⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.5
Server IP:
13.127.59.50
Server:
Linux ip-172-31-46-210 5.15.0-1033-aws #37~20.04.1-Ubuntu SMP Fri Mar 17 11:39:30 UTC 2023 x86_64
Server Software:
Apache/2.4.41 (Ubuntu)
PHP Version:
7.4.3-4ubuntu2.29
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
snap
/
core22
/
1908
/
usr
/
share
/
doc
/
View File Name :
ChangeLog
15/03/2025, commit https://git.launchpad.net/snap-core22/tree/45f3a12ac3cb691055c21774f1cf70f744f1eb45 [ Changes in the core22 snap ] Alfonso Sánchez-Beato (3): hook-tests: check for the cryptsetup ice package also for arm64 static/run-snapd-from-snap: adapt to new mount place for snapd snap static/run-snapd-from-snap: some shell script improvements Katie May (1): tests: log spread failures to grafana - core22 (#302) Philip Meulengracht (2): tests/lib: support OVMF_VARS 4M as our hosted runners seems to have changed which to use tests/lib: use _4M code Valentin David (1): subiquity: update and revert work-around for canonical/subiquity#2141 [ Changes in primed packages ] cloud-init (built from cloud-init) updated from 24.4-0ubuntu1~22.04.1 to 24.4.1-0ubuntu0~22.04.1: cloud-init (24.4.1-0ubuntu0~22.04.1) jammy; urgency=medium * Add d/p/cpick-84806336-chore-Add-feature-flag-for-manual-network-waiting - Pull in the upstream commit that makes it easier to patch out the new systemd-networkd-wait-online behavior in e30549e8 * Add d/p/cpick-b817a679-fix-retry-AWS-hotplug-for-async-IMDS.patch - Pull in the upstream commit works around a limitation in AWS's IMDS (GH-5971) (LP: #2097319) * Add d/p/no-remove-networkd-online.patch - Revert breaking change on stable release (LP: #2094149) * Update d/p/no-single-process.patch - This patch missed waiting for mounts (LP: #2097441) * refresh patches: - d/p/cli-retain-file-argument-as-main-cmd-arg.patch - d/p/revert-551f560d-cloud-config-after-snap-seeding.patch * Upstream snapshot based on 24.4.1. List of changes from upstream can be found at https://raw.githubusercontent.com/canonical/cloud-init/24.4.1/ChangeLog (LP: #2094179, #2094208, #2094857, #2094858) -- Brett Holman <brett.holman@canonical.com> Tue, 04 Feb 2025 17:35:10 -0700 cryptsetup, cryptsetup-bin, libcryptsetup12:amd64 (built from cryptsetup) updated from 2:2.4.3-1ubuntu1.2+ice1 to 2:2.4.3-1ubuntu1.3+ice1: cryptsetup (2:2.4.3-1ubuntu1.3+ice1) jammy; urgency=medium * d/p/inline-cypto-51cf38cd.patch: - include inline crypto support patch by Chris Coulson from https://github.com/chrisccoulson/cryptsetup/tree/ice-wip. Rebased after 2:2.4.3-1ubuntu1.3 release. -- Alfonso Sanchez-Beato <alfonso.sanchez-beato@canonical.com> Fri, 07 Mar 2025 12:50:37 -0500 cryptsetup (2:2.4.3-1ubuntu1.3) jammy; urgency=medium * Refine proc mounts entries traversal (LP: #2054390) - d/functions: Backport upstream commit 95fd4be9b4c6: d/functions: get_mnt_devno(): Speed up execution time on large /proc/mounts. -- Chengen Du <chengen.du@canonical.com> Thu, 14 Nov 2024 03:21:19 +0000 gnutls-bin, libgnutls30:amd64 (built from gnutls28) updated from 3.7.3-4ubuntu1.5 to 3.7.3-4ubuntu1.6: gnutls28 (3.7.3-4ubuntu1.6) jammy-security; urgency=medium * SECURITY UPDATE: resource consumption issue when decoding DER-encoded certificate data - debian/patches/CVE-2024-12243.patch: optimize name constraints processing in lib/datum.c, lib/x509/name_constraints.c, lib/x509/x509_ext.c, lib/x509/x509_ext_int.h, lib/x509/x509_int.h. - CVE-2024-12243 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 12 Feb 2025 10:33:01 -0500 python3-jinja2 (built from jinja2) updated from 3.0.3-1ubuntu0.3 to 3.0.3-1ubuntu0.4: jinja2 (3.0.3-1ubuntu0.4) jammy-security; urgency=medium * SECURITY UPDATE: Arbitrary code execution via |attr filter bypass - debian/patches/CVE-2025-27516.patch: attr filter uses env.getattr - CVE-2025-27516 -- John Breton <john.breton@canonical.com> Mon, 10 Mar 2025 12:56:34 -0400 libgssapi-krb5-2:amd64, libk5crypto3:amd64, libkrb5-3:amd64, libkrb5support0:amd64 (built from krb5) updated from 1.19.2-2ubuntu0.5 to 1.19.2-2ubuntu0.6: krb5 (1.19.2-2ubuntu0.6) jammy-security; urgency=medium * SECURITY UPDATE: denial of service via two memory leaks - debian/patches/CVE-2024-26458.patch: fix two unlikely memory leaks in src/lib/gssapi/krb5/k5sealv3.c, src/lib/rpc/pmap_rmt.c. - CVE-2024-26458 - CVE-2024-26461 * SECURITY UPDATE: kadmind DoS via iprop log file - debian/patches/CVE-2025-24528.patch: prevent overflow when calculating ulog block size in src/lib/kdb/kdb_log.c. - CVE-2025-24528 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 25 Feb 2025 12:26:06 -0500 libcap2-bin, libcap2:amd64 (built from libcap2) updated from 1:2.44-1ubuntu0.22.04.1 to 1:2.44-1ubuntu0.22.04.2: libcap2 (1:2.44-1ubuntu0.22.04.2) jammy-security; urgency=medium * SECURITY UPDATE: incorrect group name handling - debian/patches/CVE-2025-1390-1.patch: fix potential configuration parsing error in pam_cap/pam_cap.c. - debian/patches/CVE-2025-1390-2.patch: add a test for bad group prefix in pam_cap/sudotest.conf. - CVE-2025-1390 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 20 Feb 2025 10:51:02 -0500 libtasn1-6:amd64 (built from libtasn1-6) updated from 4.18.0-4build1 to 4.18.0-4ubuntu0.1: libtasn1-6 (4.18.0-4ubuntu0.1) jammy-security; urgency=medium * SECURITY UPDATE: Denial of service through inefficient algorithm. - CVE-2024-12133-x.patch: Add caching and optimize algorithms in lib/decoding.c, lib/element.c, lib/element.h, lib/int.h, lib/parser_aux.c, and lib/structure.c. - CVE-2024-12133 -- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Tue, 11 Feb 2025 17:49:16 -0330 dmsetup, libdevmapper1.02.1:amd64 (built from lvm2) updated from 2:1.02.175-2.1ubuntu4 to 2:1.02.175-2.1ubuntu5: openssh-client, openssh-server, openssh-sftp-server (built from openssh) updated from 1:8.9p1-3ubuntu0.10 to 1:8.9p1-3ubuntu0.11: openssh (1:8.9p1-3ubuntu0.11) jammy-security; urgency=medium * SECURITY UPDATE: MitM with VerifyHostKeyDNS option - debian/patches/CVE-2025-26465.patch: fix error code handling in krl.c, ssh-agent.c, ssh-sk-client.c, sshconnect2.c, sshsig.c. - CVE-2025-26465 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 11 Feb 2025 08:51:51 -0500 libssl3:amd64, openssl (built from openssl) updated from 3.0.2-0ubuntu1.18 to 3.0.2-0ubuntu1.19: openssl (3.0.2-0ubuntu1.19) jammy-security; urgency=medium * SECURITY UPDATE: Low-level invalid GF(2^m) parameters lead to OOB memory access - debian/patches/CVE-2024-9143.patch: harden BN_GF2m_poly2arr against misuse in crypto/bn/bn_gf2m.c, test/ec_internal_test.c. - CVE-2024-9143 * SECURITY UPDATE: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation - debian/patches/CVE-2024-13176.patch: Fix timing side-channel in ECDSA signature computation in crypto/bn/bn_exp.c, crypto/ec/ec_lib.c, include/crypto/bn.h. - CVE-2024-13176 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 05 Feb 2025 08:19:41 -0500 libpython3.10-minimal:amd64, libpython3.10-stdlib:amd64, python3.10, python3.10-minimal (built from python3.10) updated from 3.10.12-1~22.04.8 to 3.10.12-1~22.04.9: python3.10 (3.10.12-1~22.04.9) jammy-security; urgency=medium * SECURITY UPDATE: urlparse does not flag hostname with square brackets as incorrect - debian/patches/CVE-2025-0938.patch: disallow square brackets in domain names for parsed URLs in Lib/test/test_urlparse.py, Lib/urllib/parse.py. - CVE-2025-0938 -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 04 Feb 2025 09:57:36 -0500 tzdata (built from tzdata) updated from 2024b-0ubuntu0.22.04 to 2024b-0ubuntu0.22.04.1: tzdata (2024b-0ubuntu0.22.04.1) jammy; urgency=medium * Revert using %z in tzdata.zi data form (LP: #2096974): - Enable link to link feature also for rearguard dataform - Use dataform rearguard for C++ std::chrono -- Benjamin Drung <bdrung@ubuntu.com> Fri, 31 Jan 2025 13:53:56 +0100 wpasupplicant (built from wpa) updated from 2:2.10-6ubuntu2.1 to 2:2.10-6ubuntu2.2: wpa (2:2.10-6ubuntu2.2) jammy-security; urgency=medium * SECURITY UPDATE: Encrypted element reusage. - debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code() and wpas_dpp_pkex_clear_code(), and clear code reusage in ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c - CVE-2022-37660 -- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Mon, 24 Feb 2025 16:09:28 -0330