UbuntuUpdates.org

Latest Changelogs for all releases

All releases Bionic Focal Jammy Noble Oracular Precise Trusty Xenial
Include all PPAs Exclude daily builds PPAs Exclude all PPAs
Include levels: securityupdatesproposedbackportsbase

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

firefox Oct 11th 06:56
This package belongs to a PPA: Mozilla ESR
Release: oracular Repo: main Level: base New version: 131.0.2+build1-0ubuntu0.24.10.1~mt1
Packages in group:  firefox-dbg firefox-dev firefox-geckodriver firefox-locale-af firefox-locale-an firefox-locale-ar firefox-locale-as firefox-locale-ast firefox-locale-az firefox-locale-be firefox-locale-bg (... see all)

 firefox (131.0.2+build1-0ubuntu0.24.10.1~mt1) oracular; urgency=medium
 .
   * New upstream release (131.0.2+build1)
 .


my-weather-indicator Oct 11th 06:56
This package belongs to a PPA: Atareao Atareao
Release: oracular Repo: main Level: base New version: 0.10.18-ppa1~ubuntu24.10
Packages in group: 

 my-weather-indicator (0.10.18-ppa1~ubuntu24.10) oracular; urgency=medium
 .
   * New upstream release


pipewire Oct 11th 06:56
This package belongs to a PPA: Ubuntu-desktop ppa
Release: oracular Repo: main Level: base New version: 1.2.3-1ubuntu1~build1
Packages in group:  gstreamer1.0-pipewire libpipewire-0.3-0t64 libpipewire-0.3-common libpipewire-0.3-dev libpipewire-0.3-modules libpipewire-0.3-modules-x11 libspa-0.2-bluetooth libspa-0.2-dev libspa-0.2-jack libspa-0.2-libcamera libspa-0.2-modules (... see all)

 pipewire (1.2.3-1ubuntu1~build1) oracular; urgency=medium
 .
   * Cherry pick upstream fixes to resolve issues where sometime a camera
     would not be listed unless the device was reconnected or pipewire
     restarted (lp: #2061687)

2061687 Snapshot doesn't work until camera is unplugged and plugged back in or pipewire or wireplumber is restarted

ubuntu-advantage-desktop-daemon Oct 11th 03:07
Release: noble Repo: main Level: updates New version: 1.11ubuntu0.1
Packages in group: 

  ubuntu-advantage-desktop-daemon (1.11ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: Pro client is called with attach parameter in plain text,
    allowing for potentially leak of private information. (LP: #2068944)
    - debian/patches/CVE-2024-6388.patch: Use a temporary file with 400
      permissions instead.
      https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24/
    - CVE-2024-6388

 -- Chris Kim <email address hidden> Fri, 04 Oct 2024 09:05:56 -0700

2068944 ubuntu-advantage-desktop-daemon (pro client in general) may expose the pro token to other users
CVE-2024-6388 Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the tok

ubuntu-advantage-desktop-daemon Oct 11th 03:07
Release: jammy Repo: main Level: updates New version: 1.10.ubuntu0.22.04.2
Packages in group: 

  ubuntu-advantage-desktop-daemon (1.10.ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Pro client is called with attach parameter in plain text,
    allowing for potentially leak of private information. (LP: #2068944)
    - debian/patches/CVE-2024-6388.patch: Use a temporary file with 400
      permissions instead.
      https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24/
    - CVE-2024-6388

 -- Chris Kim <email address hidden> Tue, 08 Oct 2024 14:39:35 -0700

2068944 ubuntu-advantage-desktop-daemon (pro client in general) may expose the pro token to other users
CVE-2024-6388 Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the tok

ubuntu-advantage-desktop-daemon Oct 11th 03:07
Release: focal Repo: main Level: updates New version: 1.10.ubuntu0.20.04.1
Packages in group: 

  ubuntu-advantage-desktop-daemon (1.10.ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: Pro client is called with attach parameter in plain text,
    allowing for potentially leak of private information. (LP: #2068944)
    - debian/patches/CVE-2024-6388.patch: Use a temporary file with 400
      permissions instead.
      https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24/
    - CVE-2024-6388

 -- Chris Kim <email address hidden> Fri, 04 Oct 2024 16:27:20 -0700

2068944 ubuntu-advantage-desktop-daemon (pro client in general) may expose the pro token to other users
CVE-2024-6388 Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the tok

ubuntu-advantage-desktop-daemon Oct 11th 02:07
Release: noble Repo: main Level: security New version: 1.11ubuntu0.1
Packages in group: 

  ubuntu-advantage-desktop-daemon (1.11ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: Pro client is called with attach parameter in plain text,
    allowing for potentially leak of private information. (LP: #2068944)
    - debian/patches/CVE-2024-6388.patch: Use a temporary file with 400
      permissions instead.
      https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24/
    - CVE-2024-6388

 -- Chris Kim <email address hidden> Fri, 04 Oct 2024 09:05:56 -0700

2068944 ubuntu-advantage-desktop-daemon (pro client in general) may expose the pro token to other users
CVE-2024-6388 Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the tok

ubuntu-advantage-desktop-daemon Oct 11th 02:07
Release: jammy Repo: main Level: security New version: 1.10.ubuntu0.22.04.2
Packages in group: 

  ubuntu-advantage-desktop-daemon (1.10.ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Pro client is called with attach parameter in plain text,
    allowing for potentially leak of private information. (LP: #2068944)
    - debian/patches/CVE-2024-6388.patch: Use a temporary file with 400
      permissions instead.
      https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24/
    - CVE-2024-6388

 -- Chris Kim <email address hidden> Tue, 08 Oct 2024 14:39:35 -0700

2068944 ubuntu-advantage-desktop-daemon (pro client in general) may expose the pro token to other users
CVE-2024-6388 Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the tok

ubuntu-advantage-desktop-daemon Oct 11th 02:07
Release: focal Repo: main Level: security New version: 1.10.ubuntu0.20.04.1
Packages in group: 

  ubuntu-advantage-desktop-daemon (1.10.ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: Pro client is called with attach parameter in plain text,
    allowing for potentially leak of private information. (LP: #2068944)
    - debian/patches/CVE-2024-6388.patch: Use a temporary file with 400
      permissions instead.
      https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24/
    - CVE-2024-6388

 -- Chris Kim <email address hidden> Fri, 04 Oct 2024 16:27:20 -0700

2068944 ubuntu-advantage-desktop-daemon (pro client in general) may expose the pro token to other users
CVE-2024-6388 Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the tok

nagios4 Oct 10th 23:07
Release: jammy Repo: universe Level: updates New version: 4.4.6-4ubuntu0.22.04.1
Packages in group:  nagios4-cgi nagios4-common nagios4-core

  nagios4 (4.4.6-4ubuntu0.22.04.1) jammy; urgency=medium

  * d/p/lp1953572-Fix-inconsistent-links-for-View-Trends-Alert.patch:
    Fix broken links in the View Trends and View Histogram menus.
    (LP: #1953572)

 -- Jorge Merlino <email address hidden> Mon, 29 Jul 2024 11:58:08 -0300

1953572 Broken links in the View Trends and the View Histogram menu

resource-agents Oct 10th 23:07
Release: jammy Repo: universe Level: updates New version: 1:4.7.0-1ubuntu7.3
Packages in group:  ldirectord resource-agents-extra

  resource-agents (1:4.7.0-1ubuntu7.3) jammy; urgency=medium

  * d/p/nfs-stop-unmount-fail.patch: report failure when stopping the
    nfs agent when unmounting operations fail (LP: #2065848)

 -- Athos Ribeiro <email address hidden> Fri, 20 Sep 2024 11:40:16 -0300

2065848 An ocf:heartbeat:nfsserver resource's stop operation succeeded despite the /var/lib/nfs filesystem failing to unmount.

resource-agents Oct 10th 23:07
Release: jammy Repo: main Level: updates New version: 1:4.7.0-1ubuntu7.3
Packages in group:  resource-agents-base resource-agents-common

  resource-agents (1:4.7.0-1ubuntu7.3) jammy; urgency=medium

  * d/p/nfs-stop-unmount-fail.patch: report failure when stopping the
    nfs agent when unmounting operations fail (LP: #2065848)

 -- Athos Ribeiro <email address hidden> Fri, 20 Sep 2024 11:40:16 -0300

2065848 An ocf:heartbeat:nfsserver resource's stop operation succeeded despite the /var/lib/nfs filesystem failing to unmount.

bind-dyndb-ldap Oct 10th 23:07
Release: focal Repo: universe Level: proposed New version: 11.2-1ubuntu0.1
Packages in group:  bind9-dyndb-ldap

  bind-dyndb-ldap (11.2-1ubuntu0.1) focal; urgency=medium

  * No change rebuild with bind9-libs 1:9.18.30-0ubuntu0.20.04.1
    (LP: #2073310)

 -- Lena Voytek <email address hidden> Thu, 10 Oct 2024 12:15:53 -0700

2073310 Backport of bind9 for focal, jammy and noble

nagios4 Oct 10th 23:07
Release: focal Repo: universe Level: updates New version: 4.3.4-3ubuntu0.1
Packages in group:  nagios4-cgi nagios4-common nagios4-core nagios4-dbg

  nagios4 (4.3.4-3ubuntu0.1) focal; urgency=medium

  * d/p/lp1953572-Fix-inconsistent-links-for-View-Trends-Alert.patch:
    Fix broken links in the View Trends and View Histogram menus.
    (LP: #1953572)

 -- Jorge Merlino <email address hidden> Mon, 29 Jul 2024 12:29:44 -0300

1953572 Broken links in the View Trends and the View Histogram menu

e2fsprogs Oct 10th 23:07
Release: focal Repo: universe Level: updates New version: 1.45.5-2ubuntu1.2
Packages in group:  e2fsck-static e2fsprogs-l10n fuse2fs

  e2fsprogs (1.45.5-2ubuntu1.2) focal; urgency=medium

  * Fix superblock checksum mismatch during resize2fs operations,
    most notably during online resize of cloud images during boot.
    Read the superblock with Direct I/O to ensure we get the correct
    view of the disk. (LP: #2036467)
    - lp2036467-resize2fs-use-Direct-I-O-when-reading-the-superblock.patch

 -- Matthew Ruffell <email address hidden> Mon, 09 Oct 2023 14:56:01 +1300




About   -   Send Feedback to @ubuntu_updates