Na}{

Path: ~//snap/core20/2582/usr/share/doc/

File Content: ChangeLog

29/04/2025, commit https://git.launchpad.net/snap-core20/tree/92f33cf5c91cc93d7888f389647936aa39a31752

[ Changes in the core20 snap ]

No detected changes for the core20 snap

[ Changes in primed packages ]

cryptsetup, cryptsetup-bin, libcryptsetup12:amd64 (built from cryptsetup) updated from 2:2.2.2-3ubuntu2.4 to 2:2.2.2-3ubuntu2.5:

cryptsetup (2:2.2.2-3ubuntu2.5) focal; urgency=medium

[ Chengen Du ]
    * Refine proc mounts entries traversal (LP: #2054390)
      - d/i/h/cryptroot: Backport upstream commit 95fd4be9b4c6: d/functions:
        get_mnt_devno(): Speed up execution time on large /proc/mounts.

[ Heitor Alves de Siqueira ]
    * Ignore ZFS entries that don't have major/minor (LP: #1830110):
      - d/i/h/cryptroot: add $fstype check for zfs in get_mnt_devno(), add
        checks for $devnos in generate_initrd_crypttab()

-- Heitor Alves de Siqueira <halves@canonical.com>  Wed, 29 Jan 2025 18:37:57 +0000

distro-info-data (built from distro-info-data) updated from 0.43ubuntu1.17 to 0.43ubuntu1.18:

distro-info-data (0.43ubuntu1.18) focal; urgency=medium

* Add Ubuntu 25.10 "Questing Quokka" (LP: #2107391)
    * Add Debian 15 "Duke"

-- Benjamin Drung <bdrung@ubuntu.com>  Wed, 23 Apr 2025 12:03:33 +0200

opensc, opensc-pkcs11:amd64 (built from opensc) updated from 0.20.0-3ubuntu0.1~esm3 to 0.20.0-3ubuntu0.1~esm4:

opensc (0.20.0-3ubuntu0.1~esm4) focal-security; urgency=medium

* SECURITY REGRESSION: Stack buffer overflow (LP: #2104948)
      - debian/patches/CVE-2021-42782-pre1.patch: simplify PIV I/O
      - debian/patches/CVE-2021-42782-pre2.patch: Replace internal
        implementation of put_tag with asn1
      - debian/patches/CVE-2021-42782-1.patch: cardos: Correctly calculate
        the left bytes to avoid buffer overrun
      - debian/patches/CVE-2021-42782-2.patch: PIV Improved parsing of
        data from the card
      - debian/patches/CVE-2021-42782-3.patch: coolkey: Initialize
        potentially uninitialized memory
      - debian/patches/CVE-2021-42782-4.patch: tcos: prevent out of bounds read
      - debian/patches/CVE-2021-42782-5.patch: iasecc: Prevent stack
        buffer overflow when empty ACL is returned
      - CVE-2021-42782
    * SECURITY UPDATE: Use after return
      - debian/patches/CVE-2021-42780.patch: tcos: Check bounds in
        insert_pin()
      - CVE-2021-42780
    * SECURITY UPDATE: PIN Bypass
      - debian/patches/CVE-2023-40660-1.patch: Fixed PIN authentication
        bypass
      - debian/patches/CVE-2023-40660-2.patch: pkcs15init: Check login
        status before asking for a pin
        overflow during keygen
      - CVE-2023-40660
    * SECURITY UPDATE: Compromised card operations
      - debian/patches/CVE-2023-40661-1.patch: pkcs15: Avoid buffer
        overflow when getting last update
      - debian/patches/CVE-2023-40661-2.patch: setcos: Avoid buffer
        underflow
      - debian/patches/CVE-2023-40661-3.patch: setcos: Avoid writing
        behind the path buffer end
      - debian/patches/CVE-2023-40661-4.patch: oberthur: Avoid buffer
        overflow
      - debian/patches/CVE-2023-40661-5-pre1.patch: pkcs15-pubkey: free
        DER value when parsing public key fails
      - debian/patches/CVE-2023-40661-5.patch: pkcs15-pubkey.c: Avoid
        double-free
      - debian/patches/CVE-2023-40661-6.patch: pkcs15-cflex: check path
        length to prevent underflow
      - debian/patches/CVE-2023-40661-7.patch: Check length of string
        before making copy
      - debian/patches/CVE-2023-40661-8.patch: Check array bounds
      - debian/patches/CVE-2023-40661-9.patch: sc_pkcs15init_rmdir:
        prevent out of bounds write
      - debian/patches/CVE-2023-40661-10.patch: iasecc: Avoid another
        buffer overflow
      - debian/patches/CVE-2023-40661-11-pre1.patch: iassecc: Verify
        buffer lengths before use
      - debian/patches/CVE-2023-40661-11.patch: iasecc: Avoid buffer
        overflow with invalid data
      - debian/patches/CVE-2023-40661-12.patch: iasecc: Check length of
        data when parsing crt
      - debian/patches/CVE-2023-40661-13-pre1.patch: card-entersafe.c:
        Free modulus buffer in case of error
      - debian/patches/CVE-2023-40661-13.patch: entersafe: Avoid buffer
        overflow during keygen
      - CVE-2023-40661
    * SECURITY UPDATE: Missing variable initialization
      - debian/patches/CVE-2024-45615-1.patch: Fix uninitialized values
      - debian/patches/CVE-2024-45615-2.patch: Initialize variables for tag and
        CLA
      - debian/patches/CVE-2024-45615-3.patch: Initialize OID length
      - debian/patches/CVE-2024-45615-4.patch: Initialize variables for tag and
        CLA
      - debian/patches/CVE-2024-45615-5.patch: Avoid using uninitialized memory
      - debian/patches/CVE-2024-45617-1.patch: Check return value when selecting
        AID
      - debian/patches/CVE-2024-45617-2.patch: Return error when response length
        is 0
      - debian/patches/CVE-2024-45617-3.patch: Check number of read bytes
      - debian/patches/CVE-2024-45618-1.patch: Check return value of serial num
        conversion
      - debian/patches/CVE-2024-45618-2.patch: Report transport key error
      - CVE-2024-45615
      - CVE-2024-45617
      - CVE-2024-45618
    * SECURITY UPDATE: Buffer overflow
      - debian/patches/CVE-2023-2977.patch: pkcs15init: correct left
        length calculation to fix buffer overrun bug
      - debian/patches/CVE-2024-45616-1.patch: Fix uninitialized values
      - debian/patches/CVE-2024-45616-2.patch: Check length of APDU response
      - debian/patches/CVE-2024-45616-3.patch: Correctly calculate certificate
        length based on the resplen
      - debian/patches/CVE-2024-45616-4.patch: Check length of serial number
      - debian/patches/CVE-2024-45616-5.patch: Use actual length of reponse
        buffer
      - debian/patches/CVE-2024-45616-6.patch: Check length of response buffer
        in select
      - debian/patches/CVE-2024-45616-7.patch: Check APDU response length and
        ASN1 lengths
      - debian/patches/CVE-2024-45616-8.patch: Report invalid SW when reading
        object
      - debian/patches/CVE-2024-45616-9.patch: Avoid using uninitialized memory
      - debian/patches/CVE-2024-45616-10.patch: Check length of serial number
      - debian/patches/CVE-2024-45620-1.patch: Check length of file to be non-zero
      - debian/patches/CVE-2024-45620-2.patch: Check length of data before
        dereferencing
      - debian/patches/CVE-2024-45620-3.patch: Check length of data when parsing
      - debian/patches/CVE-2024-8443-1.patch: Avoid buffer overflow when writing
        fingerprint
      - debian/patches/CVE-2024-8443-2.patch: Do not accept non-matching key
        responses
      - CVE-2023-2977
      - CVE-2024-45616
      - CVE-2024-45620
      - CVE-2024-8443

-- Bruce Cable <bruce.cable@canonical.com>  Wed, 09 Apr 2025 13:19:18 +1000

openssh-client, openssh-server, openssh-sftp-server (built from openssh) updated from 1:8.2p1-4ubuntu0.12 to 1:8.2p1-4ubuntu0.13:

openssh (1:8.2p1-4ubuntu0.13) focal-security; urgency=medium

* SECURITY UPDATE: incorrect DisableForwarding directive behaviour
      - debian/patches/CVE-2025-32728.patch: fix logic error in session.c.
      - CVE-2025-32728

-- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 11 Apr 2025 08:16:08 -0400

FILE FOLDER INFO

Name	Size	Permission
adduser	---	0755
apparmor	---	0755
avahi-daemon	---	0755
base-files	---	0755
base-passwd	---	0755
bash	---	0755
bash-completion	---	0755
bsdutils	---	0755
bzip2	---	0755
ca-certificates	---	0755
cloud-guest-utils	---	0755
cloud-init	---	0755
console-conf	---	0755
coreutils	---	0755
cracklib-runtime	---	0755
cryptsetup	---	0755
cryptsetup-bin	---	0755
dash	---	0755
dbus	---	0755
dbus-user-session	---	0755
debianutils	---	0755
diffutils	---	0755
distro-info-data	---	0755
dmsetup	---	0755
dosfstools	---	0755
dpkg	---	0755
e2fsprogs	---	0755
fdisk	---	0755
file	---	0755
finalrd	---	0755
findutils	---	0755
gcc-10-base	---	0755
gdbserver	---	0755
gnutls-bin	---	0755
gpgv	---	0755
grep	---	0755
gzip	---	0755
hostname	---	0755
init-system-helpers	---	0755
iproute2	---	0755
iptables	---	0755
iputils-ping	---	0755
isc-dhcp-client	---	0755
kmod	---	0755
less	---	0755
libacl1	---	0755
libapparmor1	---	0755
libapt-pkg6.0	---	0755
libargon2-1	---	0755
libattr1	---	0755
libaudit-common	---	0755
libaudit1	---	0755
libblkid1	---	0755
libbsd0	---	0755
libbz2-1.0	---	0755
libc-bin	---	0755
libc6	---	0755
libcap-ng0	---	0755
libcap2	---	0755
libcap2-bin	---	0755
libcbor0.6	---	0755
libcom-err2	---	0755
libcrack2	---	0755
libcrypt1	---	0755
libcryptsetup12	---	0755
libdb5.3	---	0755
libdbus-1-3	---	0755
libdebconfclient0	---	0755
libdevmapper1.02.1	---	0755
libdns-export1109	---	0755
libedit2	---	0755
libelf1	---	0755
libengine-pkcs11-openssl	---	0755
libexpat1	---	0755
libext2fs2	---	0755
libfdisk1	---	0755
libffi7	---	0755
libfido2-1	---	0755
libgcc-s1	---	0755
libgcrypt20	---	0755
libglib2.0-0	---	0755
libgmp10	---	0755
libgnutls30	---	0755
libgpg-error0	---	0755
libgssapi-krb5-2	---	0755
libhogweed5	---	0755
libidn2-0	---	0755
libip4tc2	---	0755
libip6tc2	---	0755
libisc-export1105	---	0755
libjson-c4	---	0755
libk5crypto3	---	0755
libkeyutils1	---	0755
libkmod2	---	0755
libkrb5-3	---	0755
libkrb5support0	---	0755
liblz4-1	---	0755
liblzma5	---	0755
liblzo2-2	---	0755
libmagic-mgc	---	0755
libmagic1	---	0755
libmnl0	---	0755
libmount1	---	0755
libmpdec2	---	0755
libncurses6	---	0755
libncursesw6	---	0755
libnetfilter-conntrack3	---	0755
libnetplan0	---	0755
libnettle7	---	0755
libnfnetlink0	---	0755
libnftnl11	---	0755
libnl-3-200	---	0755
libnl-genl-3-200	---	0755
libnl-route-3-200	---	0755
libnss-extrausers	---	0755
libnss-mdns	---	0755
libopts25	---	0755
libp11-3	---	0755
libp11-kit0	---	0755
libpam-modules	---	0755
libpam-modules-bin	---	0755
libpam-pwquality	---	0755
libpam-runtime	---	0755
libpam-systemd	---	0755
libpam0g	---	0755
libpcre2-8-0	---	0755
libpcre3	---	0755
libpcsclite1	---	0755
libpopt0	---	0755
libprocps8	---	0755
libpwquality-common	---	0755
libpwquality1	---	0755
libpython3-stdlib	---	0755
libpython3.8-minimal	---	0755
libpython3.8-stdlib	---	0755
libreadline8	---	0755
libseccomp2	---	0755
libselinux1	---	0755
libsemanage-common	---	0755
libsemanage1	---	0755
libsepol1	---	0755
libsmartcols1	---	0755
libsqlite3-0	---	0755
libss2	---	0755
libssl1.1	---	0755
libstdc++6	---	0755
libsystemd0	---	0755
libtasn1-6	---	0755
libtinfo6	---	0755
libudev1	---	0755
libunistring2	---	0755
libuuid1	---	0755
libwrap0	---	0755
libxtables12	---	0755
libyaml-0-2	---	0755
libzstd1	---	0755
login	---	0755
logsave	---	0755
lsb-base	---	0755
mawk	---	0755
mime-support	---	0755
mount	---	0755
ncurses-base	---	0755
ncurses-bin	---	0755
netbase	---	0755
netcat-openbsd	---	0755
netplan	---	0755
netplan.io	---	0755
opensc	---	0755
opensc-pkcs11	---	0755
openssh-client	---	0755
openssh-server	---	0755
openssh-sftp-server	---	0755
openssl	---	0755
p11-kit	---	0755
p11-kit-modules	---	0755
passwd	---	0755
perl	---	0755
perl-base	---	0755
probert-common	---	0755
probert-network	---	0755
procps	---	0755
python3	---	0755
python3-attr	---	0755
python3-blinker	---	0755
python3-certifi	---	0755
python3-cffi-backend	---	0755
python3-chardet	---	0755
python3-configobj	---	0755
python3-cryptography	---	0755
python3-debconf	---	0
python3-distutils	---	0755
python3-idna	---	0755
python3-importlib-metadata	---	0755
python3-jinja2	---	0755
python3-json-pointer	---	0755
python3-jsonpatch	---	0755
python3-jsonschema	---	0755
python3-jwt	---	0755
python3-lib2to3	---	0755
python3-markupsafe	---	0755
python3-minimal	---	0755
python3-more-itertools	---	0755
python3-netifaces	---	0755
python3-oauthlib	---	0755
python3-pkg-resources	---	0755
python3-pyrsistent	---	0755
python3-pyudev	---	0755
python3-requests	---	0755
python3-requests-unixsocket	---	0755
python3-serial	---	0755
python3-setuptools	---	0755
python3-six	---	0755
python3-urllib3	---	0755
python3-urwid	---	0755
python3-yaml	---	0755
python3-zipp	---	0755
python3.8	---	0755
python3.8-minimal	---	0755
readline-common	---	0755
rfkill	---	0755
sbsigntool	---	0755
secureboot-db	---	0755
sed	---	0755
sensible-utils	---	0755
squashfs-tools	---	0755
subiquitycore	---	0755
sudo	---	0755
systemd	---	0755
systemd-bootchart	---	0755
systemd-sysv	---	0755
systemd-timesyncd	---	0755
sysvinit-utils	---	0755
tar	---	0755
tzdata	---	0755
ubuntu-keyring	---	0755
ucf	---	0755
udev	---	0755
util-linux	---	0755
vim-common	---	0755
vim-tiny	---	0755
wpa_supplicant	---	0755
wpasupplicant	---	0755
xxd	---	0755
zlib1g	---	0755
ChangeLog	7417 bytes	0644
python3-debconf	bytes	0