Latest Changelogs for all releases

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

openssh			Apr 11th 04:07
Release: questing	Repo: universe	Level: proposed	New version: 1:10.0p1-5ubuntu5.2
Packages in group:	openssh-client-gssapi openssh-server-gssapi openssh-tests ssh-askpass-gnome
`openssh (1:10.0p1-5ubuntu5.2) questing; urgency=medium * repair test after changes to percent expansion of usernames (LP: #2147451) -- Nick Rosbrook <email address hidden> Tue, 07 Apr 2026 10:00:59 -0400`
2147451	openssh: security update on questing introduces autopkgtest regression

linux-restricted-signatures-oracle			Apr 11th 04:07
Release: questing	Repo: restricted	Level: proposed	New version: 6.17.0-1011.11
Packages in group:	linux-modules-nvidia-580-open-6.17.0-1003-oracle linux-modules-nvidia-580-open-6.17.0-1004-oracle linux-modules-nvidia-580-open-6.17.0-1007-oracle linux-modules-nvidia-580-open-6.17.0-1008-oracle linux-modules-nvidia-580-open-6.17.0-1009-oracle linux-modules-nvidia-580-open-6.17.0-1011-oracle linux-modules-nvidia-580-server-open-6.17.0-1003-oracle linux-modules-nvidia-580-server-open-6.17.0-1004-oracle linux-modules-nvidia-580-server-open-6.17.0-1007-oracle linux-modules-nvidia-580-server-open-6.17.0-1008-oracle linux-modules-nvidia-580-server-open-6.17.0-1009-oracle (... see all)
`linux-restricted-signatures-oracle (6.17.0-1011.11) questing; urgency=medium * Main version: 6.17.0-1011.11 * Packaging resync (LP: #1786013) - [Packaging] debian/tracking-bug -- resync from main package -- Vinicius Peixoto <email address hidden> Tue, 07 Apr 2026 22:20:01 -0300`
1786013	Packaging resync

linux-restricted-modules-oracle			Apr 11th 04:07
Release: questing	Repo: restricted	Level: proposed	New version: 6.17.0-1011.11
Packages in group:	linux-modules-nvidia-525-server-open-oracle linux-modules-nvidia-525-server-open-oracle-6.17 linux-modules-nvidia-525-server-oracle linux-modules-nvidia-525-server-oracle-6.17 linux-modules-nvidia-535-open-oracle linux-modules-nvidia-535-open-oracle-6.17 linux-modules-nvidia-535-oracle linux-modules-nvidia-535-oracle-6.17 linux-modules-nvidia-535-server-open-oracle linux-modules-nvidia-535-server-open-oracle-6.17 linux-modules-nvidia-535-server-oracle (... see all)
`linux-restricted-modules-oracle (6.17.0-1011.11) questing; urgency=medium * Main version: 6.17.0-1011.11 * Packaging resync (LP: #1786013) - [Packaging] debian/tracking-bug -- resync from main package -- Vinicius Peixoto <email address hidden> Tue, 07 Apr 2026 22:20:01 -0300`
1786013	Packaging resync

openssh			Apr 11th 04:07
Release: questing	Repo: main	Level: proposed	New version: 1:10.0p1-5ubuntu5.2
Packages in group:	openssh-client openssh-server openssh-sftp-server ssh
`openssh (1:10.0p1-5ubuntu5.2) questing; urgency=medium * repair test after changes to percent expansion of usernames (LP: #2147451) -- Nick Rosbrook <email address hidden> Tue, 07 Apr 2026 10:00:59 -0400`
2147451	openssh: security update on questing introduces autopkgtest regression

linux-signed-oracle			Apr 11th 04:07
Release: questing	Repo: main	Level: proposed	New version: 6.17.0-1011.11
Packages in group:	linux-image-6.17.0-1003-oracle linux-image-6.17.0-1004-oracle linux-image-6.17.0-1007-oracle linux-image-6.17.0-1008-oracle linux-image-6.17.0-1009-oracle linux-image-6.17.0-1011-oracle
`linux-signed-oracle (6.17.0-1011.11) questing; urgency=medium * Main version: 6.17.0-1011.11 * Packaging resync (LP: #1786013) - [Packaging] debian/tracking-bug -- resync from main package -- Vinicius Peixoto <email address hidden> Tue, 07 Apr 2026 22:19:41 -0300`
1786013	Packaging resync

linux-meta-oracle			Apr 11th 04:07
Release: questing	Repo: main	Level: proposed	New version: 6.17.0-1011.11
Packages in group:	linux-headers-oracle linux-headers-oracle-6.17 linux-image-oracle linux-image-oracle-6.17 linux-oracle linux-oracle-6.17 linux-tools-oracle linux-tools-oracle-6.17
`linux-meta-oracle (6.17.0-1011.11) questing; urgency=medium * Main version: 6.17.0-1011.11 -- Vinicius Peixoto <email address hidden> Tue, 07 Apr 2026 22:19:26 -0300`

rustc-1.78			Apr 11th 04:07
Release: noble	Repo: universe	Level: updates	New version: 1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2
Packages in group:	cargo-1.78 cargo-1.78-doc libstd-rust-1.78 libstd-rust-1.78-dev rust-1.78-all rust-1.78-clippy rust-1.78-doc rust-1.78-gdb rust-1.78-lldb rust-1.78-src rustfmt-1.78 (... see all)
`rustc-1.78 (1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2) noble; urgency=medium * d/p/upstream/u-tar-cve-2026-33056: fix vulnerability (LP: #2145764) -- Petrichor Park <email address hidden> Tue, 24 Mar 2026 12:52:01 -0500`

rustc-1.78			Apr 11th 04:07
Release: jammy	Repo: universe	Level: updates	New version: 1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1
Packages in group:	cargo-1.78 cargo-1.78-doc libstd-rust-1.78 libstd-rust-1.78-dev rust-1.78-all rust-1.78-clippy rust-1.78-doc rust-1.78-gdb rust-1.78-lldb rust-1.78-src rustfmt-1.78 (... see all)
`rustc-1.78 (1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1) jammy; urgency=medium * d/p/upstream/u-tar-cve-2026-33056: fix vulnerability (LP: #2145764) -- Petrichor Park <email address hidden> Tue, 24 Mar 2026 13:07:53 -0500`

rustc-1.78			Apr 10th 23:08
Release: noble	Repo: universe	Level: security	New version: 1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2
Packages in group:	cargo-1.78 cargo-1.78-doc libstd-rust-1.78 libstd-rust-1.78-dev rust-1.78-all rust-1.78-clippy rust-1.78-doc rust-1.78-gdb rust-1.78-lldb rust-1.78-src rustfmt-1.78 (... see all)
`rustc-1.78 (1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2) noble; urgency=medium * d/p/upstream/u-tar-cve-2026-33056: fix vulnerability (LP: #2145764) -- Petrichor Park <email address hidden> Tue, 24 Mar 2026 12:52:01 -0500`

rustc-1.78			Apr 10th 23:07
Release: jammy	Repo: universe	Level: security	New version: 1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1
Packages in group:	cargo-1.78 cargo-1.78-doc libstd-rust-1.78 libstd-rust-1.78-dev rust-1.78-all rust-1.78-clippy rust-1.78-doc rust-1.78-gdb rust-1.78-lldb rust-1.78-src rustfmt-1.78 (... see all)
`rustc-1.78 (1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1) jammy; urgency=medium * d/p/upstream/u-tar-cve-2026-33056: fix vulnerability (LP: #2145764) -- Petrichor Park <email address hidden> Tue, 24 Mar 2026 13:07:53 -0500`

qemu			Apr 10th 06:08
Release: questing	Repo: universe	Level: updates	New version: 1:10.1.0+ds-5ubuntu2.6
Packages in group:	qemu-block-supplemental qemu-guest-agent qemu-system-x86-xen qemu-system-xen qemu-user qemu-user-binfmt
qemu (1:10.1.0+ds-5ubuntu2.6) questing-security; urgency=medium * SECURITY UPDATE: use-after-free - debian/patches/CVE-2024-6519.patch: keep a reference to the device while SCRIPTS in hw/scsi/lsi53c895a.c. - CVE-2024-6519 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2026-2243.patch: fix OOB read in vmdk_read_extent() in block/vmdk.c. - CVE-2026-2243 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2026-3195-1.patch: fix max_size bounds check in input cb in hw/audio/virtio-snd.c. - debian/patches/CVE-2026-3195-2.patch: tighten read amount in in_cb in hw/audio/virtio-snd.c. - CVE-2026-3195 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2026-3196.patch: handle 5.14.6.2 for PCM_INFO properly in hw/audio/virtio-snd.c. - CVE-2026-3196 * SECURITY UPDATE: out-of-bounds write - debian/patches/CVE-2026-3842.patch: check length returned by cpu_physical_memory_map() in hw/hyperv/syndbg.c. - CVE-2026-3842 -- Fabian Toepfer <email address hidden> Wed, 01 Apr 2026 18:16:15 +0200
CVE-2024-6519	A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.
CVE-2026-2243	A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of

qemu			Apr 10th 06:08
Release: questing	Repo: main	Level: updates	New version: 1:10.1.0+ds-5ubuntu2.6
Packages in group:	qemu-block-extra qemu-system qemu-system-arm qemu-system-common qemu-system-data qemu-system-gui qemu-system-mips qemu-system-misc qemu-system-modules-opengl qemu-system-modules-spice qemu-system-ppc (... see all)
qemu (1:10.1.0+ds-5ubuntu2.6) questing-security; urgency=medium * SECURITY UPDATE: use-after-free - debian/patches/CVE-2024-6519.patch: keep a reference to the device while SCRIPTS in hw/scsi/lsi53c895a.c. - CVE-2024-6519 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2026-2243.patch: fix OOB read in vmdk_read_extent() in block/vmdk.c. - CVE-2026-2243 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2026-3195-1.patch: fix max_size bounds check in input cb in hw/audio/virtio-snd.c. - debian/patches/CVE-2026-3195-2.patch: tighten read amount in in_cb in hw/audio/virtio-snd.c. - CVE-2026-3195 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2026-3196.patch: handle 5.14.6.2 for PCM_INFO properly in hw/audio/virtio-snd.c. - CVE-2026-3196 * SECURITY UPDATE: out-of-bounds write - debian/patches/CVE-2026-3842.patch: check length returned by cpu_physical_memory_map() in hw/hyperv/syndbg.c. - CVE-2026-3842 -- Fabian Toepfer <email address hidden> Wed, 01 Apr 2026 18:16:15 +0200
CVE-2024-6519	A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.
CVE-2026-2243	A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of

qemu			Apr 10th 06:08
Release: noble	Repo: universe	Level: updates	New version: 1:8.2.2+ds-0ubuntu1.16
Packages in group:	qemu-block-supplemental qemu-guest-agent qemu-system-x86-xen qemu-system-xen qemu-user qemu-user-binfmt qemu-user-static
qemu (1:8.2.2+ds-0ubuntu1.16) noble-security; urgency=medium * SECURITY UPDATE: use-after-free - debian/patches/CVE-2024-6519.patch: keep a reference to the device while SCRIPTS in hw/scsi/lsi53c895a.c. - CVE-2024-6519 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2026-2243.patch: fix OOB read in vmdk_read_extent() in block/vmdk.c. - CVE-2026-2243 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2026-3195-1.patch: fix max_size bounds check in input cb in hw/audio/virtio-snd.c. - debian/patches/CVE-2026-3195-2.patch: tighten read amount in in_cb in hw/audio/virtio-snd.c. - CVE-2026-3195 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2026-3196.patch: handle 5.14.6.2 for PCM_INFO properly in hw/audio/virtio-snd.c. - CVE-2026-3196 * SECURITY UPDATE: out-of-bounds write - debian/patches/CVE-2026-3842.patch: check length returned by cpu_physical_memory_map() in hw/hyperv/syndbg.c. - CVE-2026-3842 -- Fabian Toepfer <email address hidden> Wed, 08 Apr 2026 11:57:03 +0200
CVE-2024-6519	A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.
CVE-2026-2243	A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of

qemu			Apr 10th 06:08
Release: noble	Repo: main	Level: updates	New version: 1:8.2.2+ds-0ubuntu1.16
Packages in group:	qemu-block-extra qemu-system qemu-system-arm qemu-system-common qemu-system-data qemu-system-gui qemu-system-mips qemu-system-misc qemu-system-modules-opengl qemu-system-modules-spice qemu-system-ppc (... see all)
qemu (1:8.2.2+ds-0ubuntu1.16) noble-security; urgency=medium * SECURITY UPDATE: use-after-free - debian/patches/CVE-2024-6519.patch: keep a reference to the device while SCRIPTS in hw/scsi/lsi53c895a.c. - CVE-2024-6519 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2026-2243.patch: fix OOB read in vmdk_read_extent() in block/vmdk.c. - CVE-2026-2243 * SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2026-3195-1.patch: fix max_size bounds check in input cb in hw/audio/virtio-snd.c. - debian/patches/CVE-2026-3195-2.patch: tighten read amount in in_cb in hw/audio/virtio-snd.c. - CVE-2026-3195 * SECURITY UPDATE: integer overflow - debian/patches/CVE-2026-3196.patch: handle 5.14.6.2 for PCM_INFO properly in hw/audio/virtio-snd.c. - CVE-2026-3196 * SECURITY UPDATE: out-of-bounds write - debian/patches/CVE-2026-3842.patch: check length returned by cpu_physical_memory_map() in hw/hyperv/syndbg.c. - CVE-2026-3842 -- Fabian Toepfer <email address hidden> Wed, 08 Apr 2026 11:57:03 +0200
CVE-2024-6519	A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.
CVE-2026-2243	A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of

qemu			Apr 10th 06:08
Release: jammy	Repo: universe	Level: updates	New version: 1:6.2+dfsg-2ubuntu6.30
Packages in group:	qemu-guest-agent qemu-system-x86-microvm qemu-system-x86-xen qemu-user qemu-user-binfmt qemu-user-static
qemu (1:6.2+dfsg-2ubuntu6.30) jammy-security; urgency=medium * SECURITY UPDATE: use-after-free - debian/patches/CVE-2024-6519-pre1.patch: dd missing decrement of reentrancy counter in hw/scsi/lsi53c895a.c. - debian/patches/CVE-2024-6519.patch: keep a reference to the device while SCRIPTS in hw/scsi/lsi53c895a.c. - CVE-2024-6519 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2026-2243.patch: fix OOB read in vmdk_read_extent() in block/vmdk.c. - CVE-2026-2243 -- Fabian Toepfer <email address hidden> Wed, 01 Apr 2026 18:19:07 +0200
CVE-2024-6519	A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.
CVE-2026-2243	A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of

About - Send Feedback to @ubuntu_updates