mozilla ESR
Release: jammy	Repo: main	Level: base	New version: 150.0.2+build2-0ubuntu0.22.04.1~mt1
Packages in group:	firefox-dbg firefox-dev firefox-geckodriver firefox-locale-af firefox-locale-an firefox-locale-ar firefox-locale-as firefox-locale-ast firefox-locale-az firefox-locale-be firefox-locale-bg (... see all)
`firefox (150.0.2+build2-0ubuntu0.22.04.1~mt1) jammy; urgency=medium . * New upstream release (150.0.2+build2) .`

firefox-esr			May 10th 16:08
This package belongs to a PPA: Mozilla ESR
Release: questing	Repo: main	Level: base	New version: 140.10.2esr+build1-0ubuntu0.25.10.1~mt1
Packages in group:	firefox-esr-dbg firefox-esr-dev firefox-esr-geckodriver firefox-esr-locale-af firefox-esr-locale-an firefox-esr-locale-ar firefox-esr-locale-as firefox-esr-locale-ast firefox-esr-locale-az firefox-esr-locale-be firefox-esr-locale-bg (... see all)
`firefox-esr (140.10.2esr+build1-0ubuntu0.25.10.1~mt1) questing; urgency=medium . * New upstream stable release (FIREFOX_140_10_2esr_BUILD1)`

firefox			May 10th 16:08
This package belongs to a PPA: Mozilla ESR
Release: questing	Repo: main	Level: base	New version: 150.0.2+build2-0ubuntu0.25.10.1~mt1
Packages in group:	firefox-dbg firefox-dev firefox-geckodriver firefox-locale-af firefox-locale-an firefox-locale-ar firefox-locale-as firefox-locale-ast firefox-locale-az firefox-locale-be firefox-locale-bg (... see all)
`firefox (150.0.2+build2-0ubuntu0.25.10.1~mt1) questing; urgency=medium . * New upstream release (150.0.2+build2)`

About - Send Feedback to @ubuntu_updates