{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "libnss-systemd", "libpam-systemd", "libsystemd0", "libudev1", "python3-openssl", "systemd", "systemd-sysv", "systemd-timesyncd", "udev" ] } }, "diff": { "deb": [ { "name": "libnss-systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.17", "version": "249.11-0ubuntu3.17" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.19", "version": "249.11-0ubuntu3.19" }, "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd", " - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full", " - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()", " - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently", " * SECURITY UPDATE: Local root execution via malicious hardware devices", " - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch", " - d/p/udev-fix-review-mixup.patch", " - No CVE number", "" ], "package": "systemd", "version": "249.11-0ubuntu3.19", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Nick Rosbrook ", "date": "Fri, 13 Mar 2026 12:47:41 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam-systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.17", "version": "249.11-0ubuntu3.17" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.19", "version": "249.11-0ubuntu3.19" }, "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd", " - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full", " - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()", " - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently", " * SECURITY UPDATE: Local root execution via malicious hardware devices", " - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch", " - d/p/udev-fix-review-mixup.patch", " - No CVE number", "" ], "package": "systemd", "version": "249.11-0ubuntu3.19", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Nick Rosbrook ", "date": "Fri, 13 Mar 2026 12:47:41 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsystemd0", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.17", "version": "249.11-0ubuntu3.17" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.19", "version": "249.11-0ubuntu3.19" }, "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd", " - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full", " - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()", " - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently", " * SECURITY UPDATE: Local root execution via malicious hardware devices", " - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch", " - d/p/udev-fix-review-mixup.patch", " - No CVE number", "" ], "package": "systemd", "version": "249.11-0ubuntu3.19", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Nick Rosbrook ", "date": "Fri, 13 Mar 2026 12:47:41 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libudev1", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.17", "version": "249.11-0ubuntu3.17" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.19", "version": "249.11-0ubuntu3.19" }, "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd", " - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full", " - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()", " - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently", " * SECURITY UPDATE: Local root execution via malicious hardware devices", " - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch", " - d/p/udev-fix-review-mixup.patch", " - No CVE number", "" ], "package": "systemd", "version": "249.11-0ubuntu3.19", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Nick Rosbrook ", "date": "Fri, 13 Mar 2026 12:47:41 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-openssl", "from_version": { "source_package_name": "pyopenssl", "source_package_version": "21.0.0-1", "version": "21.0.0-1" }, "to_version": { "source_package_name": "pyopenssl", "source_package_version": "21.0.0-1ubuntu0.1", "version": "21.0.0-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2026-27448", "url": "https://ubuntu.com/security/CVE-2026-27448", "cve_description": "pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set_tlsext_servername_callback` raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Starting in version 26.0.0, unhandled exceptions now result in rejecting the connection.", "cve_priority": "low", "cve_public_date": "2026-03-18" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-27448", "url": "https://ubuntu.com/security/CVE-2026-27448", "cve_description": "pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set_tlsext_servername_callback` raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Starting in version 26.0.0, unhandled exceptions now result in rejecting the connection.", "cve_priority": "low", "cve_public_date": "2026-03-18" } ], "log": [ "", " * SECURITY UPDATE: Unhandled exceptions in set_tlsext_servername_callback", " - debian/patches/CVE-2026-27448.patch: handle exceptions in callbacks", " in src/OpenSSL/SSL.py, tests/test_ssl.py.", " - CVE-2026-27448", "" ], "package": "pyopenssl", "version": "21.0.0-1ubuntu0.1", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Wed, 18 Mar 2026 14:11:32 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.17", "version": "249.11-0ubuntu3.17" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.19", "version": "249.11-0ubuntu3.19" }, "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd", " - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full", " - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()", " - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently", " * SECURITY UPDATE: Local root execution via malicious hardware devices", " - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch", " - d/p/udev-fix-review-mixup.patch", " - No CVE number", "" ], "package": "systemd", "version": "249.11-0ubuntu3.19", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Nick Rosbrook ", "date": "Fri, 13 Mar 2026 12:47:41 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-sysv", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.17", "version": "249.11-0ubuntu3.17" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.19", "version": "249.11-0ubuntu3.19" }, "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd", " - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full", " - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()", " - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently", " * SECURITY UPDATE: Local root execution via malicious hardware devices", " - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch", " - d/p/udev-fix-review-mixup.patch", " - No CVE number", "" ], "package": "systemd", "version": "249.11-0ubuntu3.19", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Nick Rosbrook ", "date": "Fri, 13 Mar 2026 12:47:41 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-timesyncd", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.17", "version": "249.11-0ubuntu3.17" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.19", "version": "249.11-0ubuntu3.19" }, "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd", " - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full", " - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()", " - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently", " * SECURITY UPDATE: Local root execution via malicious hardware devices", " - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch", " - d/p/udev-fix-review-mixup.patch", " - No CVE number", "" ], "package": "systemd", "version": "249.11-0ubuntu3.19", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Nick Rosbrook ", "date": "Fri, 13 Mar 2026 12:47:41 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "udev", "from_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.17", "version": "249.11-0ubuntu3.17" }, "to_version": { "source_package_name": "systemd", "source_package_version": "249.11-0ubuntu3.19", "version": "249.11-0ubuntu3.19" }, "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-29111", "url": "https://ubuntu.com/security/CVE-2026-29111", "cve_description": "Local unprivileged user can trigger an assert in systemd", "cve_priority": "medium", "cve_public_date": "2026-03-23 20:00:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Local unprivileged user can overwrite stack in systemd", " - d/p/CVE-2026-29111-1.patch: path-util: backport path_startswith_full", " - d/p/CVE-2026-29111-2.patch: core/cgroup: avoid one unnecessary strjoina()", " - d/p/CVE-2026-29111-3.patch: core: validate input cgroup path more prudently", " * SECURITY UPDATE: Local root execution via malicious hardware devices", " - d/p/udev-check-for-invalid-chars-in-various-fields-received-f.patch", " - d/p/udev-fix-review-mixup.patch", " - No CVE number", "" ], "package": "systemd", "version": "249.11-0ubuntu3.19", "urgency": "medium", "distributions": "jammy-security", "launchpad_bugs_fixed": [], "author": "Nick Rosbrook ", "date": "Fri, 13 Mar 2026 12:47:41 -0400" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 22.04 jammy image from daily image serial 20260316 to 20260324", "from_series": "jammy", "to_series": "jammy", "from_serial": "20260316", "to_serial": "20260324", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }