Gecko [ aodai.devttt.com ]

Name	Size	Permission
adduser	[ DIR ]	drwxr-xr-x
apparmor	[ DIR ]	drwxr-xr-x
avahi-daemon	[ DIR ]	drwxr-xr-x
base-files	[ DIR ]	drwxr-xr-x
base-passwd	[ DIR ]	drwxr-xr-x
bash	[ DIR ]	drwxr-xr-x
bash-completion	[ DIR ]	drwxr-xr-x
bsdutils	[ DIR ]	drwxr-xr-x
bzip2	[ DIR ]	drwxr-xr-x
ca-certificates	[ DIR ]	drwxr-xr-x
cloud-guest-utils	[ DIR ]	drwxr-xr-x
cloud-init	[ DIR ]	drwxr-xr-x
console-conf	[ DIR ]	drwxr-xr-x
coreutils	[ DIR ]	drwxr-xr-x
cracklib-runtime	[ DIR ]	drwxr-xr-x
cryptsetup	[ DIR ]	drwxr-xr-x
cryptsetup-bin	[ DIR ]	drwxr-xr-x
dash	[ DIR ]	drwxr-xr-x
dbus	[ DIR ]	drwxr-xr-x
dbus-user-session	[ DIR ]	drwxr-xr-x
debianutils	[ DIR ]	drwxr-xr-x
diffutils	[ DIR ]	drwxr-xr-x
distro-info-data	[ DIR ]	drwxr-xr-x
dmsetup	[ DIR ]	drwxr-xr-x
dosfstools	[ DIR ]	drwxr-xr-x
dpkg	[ DIR ]	drwxr-xr-x
e2fsprogs	[ DIR ]	drwxr-xr-x
fdisk	[ DIR ]	drwxr-xr-x
file	[ DIR ]	drwxr-xr-x
finalrd	[ DIR ]	drwxr-xr-x
findutils	[ DIR ]	drwxr-xr-x
gcc-10-base	[ DIR ]	drwxr-xr-x
gdbserver	[ DIR ]	drwxr-xr-x
gnutls-bin	[ DIR ]	drwxr-xr-x
gpgv	[ DIR ]	drwxr-xr-x
grep	[ DIR ]	drwxr-xr-x
gzip	[ DIR ]	drwxr-xr-x
hostname	[ DIR ]	drwxr-xr-x
init-system-helpers	[ DIR ]	drwxr-xr-x
iproute2	[ DIR ]	drwxr-xr-x
iptables	[ DIR ]	drwxr-xr-x
iputils-ping	[ DIR ]	drwxr-xr-x
isc-dhcp-client	[ DIR ]	drwxr-xr-x
kmod	[ DIR ]	drwxr-xr-x
less	[ DIR ]	drwxr-xr-x
libacl1	[ DIR ]	drwxr-xr-x
libapparmor1	[ DIR ]	drwxr-xr-x
libapt-pkg6.0	[ DIR ]	drwxr-xr-x
libargon2-1	[ DIR ]	drwxr-xr-x
libattr1	[ DIR ]	drwxr-xr-x
libaudit-common	[ DIR ]	drwxr-xr-x
libaudit1	[ DIR ]	drwxr-xr-x
libblkid1	[ DIR ]	drwxr-xr-x
libbsd0	[ DIR ]	drwxr-xr-x
libbz2-1.0	[ DIR ]	drwxr-xr-x
libc-bin	[ DIR ]	drwxr-xr-x
libc6	[ DIR ]	drwxr-xr-x
libcap-ng0	[ DIR ]	drwxr-xr-x
libcap2	[ DIR ]	drwxr-xr-x
libcap2-bin	[ DIR ]	drwxr-xr-x
libcbor0.6	[ DIR ]	drwxr-xr-x
libcom-err2	[ DIR ]	drwxr-xr-x
libcrack2	[ DIR ]	drwxr-xr-x
libcrypt1	[ DIR ]	drwxr-xr-x
libcryptsetup12	[ DIR ]	drwxr-xr-x
libdb5.3	[ DIR ]	drwxr-xr-x
libdbus-1-3	[ DIR ]	drwxr-xr-x
libdebconfclient0	[ DIR ]	drwxr-xr-x
libdevmapper1.02.1	[ DIR ]	drwxr-xr-x
libdns-export1109	[ DIR ]	drwxr-xr-x
libedit2	[ DIR ]	drwxr-xr-x
libelf1	[ DIR ]	drwxr-xr-x
libengine-pkcs11-openssl	[ DIR ]	drwxr-xr-x
libexpat1	[ DIR ]	drwxr-xr-x
libext2fs2	[ DIR ]	drwxr-xr-x
libfdisk1	[ DIR ]	drwxr-xr-x
libffi7	[ DIR ]	drwxr-xr-x
libfido2-1	[ DIR ]	drwxr-xr-x
libgcc-s1	[ DIR ]	drwxr-xr-x
libgcrypt20	[ DIR ]	drwxr-xr-x
libglib2.0-0	[ DIR ]	drwxr-xr-x
libgmp10	[ DIR ]	drwxr-xr-x
libgnutls30	[ DIR ]	drwxr-xr-x
libgpg-error0	[ DIR ]	drwxr-xr-x
libgssapi-krb5-2	[ DIR ]	drwxr-xr-x
libhogweed5	[ DIR ]	drwxr-xr-x
libidn2-0	[ DIR ]	drwxr-xr-x
libip4tc2	[ DIR ]	drwxr-xr-x
libip6tc2	[ DIR ]	drwxr-xr-x
libisc-export1105	[ DIR ]	drwxr-xr-x
libjson-c4	[ DIR ]	drwxr-xr-x
libk5crypto3	[ DIR ]	drwxr-xr-x
libkeyutils1	[ DIR ]	drwxr-xr-x
libkmod2	[ DIR ]	drwxr-xr-x
libkrb5-3	[ DIR ]	drwxr-xr-x
libkrb5support0	[ DIR ]	drwxr-xr-x
liblz4-1	[ DIR ]	drwxr-xr-x
liblzma5	[ DIR ]	drwxr-xr-x
liblzo2-2	[ DIR ]	drwxr-xr-x
libmagic-mgc	[ DIR ]	drwxr-xr-x
libmagic1	[ DIR ]	drwxr-xr-x
libmnl0	[ DIR ]	drwxr-xr-x
libmount1	[ DIR ]	drwxr-xr-x
libmpdec2	[ DIR ]	drwxr-xr-x
libncurses6	[ DIR ]	drwxr-xr-x
libncursesw6	[ DIR ]	drwxr-xr-x
libnetfilter-conntrack3	[ DIR ]	drwxr-xr-x
libnetplan0	[ DIR ]	drwxr-xr-x
libnettle7	[ DIR ]	drwxr-xr-x
libnfnetlink0	[ DIR ]	drwxr-xr-x
libnftnl11	[ DIR ]	drwxr-xr-x
libnl-3-200	[ DIR ]	drwxr-xr-x
libnl-genl-3-200	[ DIR ]	drwxr-xr-x
libnl-route-3-200	[ DIR ]	drwxr-xr-x
libnss-extrausers	[ DIR ]	drwxr-xr-x
libnss-mdns	[ DIR ]	drwxr-xr-x
libopts25	[ DIR ]	drwxr-xr-x
libp11-3	[ DIR ]	drwxr-xr-x
libp11-kit0	[ DIR ]	drwxr-xr-x
libpam-modules	[ DIR ]	drwxr-xr-x
libpam-modules-bin	[ DIR ]	drwxr-xr-x
libpam-pwquality	[ DIR ]	drwxr-xr-x
libpam-runtime	[ DIR ]	drwxr-xr-x
libpam-systemd	[ DIR ]	drwxr-xr-x
libpam0g	[ DIR ]	drwxr-xr-x
libpcre2-8-0	[ DIR ]	drwxr-xr-x
libpcre3	[ DIR ]	drwxr-xr-x
libpcsclite1	[ DIR ]	drwxr-xr-x
libpopt0	[ DIR ]	drwxr-xr-x
libprocps8	[ DIR ]	drwxr-xr-x
libpwquality-common	[ DIR ]	drwxr-xr-x
libpwquality1	[ DIR ]	drwxr-xr-x
libpython3-stdlib	[ DIR ]	drwxr-xr-x
libpython3.8-minimal	[ DIR ]	drwxr-xr-x
libpython3.8-stdlib	[ DIR ]	drwxr-xr-x
libreadline8	[ DIR ]	drwxr-xr-x
libseccomp2	[ DIR ]	drwxr-xr-x
libselinux1	[ DIR ]	drwxr-xr-x
libsemanage-common	[ DIR ]	drwxr-xr-x
libsemanage1	[ DIR ]	drwxr-xr-x
libsepol1	[ DIR ]	drwxr-xr-x
libsmartcols1	[ DIR ]	drwxr-xr-x
libsqlite3-0	[ DIR ]	drwxr-xr-x
libss2	[ DIR ]	drwxr-xr-x
libssl1.1	[ DIR ]	drwxr-xr-x
libstdc++6	[ DIR ]	drwxr-xr-x
libsystemd0	[ DIR ]	drwxr-xr-x
libtasn1-6	[ DIR ]	drwxr-xr-x
libtinfo6	[ DIR ]	drwxr-xr-x
libudev1	[ DIR ]	drwxr-xr-x
libunistring2	[ DIR ]	drwxr-xr-x
libuuid1	[ DIR ]	drwxr-xr-x
libwrap0	[ DIR ]	drwxr-xr-x
libxtables12	[ DIR ]	drwxr-xr-x
libyaml-0-2	[ DIR ]	drwxr-xr-x
libzstd1	[ DIR ]	drwxr-xr-x
login	[ DIR ]	drwxr-xr-x
logsave	[ DIR ]	drwxr-xr-x
lsb-base	[ DIR ]	drwxr-xr-x
mawk	[ DIR ]	drwxr-xr-x
mime-support	[ DIR ]	drwxr-xr-x
mount	[ DIR ]	drwxr-xr-x
ncurses-base	[ DIR ]	drwxr-xr-x
ncurses-bin	[ DIR ]	drwxr-xr-x
netbase	[ DIR ]	drwxr-xr-x
netcat-openbsd	[ DIR ]	drwxr-xr-x
netplan	[ DIR ]	drwxr-xr-x
netplan.io	[ DIR ]	drwxr-xr-x
opensc	[ DIR ]	drwxr-xr-x
opensc-pkcs11	[ DIR ]	drwxr-xr-x
openssh-client	[ DIR ]	drwxr-xr-x
openssh-server	[ DIR ]	drwxr-xr-x
openssh-sftp-server	[ DIR ]	drwxr-xr-x
openssl	[ DIR ]	drwxr-xr-x
p11-kit	[ DIR ]	drwxr-xr-x
p11-kit-modules	[ DIR ]	drwxr-xr-x
passwd	[ DIR ]	drwxr-xr-x
perl	[ DIR ]	drwxr-xr-x
perl-base	[ DIR ]	drwxr-xr-x
probert-common	[ DIR ]	drwxr-xr-x
probert-network	[ DIR ]	drwxr-xr-x
procps	[ DIR ]	drwxr-xr-x
python3	[ DIR ]	drwxr-xr-x
python3-attr	[ DIR ]	drwxr-xr-x
python3-blinker	[ DIR ]	drwxr-xr-x
python3-certifi	[ DIR ]	drwxr-xr-x
python3-cffi-backend	[ DIR ]	drwxr-xr-x
python3-chardet	[ DIR ]	drwxr-xr-x
python3-configobj	[ DIR ]	drwxr-xr-x
python3-cryptography	[ DIR ]	drwxr-xr-x
python3-distutils	[ DIR ]	drwxr-xr-x
python3-idna	[ DIR ]	drwxr-xr-x
python3-importlib-metadata	[ DIR ]	drwxr-xr-x
python3-jinja2	[ DIR ]	drwxr-xr-x
python3-json-pointer	[ DIR ]	drwxr-xr-x
python3-jsonpatch	[ DIR ]	drwxr-xr-x
python3-jsonschema	[ DIR ]	drwxr-xr-x
python3-jwt	[ DIR ]	drwxr-xr-x
python3-lib2to3	[ DIR ]	drwxr-xr-x
python3-markupsafe	[ DIR ]	drwxr-xr-x
python3-minimal	[ DIR ]	drwxr-xr-x
python3-more-itertools	[ DIR ]	drwxr-xr-x
python3-netifaces	[ DIR ]	drwxr-xr-x
python3-oauthlib	[ DIR ]	drwxr-xr-x
python3-pkg-resources	[ DIR ]	drwxr-xr-x
python3-pyrsistent	[ DIR ]	drwxr-xr-x
python3-pyudev	[ DIR ]	drwxr-xr-x
python3-requests	[ DIR ]	drwxr-xr-x
python3-requests-unixsocket	[ DIR ]	drwxr-xr-x
python3-serial	[ DIR ]	drwxr-xr-x
python3-setuptools	[ DIR ]	drwxr-xr-x
python3-six	[ DIR ]	drwxr-xr-x
python3-urllib3	[ DIR ]	drwxr-xr-x
python3-urwid	[ DIR ]	drwxr-xr-x
python3-yaml	[ DIR ]	drwxr-xr-x
python3-zipp	[ DIR ]	drwxr-xr-x
python3.8	[ DIR ]	drwxr-xr-x
python3.8-minimal	[ DIR ]	drwxr-xr-x
readline-common	[ DIR ]	drwxr-xr-x
rfkill	[ DIR ]	drwxr-xr-x
sbsigntool	[ DIR ]	drwxr-xr-x
secureboot-db	[ DIR ]	drwxr-xr-x
sed	[ DIR ]	drwxr-xr-x
sensible-utils	[ DIR ]	drwxr-xr-x
squashfs-tools	[ DIR ]	drwxr-xr-x
subiquitycore	[ DIR ]	drwxr-xr-x
sudo	[ DIR ]	drwxr-xr-x
systemd	[ DIR ]	drwxr-xr-x
systemd-bootchart	[ DIR ]	drwxr-xr-x
systemd-sysv	[ DIR ]	drwxr-xr-x
systemd-timesyncd	[ DIR ]	drwxr-xr-x
sysvinit-utils	[ DIR ]	drwxr-xr-x
tar	[ DIR ]	drwxr-xr-x
tzdata	[ DIR ]	drwxr-xr-x
ubuntu-keyring	[ DIR ]	drwxr-xr-x
ucf	[ DIR ]	drwxr-xr-x
udev	[ DIR ]	drwxr-xr-x
util-linux	[ DIR ]	drwxr-xr-x
vim-common	[ DIR ]	drwxr-xr-x
vim-tiny	[ DIR ]	drwxr-xr-x
wpa_supplicant	[ DIR ]	drwxr-xr-x
wpasupplicant	[ DIR ]	drwxr-xr-x
xxd	[ DIR ]	drwxr-xr-x
zlib1g	[ DIR ]	drwxr-xr-x
ChangeLog	11.17 KB	-rw-r--r--

Code Editor : ChangeLog

22/08/2025, commit https://git.launchpad.net/snap-core20/tree/4a63850fbbbed40f33996c788219e15ad39ea4e9

[ Changes in the core20 snap ]

No detected changes for the core20 snap

[ Changes in primed packages ]

gcc-10-base:amd64, gcc-10-base:i386, libgcc-s1:amd64, libgcc-s1:i386, libstdc++6:amd64 (built from gcc-10) updated from 10.5.0-1ubuntu1~20.04 to 10.5.0-1ubuntu1~20.04.1+esm1:

gcc-10 (10.5.0-1ubuntu1~20.04.1+esm1) focal-security; urgency=medium

* SECURITY UPDATE: A missed hardening option in -fstack-protector for AArch64
      can lead to buffer overflows for dynamically allocated local variables 
      not being detected. (LP: #2054343)
      - d/p/CVE-2023-4039.diff: Address stack protector and stack clash
        protection weaknesses on AArch64. Taken from the gcc-12 branch. 
      - CVE-2023-4039
    * Move allocator base to avoid conflict with high-entropy ASLR for x86-64
      Linux. Patch taken from LLVM. Fixes ftbfs. (LP: #2107313)
      - d/p/lp2107313-asan-allocator-base.diff

-- Gerald Yang <gerald.yang@canonical.com>  Tue, 22 Apr 2025 02:36:10 +0000

libpython3.8-minimal:amd64, libpython3.8-stdlib:amd64, python3.8, python3.8-minimal (built from python3.8) updated from 3.8.10-0ubuntu1~20.04.18+esm1 to 3.8.10-0ubuntu1~20.04.18+esm2:

python3.8 (3.8.10-0ubuntu1~20.04.18+esm2) focal-security; urgency=medium

* SECURITY UPDATE: Regular expression denial of service.
      - debian/patches/CVE-2025-6069.patch: Improve regex parsing in
        Lib/html/parser.py.
      - CVE-2025-6069
    * SECURITY UPDATE: Infinite loop when parsing tar archives.
      - debian/patches/CVE-2025-8194.patch: Raise exception when count < 0 in
        Lib/tarfile.py.
      - CVE-2025-8194

-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Mon, 18 Aug 2025 17:00:06 -0230

30/07/2025, commit https://git.launchpad.net/snap-core20/tree/4a63850fbbbed40f33996c788219e15ad39ea4e9

[ Changes in the core20 snap ]

Philip Meulengracht (1):
      tools: aggregate old changelogs

[ Changes in primed packages ]

cloud-init (built from cloud-init) updated from 24.4.1-0ubuntu0~20.04.2 to 24.4.1-0ubuntu0~20.04.3+esm1:

cloud-init (24.4.1-0ubuntu0~20.04.3+esm1) focal-security; urgency=medium

* d/cloud-init.postinst: move existing hotplug-cmd fifo to root-only
      share dir (CVE-2024-11584)
    * cherry-pick 8c3ae1bb: fix: Don't attempt to identify non-x86 OpenStack
      instances (LP: #2069607) (CVE-2024-6174)
    * cherry-pick e3f42adc: fix: strict disable in ds-identify on no
      datasources found (LP: #2069607) (CVE-2024-6174)
    * cherry-pick 8b45006c: fix: Make hotplug socket writable only by root
      (LP: #2114229) (CVE-2024-11584)

-- Chad Smith <chad.smith@canonical.com>  Wed, 25 Jun 2025 09:09:01 -0600

cloud-init (24.4.1-0ubuntu0~20.04.3) focal; urgency=medium

* cherry-pick 7a0265d3: fix: ensure MAAS datasource retries on failure
      (#6167) (LP: #2106671)

-- James Falcon <james.falcon@canonical.com>  Fri, 23 May 2025 15:43:28 -0500

gpgv (built from gnupg2) updated from 2.2.19-3ubuntu2.4 to 2.2.19-3ubuntu2.5:

gnupg2 (2.2.19-3ubuntu2.5) focal-security; urgency=medium

* debian/patches/fix-key-validity-regression-due-to-CVE-2025-
      30258.patch:
      - Fix a key validity regression following patches for CVE-2025-30258,
        causing trusted "certify-only" primary keys to be ignored when checking
        signature on user IDs and computing key validity. This regression makes
        imported keys signed by a trusted "certify-only" key have an unknown
        validity (LP: #2114775).

-- dcpi <dcpi@u22vm>  Thu, 26 Jun 2025 16:57:26 +0000

python3-urllib3 (built from python-urllib3) updated from 1.25.8-2ubuntu0.4 to 1.25.8-2ubuntu0.4+esm1:

python-urllib3 (1.25.8-2ubuntu0.4+esm1) focal-security; urgency=medium

* SECURITY UPDATE: Information disclosure through improperly disabled
      redirects.
      - debian/patches/CVE-2025-50181.patch: Add "retries" check and set retries
        to Retry.from_int(retries, redirect=False) as well as set
        raise_on_redirect in ./src/urllib3/poolmanager.py.
      - CVE-2025-50181

-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Mon, 23 Jun 2025 17:58:59 -0230

libsqlite3-0:amd64 (built from sqlite3) updated from 3.31.1-4ubuntu0.7 to 3.31.1-4ubuntu0.7+esm1:

sqlite3 (3.31.1-4ubuntu0.7+esm1) focal-security; urgency=medium

[ Marc Deslauriers ]
    * SECURITY UPDATE: Memory corruption via number of aggregate terms
      - debian/patches/CVE-2025-6965.patch: raise an error right away if the
        number of aggregate terms in a query exceeds the maximum number of
        columns in src/expr.c, src/sqliteInt.h.
      - CVE-2025-6965

-- Ian Constantin <ian.constantin@canonical.com>  Mon, 28 Jul 2025 22:54:05 +0300

sudo (built from sudo) updated from 1.8.31-1ubuntu1.5 to 1.8.31-1ubuntu1.5+esm1:

sudo (1.8.31-1ubuntu1.5+esm1) focal-security; urgency=medium

* SECURITY UPDATE: Local Privilege Escalation via host option
      - debian/patches/CVE-2025-32462.patch: only allow specifying a host
        when listing privileges.
      - CVE-2025-32462

-- Federico Quattrin <federico.quattrin@canonical.com>  Wed, 25 Jun 2025 17:10:55 -0300

16/06/2025, commit https://git.launchpad.net/snap-core20/tree/92f33cf5c91cc93d7888f389647936aa39a31752

[ Changes in the core20 snap ]

No detected changes for the core20 snap

[ Changes in primed packages ]

apt, libapt-pkg6.0:amd64 (built from apt) updated from 2.0.10 to 2.0.11:

apt (2.0.11) focal; urgency=medium

* Fix buffer overflow, stack overflow, exponential complexity in
      apt-ftparchive Contents generation (LP: #2083697)
      - ftparchive: Mystrdup: Add safety check and bump buffer size
      - ftparchive: contents: Avoid exponential complexity and overflows
      - test framework: Improve valgrind support
      - test: Check that apt-ftparchive handles deep paths
      - increase valgrind cleanliness to make the tests pass:
        - pkgcachegen: Use placement new to construct header
        - acquire: Disable gcc optimization of strcmp() reading too far into
          struct dirent's d_name buffer.

-- Julian Andres Klode <juliank@ubuntu.com>  Tue, 22 Oct 2024 15:27:19 +0200

libc-bin, libc6:amd64, libc6:i386 (built from glibc) updated from 2.31-0ubuntu9.17 to 2.31-0ubuntu9.18:

glibc (2.31-0ubuntu9.18) focal-security; urgency=medium

* SECURITY UPDATE: privelege escalation issue
      - debian/patches/any/CVE-2025-4802.patch: elf: Ignore LD_LIBRARY_PATH
        and debug env var for setuid for static
      - CVE-2025-4802

-- Nishit Majithia <nishit.majithia@canonical.com>  Mon, 26 May 2025 13:39:37 +0530

libgssapi-krb5-2:amd64, libk5crypto3:amd64, libkrb5-3:amd64, libkrb5support0:amd64 (built from krb5) updated from 1.17-6ubuntu4.9 to 1.17-6ubuntu4.11:

krb5 (1.17-6ubuntu4.11) focal-security; urgency=medium

* SECURITY UPDATE: Use of weak cryptographic hash.
      - debian/patches/CVE-2025-3576*.patch: Add allow_des3 and allow_rc4 options.
        Disallow usage of des3 and rc4 unless allowed in the config. Replace
        warn_des3 with warn_deprecated in ./src/lib/krb5/krb/get_in_tkt.c. Add
        allow_des3 and allow_rc4 boolean in ./src/include/k5-int.h. Prevent usage
        of deprecated enctypes in ./src/kdc/kdc_util.c.
      - debian/patches/CVE-2025-3576-post1.patch: Add enctype comparison with
        ENCTYPE_AES256_CTS_HMAC_SHA1_96 in ./src/kdc/kdc_util.c.
      - debian/libk5crypto3.symbols: Add krb5int_c_deprecated_enctype symbol.
      - CVE-2025-3576

-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Thu, 15 May 2025 17:02:09 +0200

libpython3.8-minimal:amd64, libpython3.8-stdlib:amd64, python3.8, python3.8-minimal (built from python3.8) updated from 3.8.10-0ubuntu1~20.04.18 to 3.8.10-0ubuntu1~20.04.18+esm1:

python3.8 (3.8.10-0ubuntu1~20.04.18+esm1) focal-security; urgency=medium

* SECURITY UPDATE: Improper encoding of comma during address list folding.
      - debian/patches/CVE-2025-1795-1.patch: Replace ValueTerminal with
        ListSeparator in ./Lib/email/_header_value_parser.py.
      - debian/patches/CVE-2025-1795-2.patch: Add checks for terminal
        non-encoding in ./Lib/email/_header_value_parser.py.
      - CVE-2025-1795
    * SECURITY UPDATE: Use after free in unicode_escape decoding.
      - debian/patches/CVE-2025-4516-pre1.patch: Add DecodeUnicodeEscapeStateful
        and replace DecodeUnicodeEscape with DecodeUnicodeEscapeInternal in
        ./Include/cpython/unicodeobject.h. Change IncrementalDecoder and add
        decode to StreamReader in ./Lib/encodings/unicode_escape.py. Change
        instance to DecodeUnicodeEscapeStateful in ./Modules/_codecsmodule.c.
        Change checks in ./Modules/clinic/_codecsmodule.c.h and instances in
        ./Objects/unicodeobject.c and ./Parser/pegen/parse_string.c.
      - debian/patches/CVE-2025-4516.patch: Add _PyBytes_DecodeEscape2 in
        ./Include/cpython/bytesobject.h. Add
        _PyUnicode_DecodeUnicodeEscapeInternal2 in
        ./Include/cpython/unicodeobject.h. Add extra escape checks in
        ./Objects/bytesobject.c and ./Objects/unicodeobject.c.
      - debian/libpython.symbols.in: Update symbols with new functions.
      - CVE-2025-4516

-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Wed, 04 Jun 2025 16:26:55 -0230

python3-requests (built from requests) updated from 2.22.0-2ubuntu1.1 to 2.22.0-2ubuntu1.1+esm1:

requests (2.22.0-2ubuntu1.1+esm1) focal-security; urgency=medium

* SECURITY UPDATE: Information Leak
      - debian/patches/CVE-2024-47081.patch: Only use hostname to do netrc
        lookup instead of netloc
      - CVE-2024-47081

-- Bruce Cable <bruce.cable@canonical.com>  Wed, 11 Jun 2025 13:27:30 +1000

python3-pkg-resources, python3-setuptools (built from setuptools) updated from 45.2.0-1ubuntu0.2 to 45.2.0-1ubuntu0.3:

setuptools (45.2.0-1ubuntu0.3) focal-security; urgency=medium

* SECURITY UPDATE: path traversal vulnerability
      - debian/patches/CVE-2025-47273-pre1.patch: Extract
        _resolve_download_filename with test.
      - debian/patches/CVE-2025-47273.patch: Add a check to ensure the name
        resolves relative to the tmpdir.
      - CVE-2025-47273

-- Fabian Toepfer <fabian.toepfer@canonical.com>  Wed, 28 May 2025 19:14:28 +0200

libpam-systemd:amd64, libsystemd0:amd64, libudev1:amd64, systemd, systemd-sysv, systemd-timesyncd, udev (built from systemd) updated from 245.4-4ubuntu3.24 to 245.4-4ubuntu3.24+esm1:

systemd (245.4-4ubuntu3.24+esm1) focal-security; urgency=medium

* SECURITY UPDATE: race condition in systemd-coredump
      - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of
        _META_MANDATORY_MAX.
      - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core
        pattern.
      - debian/patches/CVE_2025_4598_3.patch: coredump: get rid of a bogus
        assertion.
      - CVE-2025-4598

-- Octavio Galland <octavio.galland@canonical.com>  Mon, 02 Jun 2025 17:05:57 -0300

tzdata (built from tzdata) updated from 2025b-0ubuntu0.20.04 to 2025b-0ubuntu0.20.04.1:

tzdata (2025b-0ubuntu0.20.04.1) focal; urgency=medium

* Update the ICU timezone data to 2025b (LP: #2107950)
    * Add autopkgtest test case for ICU timezone data 2025b

-- Benjamin Drung <bdrung@ubuntu.com>  Tue, 22 Apr 2025 12:20:10 +0200

${this.title}

Code Editor : ChangeLog