{
    "summary": {
        "snap": {
            "added": [],
            "removed": [],
            "diff": []
        },
        "deb": {
            "added": [],
            "removed": [],
            "diff": [
                "libsqlite3-0"
            ]
        }
    },
    "diff": {
        "deb": [
            {
                "name": "libsqlite3-0",
                "from_version": {
                    "source_package_name": "sqlite3",
                    "source_package_version": "3.37.2-2ubuntu0.5",
                    "version": "3.37.2-2ubuntu0.5"
                },
                "to_version": {
                    "source_package_name": "sqlite3",
                    "source_package_version": "3.37.2-2ubuntu0.6",
                    "version": "3.37.2-2ubuntu0.6"
                },
                "cves": [
                    {
                        "cve": "CVE-2026-11822",
                        "url": "https://ubuntu.com/security/CVE-2026-11822",
                        "cve_description": "SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bounds read in fts5LeafSeek() via an attacker-controlled loop bound and a heap buffer overflow write in fts5ChunkIterate() through a crafted continuation page causing an integer underflow, exploitable when an FTS5 MATCH query is executed against the malicious database.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-06-09 20:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-11824",
                        "url": "https://ubuntu.com/security/CVE-2026-11824",
                        "cve_description": "SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4. Attackers can trigger an integer underflow in fts5ChunkIterate() causing an inflated remaining byte count during FTS5 MATCH query processing, leading to a heap buffer overflow of attacker-controlled data in applications compiled with SQLITE_ENABLE_FTS5.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-06-09 20:16:00 UTC"
                    }
                ],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-11822",
                                "url": "https://ubuntu.com/security/CVE-2026-11822",
                                "cve_description": "SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bounds read in fts5LeafSeek() via an attacker-controlled loop bound and a heap buffer overflow write in fts5ChunkIterate() through a crafted continuation page causing an integer underflow, exploitable when an FTS5 MATCH query is executed against the malicious database.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-06-09 20:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-11824",
                                "url": "https://ubuntu.com/security/CVE-2026-11824",
                                "cve_description": "SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4. Attackers can trigger an integer underflow in fts5ChunkIterate() causing an inflated remaining byte count during FTS5 MATCH query processing, leading to a heap buffer overflow of attacker-controlled data in applications compiled with SQLITE_ENABLE_FTS5.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-06-09 20:16:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * SECURITY UPDATE: security issues in FTS5 full-text search",
                            "    - debian/patches/CVE-2026-11822_4.patch: Fix logic in ext/fts5/fts5_index.c.",
                            "    - CVE-2026-11822",
                            "    - CVE-2026-11824",
                            ""
                        ],
                        "package": "sqlite3",
                        "version": "3.37.2-2ubuntu0.6",
                        "urgency": "medium",
                        "distributions": "jammy-security",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
                        "date": "Tue, 16 Jun 2026 13:53:33 -0400"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            }
        ],
        "snap": []
    },
    "added": {
        "deb": [],
        "snap": []
    },
    "removed": {
        "deb": [],
        "snap": []
    },
    "notes": "Changelog diff for Ubuntu 22.04 jammy image from daily image serial 20260626 to 20260630",
    "from_series": "jammy",
    "to_series": "jammy",
    "from_serial": "20260626",
    "to_serial": "20260630",
    "from_manifest_filename": "daily_manifest.previous",
    "to_manifest_filename": "manifest.current"
}