{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "gir1.2-packagekitglib-1.0", "libpackagekit-glib2-18:riscv64", "libxml2-16:riscv64", "packagekit" ] } }, "diff": { "deb": [ { "name": "gir1.2-packagekitglib-1.0", "from_version": { "source_package_name": "packagekit", "source_package_version": "1.3.4-3ubuntu1", "version": "1.3.4-3ubuntu1" }, "to_version": { "source_package_name": "packagekit", "source_package_version": "1.3.4-3ubuntu1.1", "version": "1.3.4-3ubuntu1.1" }, "cves": [], "launchpad_bugs_fixed": [ 2148474 ], "changes": [ { "cves": [], "log": [ "", " * d/p: Honour allow_deps=false when removing packages.", " The PackageKit API allows restricting a RemovePackages transaction to", " prevent removing any dependent packages, but the APT backend was not", " honouring it.", " This could have lead to the accidental removal of system packages when", " trying to uninstall applications from simple PackageKit frontends.", " (LP: #2148474)", "", "" ], "package": "packagekit", "version": "1.3.4-3ubuntu1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2148474 ], "author": "Alessandro Astone ", "date": "Tue, 09 Jun 2026 11:47:30 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpackagekit-glib2-18:riscv64", "from_version": { "source_package_name": "packagekit", "source_package_version": "1.3.4-3ubuntu1", "version": "1.3.4-3ubuntu1" }, "to_version": { "source_package_name": "packagekit", "source_package_version": "1.3.4-3ubuntu1.1", "version": "1.3.4-3ubuntu1.1" }, "cves": [], "launchpad_bugs_fixed": [ 2148474 ], "changes": [ { "cves": [], "log": [ "", " * d/p: Honour allow_deps=false when removing packages.", " The PackageKit API allows restricting a RemovePackages transaction to", " prevent removing any dependent packages, but the APT backend was not", " honouring it.", " This could have lead to the accidental removal of system packages when", " trying to uninstall applications from simple PackageKit frontends.", " (LP: #2148474)", "", "" ], "package": "packagekit", "version": "1.3.4-3ubuntu1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2148474 ], "author": "Alessandro Astone ", "date": "Tue, 09 Jun 2026 11:47:30 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libxml2-16:riscv64", "from_version": { "source_package_name": "libxml2", "source_package_version": "2.15.2+dfsg-0.1", "version": "2.15.2+dfsg-0.1" }, "to_version": { "source_package_name": "libxml2", "source_package_version": "2.15.2+dfsg-0.1ubuntu0.1", "version": "2.15.2+dfsg-0.1ubuntu0.1" }, "cves": [ { "cve": "CVE-2026-6732", "url": "https://ubuntu.com/security/CVE-2026-6732", "cve_description": "A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.", "cve_priority": "medium", "cve_public_date": "2026-04-23 23:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-6732", "url": "https://ubuntu.com/security/CVE-2026-6732", "cve_description": "A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.", "cve_priority": "medium", "cve_public_date": "2026-04-23 23:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Denial of service in parser.", " - debian/patches/CVE-2026-6732.patch: Pass userData instead of ctxt in", " parser.c", " - CVE-2026-6732", "" ], "package": "libxml2", "version": "2.15.2+dfsg-0.1ubuntu0.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Fri, 19 Jun 2026 11:43:10 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "packagekit", "from_version": { "source_package_name": "packagekit", "source_package_version": "1.3.4-3ubuntu1", "version": "1.3.4-3ubuntu1" }, "to_version": { "source_package_name": "packagekit", "source_package_version": "1.3.4-3ubuntu1.1", "version": "1.3.4-3ubuntu1.1" }, "cves": [], "launchpad_bugs_fixed": [ 2148474 ], "changes": [ { "cves": [], "log": [ "", " * d/p: Honour allow_deps=false when removing packages.", " The PackageKit API allows restricting a RemovePackages transaction to", " prevent removing any dependent packages, but the APT backend was not", " honouring it.", " This could have lead to the accidental removal of system packages when", " trying to uninstall applications from simple PackageKit frontends.", " (LP: #2148474)", "", "" ], "package": "packagekit", "version": "1.3.4-3ubuntu1.1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2148474 ], "author": "Alessandro Astone ", "date": "Tue, 09 Jun 2026 11:47:30 +0200" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 26.04 resolute image from daily image serial 20260620 to 20260623", "from_series": "resolute", "to_series": "resolute", "from_serial": "20260620", "to_serial": "20260623", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }