UbuntuUpdates.org

Release natty does not exist.

Latest Changelogs for all releases

All releases Bionic Focal Jammy Lunar Mantic Noble Precise Trusty Xenial
Include all PPAs Exclude daily builds PPAs Exclude all PPAs
Include levels: securityupdatesbackportsproposedbase

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

linux-meta-azure-fde Apr 26th 09:06
Release: jammy Repo: main Level: proposed New version: 5.15.0.1063.72.41
Packages in group:  linux-azure-fde-lts-22.04 linux-cloud-tools-azure-fde-lts-22.04 linux-headers-azure-fde-lts-22.04 linux-image-azure-fde-lts-22.04 linux-modules-extra-azure-fde-lts-22.04 linux-tools-azure-fde-lts-22.04

  linux-meta-azure-fde (5.15.0.1063.72.41) jammy; urgency=medium

  * Bump ABI 5.15.0-1063.72

 -- Stefan Bader <email address hidden> Wed, 17 Apr 2024 17:51:31 +0200

linux-xilinx-zynqmp Apr 26th 07:07
Release: jammy Repo: universe Level: proposed New version: 5.15.0-1029.33
Packages in group:  linux-xilinx-zynqmp-headers-5.15.0-1021 linux-xilinx-zynqmp-headers-5.15.0-1022 linux-xilinx-zynqmp-headers-5.15.0-1023 linux-xilinx-zynqmp-headers-5.15.0-1024 linux-xilinx-zynqmp-headers-5.15.0-1025 linux-xilinx-zynqmp-headers-5.15.0-1027 linux-xilinx-zynqmp-headers-5.15.0-1029 linux-xilinx-zynqmp-tools-common linux-xilinx-zynqmp-tools-host

  linux-xilinx-zynqmp (5.15.0-1029.33) jammy; urgency=medium

  * jammy/linux-xilinx-zynqmp: 5.15.0-1029.33 -proposed tracker (LP: #2061809)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
    - [Packaging] drop ABI data
    - [Packaging] debian.zynqmp/dkms-versions -- update from kernel-versions
      (main/2024.04.01)

  * Jammy update: v5.15.148 upstream stable release (LP: #2055145)
    - [Config] update annotations for CONFIG_MMC_SDHCI_AM654

  * Jammy update: v5.15.149 upstream stable release (LP: #2059014)
    - [Config] updateconfigs for MFD_TI_AM335X_TSCADC

  * Backport AXI 1-wire host driver (LP: #2058707)
    - dt-bindings: w1: Add AMD AXI w1 host and MAINTAINERS entry
    - w1: Add AXI 1-wire host driver for AMD programmable logic IP core
    - w1: amd_axi_w1: Explicitly include correct DT includes
    - [Config] Enable CONFIG_W1_MASTER_AMD_AXI

  * Unsupported platform 'ZynqMP KV260 revB (LP: #2058321)
    - [Packaging] Add breaks on flash-kernel older than 3.104ubuntu20

  * Update on-chip oscillator clock nodes for Kria (LP: #2055241)
    - arm64: zynqmp: Sync clock labels with kr260 revB
    - arm64: zynqmp: Describe 25MHz fixed clock for PL GEMs
    - arm64: zynqmp: Fix kr260 clock wiring

  [ Ubuntu: 5.15.0-106.116 ]

  * jammy/linux: 5.15.0-106.116 -proposed tracker (LP: #2061812)
  * CVE-2024-2201
    - x86/bugs: Use sysfs_emit()
    - KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs
    - KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace
    - KVM: x86: Use a switch statement and macros in __feature_translate()
    - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
    - x86/syscall: Don't force use of indirect calls for system calls
    - x86/bhi: Add support for clearing branch history at syscall entry
    - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
    - x86/bhi: Enumerate Branch History Injection (BHI) bug
    - x86/bhi: Add BHI mitigation knob
    - x86/bhi: Mitigate KVM by default
    - KVM: x86: Add BHI_NO
    - [Config] Set CONFIG_BHI to enabled (auto)
  * Drop fips-checks script from trees (LP: #2055083)
    - [Packaging] Remove fips-checks script
  * alsa/realtek: adjust max output valume for headphone on 2 LG machines
    (LP: #2058573)
    - ALSA: hda/realtek: fix the hp playback volume issue for LG machines
  * A general-proteciton exception during guest migration to unsupported PKRU
    machine (LP: #2032164)
    - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer
    - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2}
  * [ICX] [SPR] [ipc/msg] performance: Mitigate the lock contention with percpu
    counter (LP: #2058485)
    - ipc: check checkpoint_restore_ns_capable() to modify C/R proc files
    - ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL
    - ipc: Store mqueue sysctls in the ipc namespace
    - ipc: Store ipc sysctls in the ipc namespace
    - ipc: Use the same namespace to

(See more...)
1786013 Packaging resync
2055145 Jammy update: v5.15.148 upstream stable release
2059014 Jammy update: v5.15.149 upstream stable release
2058707 Backport AXI 1-wire host driver
2058321 Unsupported platform 'ZynqMP KV260 revB
More...

nghttp2 Apr 26th 00:07
Release: mantic Repo: universe Level: updates New version: 1.55.1-1ubuntu0.2
Packages in group:  nghttp2-client nghttp2-proxy nghttp2-server

  nghttp2 (1.55.1-1ubuntu0.2) mantic-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Wed, 17 Apr 2024 16:45:46 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

nghttp2 Apr 26th 00:07
Release: mantic Repo: universe Level: security New version: 1.55.1-1ubuntu0.2
Packages in group:  nghttp2-client nghttp2-proxy nghttp2-server

  nghttp2 (1.55.1-1ubuntu0.2) mantic-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Wed, 17 Apr 2024 16:45:46 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

nghttp2 Apr 26th 00:07
Release: mantic Repo: main Level: updates New version: 1.55.1-1ubuntu0.2
Packages in group:  libnghttp2-14 libnghttp2-dev libnghttp2-doc

  nghttp2 (1.55.1-1ubuntu0.2) mantic-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Wed, 17 Apr 2024 16:45:46 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

nghttp2 Apr 26th 00:07
Release: mantic Repo: main Level: security New version: 1.55.1-1ubuntu0.2
Packages in group:  libnghttp2-14 libnghttp2-dev libnghttp2-doc

  nghttp2 (1.55.1-1ubuntu0.2) mantic-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Wed, 17 Apr 2024 16:45:46 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

nghttp2 Apr 26th 00:07
Release: jammy Repo: universe Level: updates New version: 1.43.0-1ubuntu0.2
Packages in group:  nghttp2-client nghttp2-proxy nghttp2-server

  nghttp2 (1.43.0-1ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Thu, 18 Apr 2024 09:14:38 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

nghttp2 Apr 26th 00:07
Release: jammy Repo: universe Level: security New version: 1.43.0-1ubuntu0.2
Packages in group:  nghttp2-client nghttp2-proxy nghttp2-server

  nghttp2 (1.43.0-1ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Thu, 18 Apr 2024 09:14:38 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

tracker-miners Apr 26th 00:07
Release: jammy Repo: main Level: updates New version: 3.3.3-0ubuntu0.20.04.3
Packages in group:  tracker-extract tracker-miner-fs

  tracker-miners (3.3.3-0ubuntu0.20.04.3) jammy; urgency=medium

  * Allow epoll_create1 call in seccomp whitelist (LP: #1990630)
    - d/p/seccomp-allow-epoll-create1.patch

 -- Talha Can Havadar <email address hidden> Wed, 03 Apr 2024 13:27:56 +0200
1990630 [SRU] tracker-extract-3 crashed with signal 31 in __GI_epoll_create1()

nghttp2 Apr 26th 00:07
Release: jammy Repo: main Level: updates New version: 1.43.0-1ubuntu0.2
Packages in group:  libnghttp2-14 libnghttp2-dev libnghttp2-doc

  nghttp2 (1.43.0-1ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Thu, 18 Apr 2024 09:14:38 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

gce-compute-image-packages Apr 26th 00:07
Release: jammy Repo: main Level: updates New version: 20230808.00-0ubuntu1~22.04.1
Packages in group:  google-compute-engine

  gce-compute-image-packages (20230808.00-0ubuntu1~22.04.1) jammy; urgency=medium

  * debian/99-gce.rules:
    * The previous rule forced an I/O scheduler on all disk types. This
      has now been re-scoped to only affect HDDs.
    * The I/O scheduler has also been changed from "NOOP" to "NONE"
      which performed much better in testing.
    * LP: #2045708.

 -- Chloé 'kajiya' Smith <email address hidden> Tue, 09 Jan 2024 23:19:03 +0000
2045708 [SRU] Improve debian/99-gce.rules to set schedulers based on disk

nghttp2 Apr 26th 00:07
Release: jammy Repo: main Level: security New version: 1.43.0-1ubuntu0.2
Packages in group:  libnghttp2-14 libnghttp2-dev libnghttp2-doc

  nghttp2 (1.43.0-1ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Thu, 18 Apr 2024 09:14:38 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

nghttp2 Apr 26th 00:07
Release: focal Repo: universe Level: updates New version: 1.40.0-1ubuntu0.3
Packages in group:  nghttp2-client nghttp2-proxy nghttp2-server

  nghttp2 (1.40.0-1ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Thu, 18 Apr 2024 09:15:36 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

nghttp2 Apr 26th 00:07
Release: focal Repo: universe Level: security New version: 1.40.0-1ubuntu0.3
Packages in group:  nghttp2-client nghttp2-proxy nghttp2-server

  nghttp2 (1.40.0-1ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Thu, 18 Apr 2024 09:15:36 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound

nghttp2 Apr 26th 00:07
Release: focal Repo: main Level: updates New version: 1.40.0-1ubuntu0.3
Packages in group:  libnghttp2-14 libnghttp2-dev libnghttp2-doc

  nghttp2 (1.40.0-1ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 protocol denial of service
    - debian/patches/CVE-2024-28182-1.patch: Add
      nghttp2_option_set_max_continuations
    - debian/patches/CVE-2024-28182-2.patch: Limit CONTINUATION frames
      following an incoming HEADER frame
    - CVE-2024-28182

 -- Fabian Toepfer <email address hidden> Thu, 18 Apr 2024 09:15:36 +0200
CVE-2024-28182 nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbound


About   -   Send Feedback to @ubuntu_updates