{
    "summary": {
        "snap": {
            "added": [],
            "removed": [],
            "diff": []
        },
        "deb": {
            "added": [],
            "removed": [
                "pollinate"
            ],
            "diff": [
                "apparmor",
                "binutils",
                "binutils-common:riscv64",
                "binutils-riscv64-linux-gnu",
                "fwupd",
                "gcc-16-base:riscv64",
                "gir1.2-girepository-3.0:riscv64",
                "gir1.2-glib-2.0:riscv64",
                "inetutils-telnet",
                "libapparmor1:riscv64",
                "libatomic1:riscv64",
                "libbinutils:riscv64",
                "libcbor0.10:riscv64",
                "libctf-nobfd0:riscv64",
                "libctf0:riscv64",
                "libfwupd3:riscv64",
                "libgcc-s1:riscv64",
                "libgirepository-2.0-0:riscv64",
                "libglib2.0-0t64:riscv64",
                "libglib2.0-bin",
                "libglib2.0-data",
                "libgnutls30t64:riscv64",
                "libgprofng0:riscv64",
                "libidn2-0:riscv64",
                "libjs-sphinxdoc",
                "libldap-common",
                "libldap2:riscv64",
                "libnss3:riscv64",
                "libnvme1t64:riscv64",
                "libpsl5t64:riscv64",
                "librtmp1:riscv64",
                "libsframe3:riscv64",
                "libstdc++6:riscv64",
                "libtcl8.6:riscv64",
                "libuv1t64:riscv64",
                "libxml2-16:riscv64",
                "manpages",
                "manpages-dev",
                "python3-attr",
                "python3-hyperlink",
                "python3-jwt",
                "python3-software-properties",
                "screen",
                "snapd",
                "software-properties-common",
                "sudo",
                "tcl",
                "tcl8.6",
                "telnet",
                "ubuntu-kernel-accessories",
                "ubuntu-minimal",
                "ubuntu-server",
                "ubuntu-standard"
            ]
        }
    },
    "diff": {
        "deb": [
            {
                "name": "apparmor",
                "from_version": {
                    "source_package_name": "apparmor",
                    "source_package_version": "5.0.0~beta1-0ubuntu7",
                    "version": "5.0.0~beta1-0ubuntu7"
                },
                "to_version": {
                    "source_package_name": "apparmor",
                    "source_package_version": "5.0.1-0ubuntu1",
                    "version": "5.0.1-0ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "  * d/apparmor.install: add the new glycin.* profiles",
                            "  * d/libapparmor1.symbols: add the new library symbols",
                            "  * d/rules: add profiles check to testing step",
                            "  * d/watch:",
                            "    - Update regex to handle -rc version numbers",
                            "    - Update to version 5 of the format",
                            "  * Refresh patches to apply to upstream release:",
                            "    - d/p/u/profiles-grant-access-to-systemd-resolved.patch",
                            "    - d/p/u/aa-notify-fallback-to-ev-comm-when-ev-execpath.patch",
                            "  * Update patches to apply to upstream release:",
                            "    - d/p/u/samba-systemd-interaction.patch",
                            "    - d/p/u/profiles_disable_curl.patch",
                            "    - d/p/u/profiles_add_more_consoles_workaround.patch",
                            "    - d/p/u/profiles-use-coreutils-tunable.patch",
                            "    - d/p/u/0001-parser-add-more-reserved-mediation-classes.patch",
                            "    - d/p/u/0007-Set-parser-network.h-ip_conds-ptrs-to-null-in-its-fr.patch",
                            "  * Drop patches that were applied upstream:",
                            "    - d/p/u/libapparmor-move-aa_get_lsm_iface-decl-in-libapparmor.patch",
                            "    - d/p/u/0001-parser-set-umask-before-creating-temp-file.patch",
                            "    - d/p/u/0002-parser-restrict-umask-to-allow-only-user-permissions.patch",
                            "    - d/p/u/libapparmor-add-test-for-libapparmor-features-prefix.patch",
                            "    - d/p/u/transmission-common-fixes-for-lp-2137395.patch",
                            "    - d/p/u/unix-chkpwd-add-disconnected-run-paths.patch",
                            "    - d/p/u/profiles-add-extensions-to-allowed-ghostscript.patch",
                            "    - d/p/u/profiles-expand-the-allowed-directories-for-ghostscript.patch",
                            "    - d/p/u/profiles-add-sys-kernel-mm-transparent_hugepage-enable.patch",
                            "    - d/p/u/0006-parser-name-ns_domain-and-network_v9-classes.patch",
                            "    - d/p/u/0011-utils-add-support-for-iface-an-label-in-network-rule.patch",
                            "    - d/p/u/0013-parser-fix-FTBFS-due-to-missing-merge-edit.patch",
                            "    - d/p/u/0014-tests-check-if-skb-mediation-is-enabled.patch",
                            "    - d/p/u/snap-browser-add-missing-perms-when-opening-from-link.patch",
                            "    - d/p/u/lsusb-allow-reading-etc-udev-hwdb-bin.patch",
                            "    - d/p/u/profiles-grant-unix-domain-socket-access-to-sanitize.patch",
                            "    - d/p/u/0002-parser-refactor-compressed-policy-cache.patch",
                            "    - d/p/u/0003-parser-handle-compressed-cache-on-kernels-without-de.patch",
                            "    - d/p/u/0004-regression-fix-the-e2e-test-for-compressed-caches.patch",
                            "  * Drop patches that were superseded upstream:",
                            "    - d/p/u/0002-parser-convert-conditionals-operators-to-an-enum.patch",
                            "    - d/p/u/0003-parser-add-override-assign-to-cond-list-elements.patch",
                            "    - d/p/u/0004-parser-support-network-interface-conditional.patch",
                            "    - d/p/u/0005-tests-add-network-interface-tests.patch",
                            "    - d/p/u/0008-parser-move-to-encode-an-alternation-of-a-null-trans.patch",
                            "    - d/p/u/0009-parser-disable-ability-to-specify-interface-on-peer-.patch",
                            "    - d/p/u/0010-parser-fix-iface-perms-to-work-when-v9-and-v9_skb-ar.patch",
                            "    - d/p/u/0012-parser-fix-label-match-for-default-label-values.patch",
                            "    - d/p/u/0001-parser-fix-rewriting-of-cache-after-zstd-recompressi.patch",
                            "  * Add patches to fix FTBFS (profile test enabling):",
                            "    - d/p/u/profiles-allow-more-attach-disconnected.patch",
                            "  * Update patches to fix FTBFS (profile test enabling):",
                            "    - d/p/u/openvpn_mr_1263.patch",
                            "    - d/p/u/irssi_mr_1332.patch",
                            "    - d/p/u/os_prober_mr_1569.patch",
                            "    - d/p/u/profiles_disable_free.patch",
                            "    - d/p/u/profiles_disable_curl.patch",
                            "    - d/p/u/profiles-tunables-add-coreutils-var.patch",
                            "    - d/p/u/profiles-use-coreutils-tunable.patch",
                            "    - d/p/u/profiles-pull-openvpn-profile.patch",
                            ""
                        ],
                        "package": "apparmor",
                        "version": "5.0.1-0ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Ryan Lee <ryan.lee@canonical.com>",
                        "date": "Wed, 10 Jun 2026 09:40:03 -0700"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "binutils",
                "from_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46-3ubuntu2",
                    "version": "2.46-3ubuntu2"
                },
                "to_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46.50.20260608-1ubuntu1",
                    "version": "2.46.50.20260608-1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Wed, 10 Jun 2026 09:07:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Wed, 10 Jun 2026 08:16:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260519-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Tue, 19 May 2026 20:54:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Drop build dependency on quilt. Addresses: #1129263.",
                            "  * Bump standards version.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260509-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 07:16:40 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Enable PAC/BTI/GCS on arm64 (Emanuele Rocca). Addresses: #1127747.",
                            "  * Ignore ld-bootstrap/bootstrap.exp test failures everywhere.",
                            "    Addresses: #1127603.",
                            "  * Don't run the ld-elf/sec64k.exp test on sh4, timing out.",
                            "    Addresses: #1127604.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260216-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Mon, 16 Feb 2026 08:47:59 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "binutils-common:riscv64",
                "from_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46-3ubuntu2",
                    "version": "2.46-3ubuntu2"
                },
                "to_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46.50.20260608-1ubuntu1",
                    "version": "2.46.50.20260608-1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Wed, 10 Jun 2026 09:07:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Wed, 10 Jun 2026 08:16:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260519-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Tue, 19 May 2026 20:54:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Drop build dependency on quilt. Addresses: #1129263.",
                            "  * Bump standards version.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260509-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 07:16:40 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Enable PAC/BTI/GCS on arm64 (Emanuele Rocca). Addresses: #1127747.",
                            "  * Ignore ld-bootstrap/bootstrap.exp test failures everywhere.",
                            "    Addresses: #1127603.",
                            "  * Don't run the ld-elf/sec64k.exp test on sh4, timing out.",
                            "    Addresses: #1127604.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260216-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Mon, 16 Feb 2026 08:47:59 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "binutils-riscv64-linux-gnu",
                "from_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46-3ubuntu2",
                    "version": "2.46-3ubuntu2"
                },
                "to_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46.50.20260608-1ubuntu1",
                    "version": "2.46.50.20260608-1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Wed, 10 Jun 2026 09:07:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Wed, 10 Jun 2026 08:16:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260519-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Tue, 19 May 2026 20:54:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Drop build dependency on quilt. Addresses: #1129263.",
                            "  * Bump standards version.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260509-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 07:16:40 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Enable PAC/BTI/GCS on arm64 (Emanuele Rocca). Addresses: #1127747.",
                            "  * Ignore ld-bootstrap/bootstrap.exp test failures everywhere.",
                            "    Addresses: #1127603.",
                            "  * Don't run the ld-elf/sec64k.exp test on sh4, timing out.",
                            "    Addresses: #1127604.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260216-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Mon, 16 Feb 2026 08:47:59 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "fwupd",
                "from_version": {
                    "source_package_name": "fwupd",
                    "source_package_version": "2.1.1-1ubuntu3",
                    "version": "2.1.1-1ubuntu3"
                },
                "to_version": {
                    "source_package_name": "fwupd",
                    "source_package_version": "2.1.1-1ubuntu4",
                    "version": "2.1.1-1ubuntu4"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2148183,
                    2156480,
                    2156479,
                    2156612
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * d/p/fwupdmgr-fde-verify-snapd-recovery-key.patch",
                            "    - Fix recovery key prompt for multi-boot systems. Previously an error made",
                            "      fwupdmgr prompt all systems where hardware-backed FDE was detected, when",
                            "      it should only verify against the current system IFF it is running under",
                            "      snapd FDE. (LP: #2148183)",
                            "    - Fix incorrect error propagation. If CTRL-D was sent, the process would",
                            "      expose an incorrect error propagation in the recovery key verification.",
                            "      (LP: #2156480)",
                            "    - Link to Ubuntu TPM docs if snapd FDE is detected. Previously bugs",
                            "      related to this temporary patch could get reported upstream, leading",
                            "      to confusion as this is a short-term solution that will not get merged",
                            "      upstream.",
                            "  * d/p/mtd-fall-back-to-generic-firmware.patch: Fix an error on MTD devices",
                            "      where gtype was incorrectly set to G_TYPE_INVALID (LP: #2156479)",
                            "  * d/p/fix-device-locker-crash.patch: Fix an error where the genesys-gl32xx",
                            "      plugin would crash due to using the wrong detach and attach callbacks",
                            "      (LP: #2156612)",
                            ""
                        ],
                        "package": "fwupd",
                        "version": "2.1.1-1ubuntu4",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2148183,
                            2156480,
                            2156479,
                            2156612
                        ],
                        "author": "Simon Johnsson <simon.johnsson@canonical.com>",
                        "date": "Thu, 18 Jun 2026 16:01:12 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "gcc-16-base:riscv64",
                "from_version": {
                    "source_package_name": "gcc-16",
                    "source_package_version": "16-20260322-1ubuntu1",
                    "version": "16-20260322-1ubuntu1"
                },
                "to_version": {
                    "source_package_name": "gcc-16",
                    "source_package_version": "16.1.0-2ubuntu1",
                    "version": "16.1.0-2ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2152642
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            "    - Work-around the 80GB chroot size on the Ubuntu buildds.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-2ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 13 Jun 2026 11:14:58 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Update to git 20260613 from the gcc-16 branch.",
                            "    - Fix PR target/125751 (AVR), PR target/125611 (X86),",
                            "      PR rtl-optimization/125375, PR target/122827 (AArch64),",
                            "      PR tree-optimization/125250, PR middle-end/125156, PR target/124870 (ARM),",
                            "      PR target/125215 (RISCV), PR tree-optimization/124151,",
                            "      PR target/124895 (AArch64), PR target/125409 (AVR),",
                            "      PR target/125362 (loongarch), PR target/125320 (RISCV),",
                            "      PR target/125373 (X86), PR other/125348, PR target/125355 (X86),",
                            "      PR target/125355 (X86), PR target/125351 (X86), PR target/120870 (X86),",
                            "      PR tree-optimization/125291, PR target/125308 (X86),",
                            "      PR target/124316 (X86), PR target/125194 (AVR),",
                            "      PR target/125049 (loongarch), PR middle-end/125259,",
                            "      PR target/53929 (MingW), PR ada/125695, PR ada/18205, PR other/125348,",
                            "      PR ada/125240, PR c/124532, PR c++/125284, PR c++/125333, PR c++/125498,",
                            "      PR c++/125334, PR c++/125378, PR c++/125490, PR c++/125123,",
                            "      PR c++/125412, PR c++/125376, PR c++/125454, PR c++/125423,",
                            "      PR c++/125135, PR c++/125384, PR c++/113563, PR c++/125007,",
                            "      PR c++/125315, PR c++/124628, PR c++/125184, PR c++/125111,",
                            "      PR c++/124991, PR c++/125280, PR c++/100903, PR c++/115181,",
                            "      PR c++/125043, PR c++/124979, PR c++/125208, PR fortran/125669,",
                            "      PR fortran/125606, PR fortran/125393, PR fortran/105582,",
                            "      PR fortran/125391, PR fortran/125416, PR fortran/106546,",
                            "      PR fortran/115260, PR fortran/125021, PR fortran/125192,",
                            "      PR fortran/125198, PR fortran/111952, PR fortran/125059,",
                            "      PR other/125348, PR target/125752 (AVR), PR libfortran/125095,",
                            "      PR libstdc++/125450, PR libstdc++/125374, PR libstdc++/125369,",
                            "      PR libstdc++/78302, PR libstdc++/71301, PR libstdc++/125312.",
                            "",
                            "  [ Matthias Klose ]",
                            "  * Build using GNAT 15 for now. See #1136069.",
                            "  * Configure --with-arch=rv64gc on Ubuntu/riscv64. LP: #2152642.",
                            "  * Apply proposed patch for PR rtl-optimization/123853 (m68k). See #1107416.",
                            "  * Still configure --with-arch=rv64gc for Debian/riscv64 backports.",
                            "  * Apply PR middle-end/124637, taken from the trunk. Addresses: #1131886.",
                            "",
                            "  [ Aurelien Jarno ]",
                            "  * Configure --with-arch=rva20u64 on Debian/riscv64.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [
                            2152642
                        ],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 13 Jun 2026 10:54:28 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Build using GNAT 15 for now. See #1136069.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1ubuntu2",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 09 May 2026 08:29:53 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            "    - Work-around the 80GB chroot size on the Ubuntu buildds.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 09 May 2026 08:05:35 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * GCC 16.1.0 release.",
                            "  * Update to git 20260509 from the gcc-16 branch.",
                            "    - Fix PR target/120587 (OR1K), PR target/125155 (OR1K),",
                            "      PR target/125057 (loongarch), PR target/125180 (x86),",
                            "      PR tree-optimization/125079, PR tree-optimization/125079,",
                            "      PR target/125117 (x86), PR target/124984 (RISCV), PR middle-end/123635,",
                            "      PR tree-optimization/125039, PR target/124133 (PPC), PR middle-end/123635,",
                            "      PR tree-optimization/124988, PR ada/125168, PR ada/125044,",
                            "      PR c++/124770, PR c++/125206, PR c++/125179, PR c++/124957,",
                            "      PR c++/125115, PR c++/124926, PR c++/124989, PR c++/124756,",
                            "      PR c++/125096, PR c++/125035, PR c++/124582, PR c++/123810,",
                            "      PR c++/124953, PR c++/124981, PR d/125089, PR libstdc++/109965,",
                            "      PR libstdc++/121919, PR libstdc++/125112, PR libstdc++/125024,",
                            "      PR tree-optimization/125185, PR middle-end/125146,",
                            "      PR tree-optimization/125025, PR tree-optimization/125025,.",
                            "    - Revert fix for PR tree-optimization/120003.",
                            "  * d/shlibs.common: Add libgdiagnostics.",
                            "  * Drop the debian/lib{32,64}stdc++CXX.postinst scripts, GCC 4.4 times ...",
                            "  * Update NEWS files.",
                            "  * Bump standards version.",
                            "  * libstdc++-dev: Make baseline file reproducible. Addresses: #1133772.",
                            "  * Configure with --enable-checking=release on amd64, but keep the extra",
                            "    checking on arm64 i386 mips64el ppc64 ppc64el s390x for now.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 06:46:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Snapshot, taken from the gcc-16 branch (20260425, release candidate).",
                            "  * Fix typo in libgcc-s symbols file.",
                            "  * Update libgphobos symbols file for amd64.",
                            "  * Refresh cross-install-location patch.",
                            "  * Replace outdated postal FSF address with URL.",
                            "  * Turn on again PGO/LTO builds for most 64bit architectures.",
                            "  * Turn on running the testsuite again.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16-20260425-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 25 Apr 2026 07:19:09 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Snapshot, taken from the gcc-16 branch (20260423).",
                            "  * Require bison 3.5.1 or 3.8.2 for the gcobol build.",
                            "  * Update the ada-armel-libatomic patch for PR ada/107475.",
                            "  * Build gcc itself with branch-protection (Emanuele Rocca). Closes: #1130592.",
                            "    - On arm64 by appending CFLAGS_SECURE to BOOT_CFLAGS.",
                            "    - Set BOOT_CFLAGS explicitly instead of relying on upstream defaults.",
                            "  * libgfortran-dev: Install libcaf_shmem.a.",
                            "  * Add conflicts for GCC 15 binary packages. Closes: #1133161.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16-20260423-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Thu, 23 Apr 2026 12:03:13 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "gir1.2-girepository-3.0:riscv64",
                "from_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.0-1",
                    "version": "2.88.0-1"
                },
                "to_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.1-2",
                    "version": "2.88.1-2"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release",
                            "  * Run cme fix dpkg --save",
                            "  * Update debian/watch to comply with new Salsa CI uscan job",
                            "  * Update Standards Version to 4.7.4",
                            ""
                        ],
                        "package": "glib2.0",
                        "version": "2.88.1-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Jeremy Bícha <jbicha@ubuntu.com>",
                        "date": "Mon, 04 May 2026 18:18:03 -0400"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "gir1.2-glib-2.0:riscv64",
                "from_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.0-1",
                    "version": "2.88.0-1"
                },
                "to_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.1-2",
                    "version": "2.88.1-2"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release",
                            "  * Run cme fix dpkg --save",
                            "  * Update debian/watch to comply with new Salsa CI uscan job",
                            "  * Update Standards Version to 4.7.4",
                            ""
                        ],
                        "package": "glib2.0",
                        "version": "2.88.1-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Jeremy Bícha <jbicha@ubuntu.com>",
                        "date": "Mon, 04 May 2026 18:18:03 -0400"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "inetutils-telnet",
                "from_version": {
                    "source_package_name": "inetutils",
                    "source_package_version": "2:2.7-2ubuntu1",
                    "version": "2:2.7-2ubuntu1"
                },
                "to_version": {
                    "source_package_name": "inetutils",
                    "source_package_version": "2:2.8-2ubuntu1",
                    "version": "2:2.8-2ubuntu1"
                },
                "cves": [
                    {
                        "cve": "CVE-2026-32772",
                        "url": "https://ubuntu.com/security/CVE-2026-32772",
                        "cve_description": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-03-16 14:19:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-24061",
                        "url": "https://ubuntu.com/security/CVE-2026-24061",
                        "cve_description": "telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a \"-f root\" value for the USER environment variable.",
                        "cve_priority": "high",
                        "cve_public_date": "2026-01-21 07:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-32746",
                        "url": "https://ubuntu.com/security/CVE-2026-32746",
                        "cve_description": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-03-13 19:55:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-28372",
                        "url": "https://ubuntu.com/security/CVE-2026-28372",
                        "cve_description": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-02-27 06:18:00 UTC"
                    }
                ],
                "launchpad_bugs_fixed": [
                    2153307
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian unstable (LP: #2153307). Remaining changes:",
                            "    - Do not test the inetutils-ping package (LP #2009814)",
                            "      + d/t/test-root-commands: disable ping tests.",
                            "      + d/t/control: remove inetutils-ping dependency.",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.8-2ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2153307
                        ],
                        "author": "Zineb Zaadoud <zineb.zaadoud@canonical.com>",
                        "date": "Tue, 16 Jun 2026 22:02:01 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Remove no longer used spelling-error-in-binary lintian override.",
                            "  * Remove unused /var/log/ppp.log logrotate handling.",
                            "  * Merge individual logrotate log file entries into two entries.",
                            "  * Reload inetutils-syslogd for all logrotate entries.",
                            "  * Switch to /run/xconsole for all systems with a compat symlink from /dev.",
                            "  * Remove /var/log/news/news.* log handling. (Closes: #1135791)",
                            "  * Remove /var/log/lpr.log log handling.",
                            "  * Remove /var/log/uucp.log log handling.",
                            "  * Enable /var/log/cron.log log handling for cron facility.",
                            "  * Place /var/log/syslog as the first log file, before /var/log/auth.log.",
                            "  * Move commented out tty log handling entry to an example config fragment.",
                            "  * Move enabled xconsole log handling entry to an example config fragment.",
                            "  * Fix typos in syslog.conf(5) man page.",
                            "  * Add explicit mentions of /etc/syslog.d/ into man pages.",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.8-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Wed, 06 May 2026 23:19:05 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian unstable. Remaining changes:",
                            "    - Do not test the inetutils-ping package (LP #2009814)",
                            "      + d/t/test-root-commands: disable ping tests",
                            "      + d/t/control: remove inetutils-ping dependency",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.8-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Simon Quigley <tsimonq2@debian.org>",
                        "date": "Tue, 05 May 2026 08:38:23 -0500"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "    - Remove patches merged upstream.",
                            "    - Update copyright years.",
                            "    - Update telnetd man page to remove --debug option.",
                            "  * Remove build dependency on debhelper (>= 13.10) implied by",
                            "    debhelper-compat (= 13) since Debian bookworm.",
                            "  * Remove build dependencies on automake, autoconf and libtool implied",
                            "    by debhelper-compat (>= 10) since Debian stretch.",
                            "  * Switch to Standards-Version 4.7.4 (no changes needed).",
                            "  * Improve package descriptions:",
                            "    - Do not capitalize program names, instead prefix them with \"the\".",
                            "    - Clarify these are GNU tools.",
                            "    - Clarify that inetutils-ping contains ping and ping6 for ICMP and ICMP6.",
                            "    - Add FTP acronym to the synopsis.",
                            "    - Use talk client/server instead of tools to talk/communicate with users.",
                            "    - Fix grammar for inetutils-talkd.",
                            "  * Add a source package Description field.",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.8-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Thu, 30 Apr 2026 05:23:37 +0200"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-32772",
                                "url": "https://ubuntu.com/security/CVE-2026-32772",
                                "cve_description": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-03-16 14:19:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * Adapt netkit-telnet patch to not leak unexported environment variables to",
                            "    telnetd. Reported by Justin Swartz <justin.swartz@risingedge.co.za>.",
                            "    Fixes CVE-2026-32772. (Closes: #1130741)",
                            "  * Prevent user local privilege escalation using --debug, which was",
                            "    susceptible to symlink attacks, or leaking on-wire credentials to a",
                            "    user that had pre-created the file and kept it open. Fix by switching",
                            "    from /tmp/telnet.debug to /run/telnet/debug.<pid>, and making the",
                            "    setup error checks fatal.",
                            "    Partially reported by Justin Swartz <justin.swartz@risingedge.co.za>.",
                            "  * Update local telnetd man page to match new --debug behavior.",
                            "  * Fix typo in AUTHORS file. (Closes: #1127398)",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.7-5",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Tue, 24 Mar 2026 04:33:27 +0100"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-24061",
                                "url": "https://ubuntu.com/security/CVE-2026-24061",
                                "cve_description": "telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a \"-f root\" value for the USER environment variable.",
                                "cve_priority": "high",
                                "cve_public_date": "2026-01-21 07:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-32746",
                                "url": "https://ubuntu.com/security/CVE-2026-32746",
                                "cve_description": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-03-13 19:55:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * Update patch metadata.",
                            "  * Add patches from upstream:",
                            "    - Ignore all environment options from clients unless the variable was",
                            "      listed in the new --accept-env telnetd option. This mitigates privilege",
                            "      escalation using environment variables.",
                            "      This is the complete fix for CVE-2026-24061, with its own CVE pending.",
                            "    - Fix stack buffer overlflow processing SLC suboption triplets.",
                            "      Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg,",
                            "      Daniel Lubel at DREAM Security Research Team.",
                            "      Fixes CVE-2026-32746. (Closes: #1130742)",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.7-4",
                        "urgency": "high",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Mon, 16 Mar 2026 09:22:45 +0100"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-28372",
                                "url": "https://ubuntu.com/security/CVE-2026-28372",
                                "cve_description": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-02-27 06:18:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * Add patch from upstream:",
                            "    - Prevent privilege escalation via telnetd abusing systemd service",
                            "      credentials support added to the login(1) implementation of util-linux in",
                            "      release 2.40. Reported by Ron Ben Yizhak <ron.benyizhak@safebreach.com>.",
                            "      Fixes CVE-2026-28372.",
                            "  * Remove unused lintian override very-long-line-length-in-source-file.",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.7-3",
                        "urgency": "high",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Mon, 16 Feb 2026 13:57:00 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libapparmor1:riscv64",
                "from_version": {
                    "source_package_name": "apparmor",
                    "source_package_version": "5.0.0~beta1-0ubuntu7",
                    "version": "5.0.0~beta1-0ubuntu7"
                },
                "to_version": {
                    "source_package_name": "apparmor",
                    "source_package_version": "5.0.1-0ubuntu1",
                    "version": "5.0.1-0ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "  * d/apparmor.install: add the new glycin.* profiles",
                            "  * d/libapparmor1.symbols: add the new library symbols",
                            "  * d/rules: add profiles check to testing step",
                            "  * d/watch:",
                            "    - Update regex to handle -rc version numbers",
                            "    - Update to version 5 of the format",
                            "  * Refresh patches to apply to upstream release:",
                            "    - d/p/u/profiles-grant-access-to-systemd-resolved.patch",
                            "    - d/p/u/aa-notify-fallback-to-ev-comm-when-ev-execpath.patch",
                            "  * Update patches to apply to upstream release:",
                            "    - d/p/u/samba-systemd-interaction.patch",
                            "    - d/p/u/profiles_disable_curl.patch",
                            "    - d/p/u/profiles_add_more_consoles_workaround.patch",
                            "    - d/p/u/profiles-use-coreutils-tunable.patch",
                            "    - d/p/u/0001-parser-add-more-reserved-mediation-classes.patch",
                            "    - d/p/u/0007-Set-parser-network.h-ip_conds-ptrs-to-null-in-its-fr.patch",
                            "  * Drop patches that were applied upstream:",
                            "    - d/p/u/libapparmor-move-aa_get_lsm_iface-decl-in-libapparmor.patch",
                            "    - d/p/u/0001-parser-set-umask-before-creating-temp-file.patch",
                            "    - d/p/u/0002-parser-restrict-umask-to-allow-only-user-permissions.patch",
                            "    - d/p/u/libapparmor-add-test-for-libapparmor-features-prefix.patch",
                            "    - d/p/u/transmission-common-fixes-for-lp-2137395.patch",
                            "    - d/p/u/unix-chkpwd-add-disconnected-run-paths.patch",
                            "    - d/p/u/profiles-add-extensions-to-allowed-ghostscript.patch",
                            "    - d/p/u/profiles-expand-the-allowed-directories-for-ghostscript.patch",
                            "    - d/p/u/profiles-add-sys-kernel-mm-transparent_hugepage-enable.patch",
                            "    - d/p/u/0006-parser-name-ns_domain-and-network_v9-classes.patch",
                            "    - d/p/u/0011-utils-add-support-for-iface-an-label-in-network-rule.patch",
                            "    - d/p/u/0013-parser-fix-FTBFS-due-to-missing-merge-edit.patch",
                            "    - d/p/u/0014-tests-check-if-skb-mediation-is-enabled.patch",
                            "    - d/p/u/snap-browser-add-missing-perms-when-opening-from-link.patch",
                            "    - d/p/u/lsusb-allow-reading-etc-udev-hwdb-bin.patch",
                            "    - d/p/u/profiles-grant-unix-domain-socket-access-to-sanitize.patch",
                            "    - d/p/u/0002-parser-refactor-compressed-policy-cache.patch",
                            "    - d/p/u/0003-parser-handle-compressed-cache-on-kernels-without-de.patch",
                            "    - d/p/u/0004-regression-fix-the-e2e-test-for-compressed-caches.patch",
                            "  * Drop patches that were superseded upstream:",
                            "    - d/p/u/0002-parser-convert-conditionals-operators-to-an-enum.patch",
                            "    - d/p/u/0003-parser-add-override-assign-to-cond-list-elements.patch",
                            "    - d/p/u/0004-parser-support-network-interface-conditional.patch",
                            "    - d/p/u/0005-tests-add-network-interface-tests.patch",
                            "    - d/p/u/0008-parser-move-to-encode-an-alternation-of-a-null-trans.patch",
                            "    - d/p/u/0009-parser-disable-ability-to-specify-interface-on-peer-.patch",
                            "    - d/p/u/0010-parser-fix-iface-perms-to-work-when-v9-and-v9_skb-ar.patch",
                            "    - d/p/u/0012-parser-fix-label-match-for-default-label-values.patch",
                            "    - d/p/u/0001-parser-fix-rewriting-of-cache-after-zstd-recompressi.patch",
                            "  * Add patches to fix FTBFS (profile test enabling):",
                            "    - d/p/u/profiles-allow-more-attach-disconnected.patch",
                            "  * Update patches to fix FTBFS (profile test enabling):",
                            "    - d/p/u/openvpn_mr_1263.patch",
                            "    - d/p/u/irssi_mr_1332.patch",
                            "    - d/p/u/os_prober_mr_1569.patch",
                            "    - d/p/u/profiles_disable_free.patch",
                            "    - d/p/u/profiles_disable_curl.patch",
                            "    - d/p/u/profiles-tunables-add-coreutils-var.patch",
                            "    - d/p/u/profiles-use-coreutils-tunable.patch",
                            "    - d/p/u/profiles-pull-openvpn-profile.patch",
                            ""
                        ],
                        "package": "apparmor",
                        "version": "5.0.1-0ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Ryan Lee <ryan.lee@canonical.com>",
                        "date": "Wed, 10 Jun 2026 09:40:03 -0700"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libatomic1:riscv64",
                "from_version": {
                    "source_package_name": "gcc-16",
                    "source_package_version": "16-20260322-1ubuntu1",
                    "version": "16-20260322-1ubuntu1"
                },
                "to_version": {
                    "source_package_name": "gcc-16",
                    "source_package_version": "16.1.0-2ubuntu1",
                    "version": "16.1.0-2ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2152642
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            "    - Work-around the 80GB chroot size on the Ubuntu buildds.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-2ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 13 Jun 2026 11:14:58 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Update to git 20260613 from the gcc-16 branch.",
                            "    - Fix PR target/125751 (AVR), PR target/125611 (X86),",
                            "      PR rtl-optimization/125375, PR target/122827 (AArch64),",
                            "      PR tree-optimization/125250, PR middle-end/125156, PR target/124870 (ARM),",
                            "      PR target/125215 (RISCV), PR tree-optimization/124151,",
                            "      PR target/124895 (AArch64), PR target/125409 (AVR),",
                            "      PR target/125362 (loongarch), PR target/125320 (RISCV),",
                            "      PR target/125373 (X86), PR other/125348, PR target/125355 (X86),",
                            "      PR target/125355 (X86), PR target/125351 (X86), PR target/120870 (X86),",
                            "      PR tree-optimization/125291, PR target/125308 (X86),",
                            "      PR target/124316 (X86), PR target/125194 (AVR),",
                            "      PR target/125049 (loongarch), PR middle-end/125259,",
                            "      PR target/53929 (MingW), PR ada/125695, PR ada/18205, PR other/125348,",
                            "      PR ada/125240, PR c/124532, PR c++/125284, PR c++/125333, PR c++/125498,",
                            "      PR c++/125334, PR c++/125378, PR c++/125490, PR c++/125123,",
                            "      PR c++/125412, PR c++/125376, PR c++/125454, PR c++/125423,",
                            "      PR c++/125135, PR c++/125384, PR c++/113563, PR c++/125007,",
                            "      PR c++/125315, PR c++/124628, PR c++/125184, PR c++/125111,",
                            "      PR c++/124991, PR c++/125280, PR c++/100903, PR c++/115181,",
                            "      PR c++/125043, PR c++/124979, PR c++/125208, PR fortran/125669,",
                            "      PR fortran/125606, PR fortran/125393, PR fortran/105582,",
                            "      PR fortran/125391, PR fortran/125416, PR fortran/106546,",
                            "      PR fortran/115260, PR fortran/125021, PR fortran/125192,",
                            "      PR fortran/125198, PR fortran/111952, PR fortran/125059,",
                            "      PR other/125348, PR target/125752 (AVR), PR libfortran/125095,",
                            "      PR libstdc++/125450, PR libstdc++/125374, PR libstdc++/125369,",
                            "      PR libstdc++/78302, PR libstdc++/71301, PR libstdc++/125312.",
                            "",
                            "  [ Matthias Klose ]",
                            "  * Build using GNAT 15 for now. See #1136069.",
                            "  * Configure --with-arch=rv64gc on Ubuntu/riscv64. LP: #2152642.",
                            "  * Apply proposed patch for PR rtl-optimization/123853 (m68k). See #1107416.",
                            "  * Still configure --with-arch=rv64gc for Debian/riscv64 backports.",
                            "  * Apply PR middle-end/124637, taken from the trunk. Addresses: #1131886.",
                            "",
                            "  [ Aurelien Jarno ]",
                            "  * Configure --with-arch=rva20u64 on Debian/riscv64.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [
                            2152642
                        ],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 13 Jun 2026 10:54:28 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Build using GNAT 15 for now. See #1136069.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1ubuntu2",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 09 May 2026 08:29:53 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            "    - Work-around the 80GB chroot size on the Ubuntu buildds.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 09 May 2026 08:05:35 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * GCC 16.1.0 release.",
                            "  * Update to git 20260509 from the gcc-16 branch.",
                            "    - Fix PR target/120587 (OR1K), PR target/125155 (OR1K),",
                            "      PR target/125057 (loongarch), PR target/125180 (x86),",
                            "      PR tree-optimization/125079, PR tree-optimization/125079,",
                            "      PR target/125117 (x86), PR target/124984 (RISCV), PR middle-end/123635,",
                            "      PR tree-optimization/125039, PR target/124133 (PPC), PR middle-end/123635,",
                            "      PR tree-optimization/124988, PR ada/125168, PR ada/125044,",
                            "      PR c++/124770, PR c++/125206, PR c++/125179, PR c++/124957,",
                            "      PR c++/125115, PR c++/124926, PR c++/124989, PR c++/124756,",
                            "      PR c++/125096, PR c++/125035, PR c++/124582, PR c++/123810,",
                            "      PR c++/124953, PR c++/124981, PR d/125089, PR libstdc++/109965,",
                            "      PR libstdc++/121919, PR libstdc++/125112, PR libstdc++/125024,",
                            "      PR tree-optimization/125185, PR middle-end/125146,",
                            "      PR tree-optimization/125025, PR tree-optimization/125025,.",
                            "    - Revert fix for PR tree-optimization/120003.",
                            "  * d/shlibs.common: Add libgdiagnostics.",
                            "  * Drop the debian/lib{32,64}stdc++CXX.postinst scripts, GCC 4.4 times ...",
                            "  * Update NEWS files.",
                            "  * Bump standards version.",
                            "  * libstdc++-dev: Make baseline file reproducible. Addresses: #1133772.",
                            "  * Configure with --enable-checking=release on amd64, but keep the extra",
                            "    checking on arm64 i386 mips64el ppc64 ppc64el s390x for now.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 06:46:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Snapshot, taken from the gcc-16 branch (20260425, release candidate).",
                            "  * Fix typo in libgcc-s symbols file.",
                            "  * Update libgphobos symbols file for amd64.",
                            "  * Refresh cross-install-location patch.",
                            "  * Replace outdated postal FSF address with URL.",
                            "  * Turn on again PGO/LTO builds for most 64bit architectures.",
                            "  * Turn on running the testsuite again.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16-20260425-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 25 Apr 2026 07:19:09 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Snapshot, taken from the gcc-16 branch (20260423).",
                            "  * Require bison 3.5.1 or 3.8.2 for the gcobol build.",
                            "  * Update the ada-armel-libatomic patch for PR ada/107475.",
                            "  * Build gcc itself with branch-protection (Emanuele Rocca). Closes: #1130592.",
                            "    - On arm64 by appending CFLAGS_SECURE to BOOT_CFLAGS.",
                            "    - Set BOOT_CFLAGS explicitly instead of relying on upstream defaults.",
                            "  * libgfortran-dev: Install libcaf_shmem.a.",
                            "  * Add conflicts for GCC 15 binary packages. Closes: #1133161.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16-20260423-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Thu, 23 Apr 2026 12:03:13 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libbinutils:riscv64",
                "from_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46-3ubuntu2",
                    "version": "2.46-3ubuntu2"
                },
                "to_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46.50.20260608-1ubuntu1",
                    "version": "2.46.50.20260608-1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Wed, 10 Jun 2026 09:07:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Wed, 10 Jun 2026 08:16:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260519-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Tue, 19 May 2026 20:54:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Drop build dependency on quilt. Addresses: #1129263.",
                            "  * Bump standards version.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260509-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 07:16:40 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Enable PAC/BTI/GCS on arm64 (Emanuele Rocca). Addresses: #1127747.",
                            "  * Ignore ld-bootstrap/bootstrap.exp test failures everywhere.",
                            "    Addresses: #1127603.",
                            "  * Don't run the ld-elf/sec64k.exp test on sh4, timing out.",
                            "    Addresses: #1127604.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260216-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Mon, 16 Feb 2026 08:47:59 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libcbor0.10:riscv64",
                "from_version": {
                    "source_package_name": "libcbor",
                    "source_package_version": "0.10.2-2ubuntu3",
                    "version": "0.10.2-2ubuntu3"
                },
                "to_version": {
                    "source_package_name": "libcbor",
                    "source_package_version": "0.10.2-2.1ubuntu1",
                    "version": "0.10.2-2.1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2153317
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian unstable (LP: #2153317). Remaining changes:",
                            "    - d/rules: add hardening=+all",
                            "    - d/rules: override auto_configure to enable tests and set the build type",
                            "      to \"Release\" as shown in the upstream build instructions.",
                            "  * Dropped changes, included in Debian:",
                            "    - d/p/0001-Set-cmake_minimum_required-to-3.5.patch:",
                            "      + cherry pick build fix from Debian (lp: 2146890)",
                            ""
                        ],
                        "package": "libcbor",
                        "version": "0.10.2-2.1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2153317
                        ],
                        "author": "Nick Rosbrook <enr0n@ubuntu.com>",
                        "date": "Fri, 19 Jun 2026 09:29:35 -0400"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Non-maintainer upload.",
                            "  * Backport upstream fix for FTBFS with CMake 4. (Closes: #1113124)",
                            ""
                        ],
                        "package": "libcbor",
                        "version": "0.10.2-2.1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Adrian Bunk <bunk@debian.org>",
                        "date": "Fri, 14 Nov 2025 21:50:27 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libctf-nobfd0:riscv64",
                "from_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46-3ubuntu2",
                    "version": "2.46-3ubuntu2"
                },
                "to_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46.50.20260608-1ubuntu1",
                    "version": "2.46.50.20260608-1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Wed, 10 Jun 2026 09:07:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Wed, 10 Jun 2026 08:16:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260519-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Tue, 19 May 2026 20:54:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Drop build dependency on quilt. Addresses: #1129263.",
                            "  * Bump standards version.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260509-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 07:16:40 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Enable PAC/BTI/GCS on arm64 (Emanuele Rocca). Addresses: #1127747.",
                            "  * Ignore ld-bootstrap/bootstrap.exp test failures everywhere.",
                            "    Addresses: #1127603.",
                            "  * Don't run the ld-elf/sec64k.exp test on sh4, timing out.",
                            "    Addresses: #1127604.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260216-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Mon, 16 Feb 2026 08:47:59 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libctf0:riscv64",
                "from_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46-3ubuntu2",
                    "version": "2.46-3ubuntu2"
                },
                "to_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46.50.20260608-1ubuntu1",
                    "version": "2.46.50.20260608-1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Wed, 10 Jun 2026 09:07:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Wed, 10 Jun 2026 08:16:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260519-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Tue, 19 May 2026 20:54:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Drop build dependency on quilt. Addresses: #1129263.",
                            "  * Bump standards version.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260509-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 07:16:40 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Enable PAC/BTI/GCS on arm64 (Emanuele Rocca). Addresses: #1127747.",
                            "  * Ignore ld-bootstrap/bootstrap.exp test failures everywhere.",
                            "    Addresses: #1127603.",
                            "  * Don't run the ld-elf/sec64k.exp test on sh4, timing out.",
                            "    Addresses: #1127604.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260216-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Mon, 16 Feb 2026 08:47:59 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libfwupd3:riscv64",
                "from_version": {
                    "source_package_name": "fwupd",
                    "source_package_version": "2.1.1-1ubuntu3",
                    "version": "2.1.1-1ubuntu3"
                },
                "to_version": {
                    "source_package_name": "fwupd",
                    "source_package_version": "2.1.1-1ubuntu4",
                    "version": "2.1.1-1ubuntu4"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2148183,
                    2156480,
                    2156479,
                    2156612
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * d/p/fwupdmgr-fde-verify-snapd-recovery-key.patch",
                            "    - Fix recovery key prompt for multi-boot systems. Previously an error made",
                            "      fwupdmgr prompt all systems where hardware-backed FDE was detected, when",
                            "      it should only verify against the current system IFF it is running under",
                            "      snapd FDE. (LP: #2148183)",
                            "    - Fix incorrect error propagation. If CTRL-D was sent, the process would",
                            "      expose an incorrect error propagation in the recovery key verification.",
                            "      (LP: #2156480)",
                            "    - Link to Ubuntu TPM docs if snapd FDE is detected. Previously bugs",
                            "      related to this temporary patch could get reported upstream, leading",
                            "      to confusion as this is a short-term solution that will not get merged",
                            "      upstream.",
                            "  * d/p/mtd-fall-back-to-generic-firmware.patch: Fix an error on MTD devices",
                            "      where gtype was incorrectly set to G_TYPE_INVALID (LP: #2156479)",
                            "  * d/p/fix-device-locker-crash.patch: Fix an error where the genesys-gl32xx",
                            "      plugin would crash due to using the wrong detach and attach callbacks",
                            "      (LP: #2156612)",
                            ""
                        ],
                        "package": "fwupd",
                        "version": "2.1.1-1ubuntu4",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2148183,
                            2156480,
                            2156479,
                            2156612
                        ],
                        "author": "Simon Johnsson <simon.johnsson@canonical.com>",
                        "date": "Thu, 18 Jun 2026 16:01:12 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libgcc-s1:riscv64",
                "from_version": {
                    "source_package_name": "gcc-16",
                    "source_package_version": "16-20260322-1ubuntu1",
                    "version": "16-20260322-1ubuntu1"
                },
                "to_version": {
                    "source_package_name": "gcc-16",
                    "source_package_version": "16.1.0-2ubuntu1",
                    "version": "16.1.0-2ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2152642
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            "    - Work-around the 80GB chroot size on the Ubuntu buildds.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-2ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 13 Jun 2026 11:14:58 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Update to git 20260613 from the gcc-16 branch.",
                            "    - Fix PR target/125751 (AVR), PR target/125611 (X86),",
                            "      PR rtl-optimization/125375, PR target/122827 (AArch64),",
                            "      PR tree-optimization/125250, PR middle-end/125156, PR target/124870 (ARM),",
                            "      PR target/125215 (RISCV), PR tree-optimization/124151,",
                            "      PR target/124895 (AArch64), PR target/125409 (AVR),",
                            "      PR target/125362 (loongarch), PR target/125320 (RISCV),",
                            "      PR target/125373 (X86), PR other/125348, PR target/125355 (X86),",
                            "      PR target/125355 (X86), PR target/125351 (X86), PR target/120870 (X86),",
                            "      PR tree-optimization/125291, PR target/125308 (X86),",
                            "      PR target/124316 (X86), PR target/125194 (AVR),",
                            "      PR target/125049 (loongarch), PR middle-end/125259,",
                            "      PR target/53929 (MingW), PR ada/125695, PR ada/18205, PR other/125348,",
                            "      PR ada/125240, PR c/124532, PR c++/125284, PR c++/125333, PR c++/125498,",
                            "      PR c++/125334, PR c++/125378, PR c++/125490, PR c++/125123,",
                            "      PR c++/125412, PR c++/125376, PR c++/125454, PR c++/125423,",
                            "      PR c++/125135, PR c++/125384, PR c++/113563, PR c++/125007,",
                            "      PR c++/125315, PR c++/124628, PR c++/125184, PR c++/125111,",
                            "      PR c++/124991, PR c++/125280, PR c++/100903, PR c++/115181,",
                            "      PR c++/125043, PR c++/124979, PR c++/125208, PR fortran/125669,",
                            "      PR fortran/125606, PR fortran/125393, PR fortran/105582,",
                            "      PR fortran/125391, PR fortran/125416, PR fortran/106546,",
                            "      PR fortran/115260, PR fortran/125021, PR fortran/125192,",
                            "      PR fortran/125198, PR fortran/111952, PR fortran/125059,",
                            "      PR other/125348, PR target/125752 (AVR), PR libfortran/125095,",
                            "      PR libstdc++/125450, PR libstdc++/125374, PR libstdc++/125369,",
                            "      PR libstdc++/78302, PR libstdc++/71301, PR libstdc++/125312.",
                            "",
                            "  [ Matthias Klose ]",
                            "  * Build using GNAT 15 for now. See #1136069.",
                            "  * Configure --with-arch=rv64gc on Ubuntu/riscv64. LP: #2152642.",
                            "  * Apply proposed patch for PR rtl-optimization/123853 (m68k). See #1107416.",
                            "  * Still configure --with-arch=rv64gc for Debian/riscv64 backports.",
                            "  * Apply PR middle-end/124637, taken from the trunk. Addresses: #1131886.",
                            "",
                            "  [ Aurelien Jarno ]",
                            "  * Configure --with-arch=rva20u64 on Debian/riscv64.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [
                            2152642
                        ],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 13 Jun 2026 10:54:28 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Build using GNAT 15 for now. See #1136069.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1ubuntu2",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 09 May 2026 08:29:53 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            "    - Work-around the 80GB chroot size on the Ubuntu buildds.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 09 May 2026 08:05:35 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * GCC 16.1.0 release.",
                            "  * Update to git 20260509 from the gcc-16 branch.",
                            "    - Fix PR target/120587 (OR1K), PR target/125155 (OR1K),",
                            "      PR target/125057 (loongarch), PR target/125180 (x86),",
                            "      PR tree-optimization/125079, PR tree-optimization/125079,",
                            "      PR target/125117 (x86), PR target/124984 (RISCV), PR middle-end/123635,",
                            "      PR tree-optimization/125039, PR target/124133 (PPC), PR middle-end/123635,",
                            "      PR tree-optimization/124988, PR ada/125168, PR ada/125044,",
                            "      PR c++/124770, PR c++/125206, PR c++/125179, PR c++/124957,",
                            "      PR c++/125115, PR c++/124926, PR c++/124989, PR c++/124756,",
                            "      PR c++/125096, PR c++/125035, PR c++/124582, PR c++/123810,",
                            "      PR c++/124953, PR c++/124981, PR d/125089, PR libstdc++/109965,",
                            "      PR libstdc++/121919, PR libstdc++/125112, PR libstdc++/125024,",
                            "      PR tree-optimization/125185, PR middle-end/125146,",
                            "      PR tree-optimization/125025, PR tree-optimization/125025,.",
                            "    - Revert fix for PR tree-optimization/120003.",
                            "  * d/shlibs.common: Add libgdiagnostics.",
                            "  * Drop the debian/lib{32,64}stdc++CXX.postinst scripts, GCC 4.4 times ...",
                            "  * Update NEWS files.",
                            "  * Bump standards version.",
                            "  * libstdc++-dev: Make baseline file reproducible. Addresses: #1133772.",
                            "  * Configure with --enable-checking=release on amd64, but keep the extra",
                            "    checking on arm64 i386 mips64el ppc64 ppc64el s390x for now.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 06:46:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Snapshot, taken from the gcc-16 branch (20260425, release candidate).",
                            "  * Fix typo in libgcc-s symbols file.",
                            "  * Update libgphobos symbols file for amd64.",
                            "  * Refresh cross-install-location patch.",
                            "  * Replace outdated postal FSF address with URL.",
                            "  * Turn on again PGO/LTO builds for most 64bit architectures.",
                            "  * Turn on running the testsuite again.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16-20260425-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 25 Apr 2026 07:19:09 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Snapshot, taken from the gcc-16 branch (20260423).",
                            "  * Require bison 3.5.1 or 3.8.2 for the gcobol build.",
                            "  * Update the ada-armel-libatomic patch for PR ada/107475.",
                            "  * Build gcc itself with branch-protection (Emanuele Rocca). Closes: #1130592.",
                            "    - On arm64 by appending CFLAGS_SECURE to BOOT_CFLAGS.",
                            "    - Set BOOT_CFLAGS explicitly instead of relying on upstream defaults.",
                            "  * libgfortran-dev: Install libcaf_shmem.a.",
                            "  * Add conflicts for GCC 15 binary packages. Closes: #1133161.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16-20260423-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Thu, 23 Apr 2026 12:03:13 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libgirepository-2.0-0:riscv64",
                "from_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.0-1",
                    "version": "2.88.0-1"
                },
                "to_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.1-2",
                    "version": "2.88.1-2"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release",
                            "  * Run cme fix dpkg --save",
                            "  * Update debian/watch to comply with new Salsa CI uscan job",
                            "  * Update Standards Version to 4.7.4",
                            ""
                        ],
                        "package": "glib2.0",
                        "version": "2.88.1-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Jeremy Bícha <jbicha@ubuntu.com>",
                        "date": "Mon, 04 May 2026 18:18:03 -0400"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libglib2.0-0t64:riscv64",
                "from_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.0-1",
                    "version": "2.88.0-1"
                },
                "to_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.1-2",
                    "version": "2.88.1-2"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release",
                            "  * Run cme fix dpkg --save",
                            "  * Update debian/watch to comply with new Salsa CI uscan job",
                            "  * Update Standards Version to 4.7.4",
                            ""
                        ],
                        "package": "glib2.0",
                        "version": "2.88.1-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Jeremy Bícha <jbicha@ubuntu.com>",
                        "date": "Mon, 04 May 2026 18:18:03 -0400"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libglib2.0-bin",
                "from_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.0-1",
                    "version": "2.88.0-1"
                },
                "to_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.1-2",
                    "version": "2.88.1-2"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release",
                            "  * Run cme fix dpkg --save",
                            "  * Update debian/watch to comply with new Salsa CI uscan job",
                            "  * Update Standards Version to 4.7.4",
                            ""
                        ],
                        "package": "glib2.0",
                        "version": "2.88.1-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Jeremy Bícha <jbicha@ubuntu.com>",
                        "date": "Mon, 04 May 2026 18:18:03 -0400"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libglib2.0-data",
                "from_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.0-1",
                    "version": "2.88.0-1"
                },
                "to_version": {
                    "source_package_name": "glib2.0",
                    "source_package_version": "2.88.1-2",
                    "version": "2.88.1-2"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release",
                            "  * Run cme fix dpkg --save",
                            "  * Update debian/watch to comply with new Salsa CI uscan job",
                            "  * Update Standards Version to 4.7.4",
                            ""
                        ],
                        "package": "glib2.0",
                        "version": "2.88.1-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Jeremy Bícha <jbicha@ubuntu.com>",
                        "date": "Mon, 04 May 2026 18:18:03 -0400"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libgnutls30t64:riscv64",
                "from_version": {
                    "source_package_name": "gnutls28",
                    "source_package_version": "3.8.12-2ubuntu1",
                    "version": "3.8.12-2ubuntu1"
                },
                "to_version": {
                    "source_package_name": "gnutls28",
                    "source_package_version": "3.8.12-2ubuntu1.1",
                    "version": "3.8.12-2ubuntu1.1"
                },
                "cves": [
                    {
                        "cve": "CVE-2026-33846",
                        "url": "https://ubuntu.com/security/CVE-2026-33846",
                        "cve_description": "A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-05-04 10:15:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-42009",
                        "url": "https://ubuntu.com/security/CVE-2026-42009",
                        "cve_description": "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-05-18 13:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-33845",
                        "url": "https://ubuntu.com/security/CVE-2026-33845",
                        "cve_description": "A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-04-30 18:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-3832",
                        "url": "https://ubuntu.com/security/CVE-2026-3832",
                        "cve_description": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-04-30 18:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-3833",
                        "url": "https://ubuntu.com/security/CVE-2026-3833",
                        "cve_description": "A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-04-30 18:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-42011",
                        "url": "https://ubuntu.com/security/CVE-2026-42011",
                        "cve_description": "A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-05-07 15:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-42010",
                        "url": "https://ubuntu.com/security/CVE-2026-42010",
                        "cve_description": "A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-05-07 12:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-5260",
                        "url": "https://ubuntu.com/security/CVE-2026-5260",
                        "cve_description": "A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-05-26 22:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-42012",
                        "url": "https://ubuntu.com/security/CVE-2026-42012",
                        "cve_description": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-05-26 22:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-42013",
                        "url": "https://ubuntu.com/security/CVE-2026-42013",
                        "cve_description": "A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-05-26 22:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-42014",
                        "url": "https://ubuntu.com/security/CVE-2026-42014",
                        "cve_description": "A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-06-16 02:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-42015",
                        "url": "https://ubuntu.com/security/CVE-2026-42015",
                        "cve_description": "A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS#12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of service (DoS) or potentially other unspecified impacts.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-05-26 22:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-5419",
                        "url": "https://ubuntu.com/security/CVE-2026-5419",
                        "cve_description": "A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of information disclosure.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-06-01 21:16:00 UTC"
                    }
                ],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-33846",
                                "url": "https://ubuntu.com/security/CVE-2026-33846",
                                "cve_description": "A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-05-04 10:15:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-42009",
                                "url": "https://ubuntu.com/security/CVE-2026-42009",
                                "cve_description": "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-05-18 13:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-33845",
                                "url": "https://ubuntu.com/security/CVE-2026-33845",
                                "cve_description": "A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-04-30 18:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-3832",
                                "url": "https://ubuntu.com/security/CVE-2026-3832",
                                "cve_description": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-04-30 18:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-3833",
                                "url": "https://ubuntu.com/security/CVE-2026-3833",
                                "cve_description": "A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-04-30 18:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-42011",
                                "url": "https://ubuntu.com/security/CVE-2026-42011",
                                "cve_description": "A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-05-07 15:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-42010",
                                "url": "https://ubuntu.com/security/CVE-2026-42010",
                                "cve_description": "A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-05-07 12:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-5260",
                                "url": "https://ubuntu.com/security/CVE-2026-5260",
                                "cve_description": "A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-05-26 22:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-42012",
                                "url": "https://ubuntu.com/security/CVE-2026-42012",
                                "cve_description": "A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-05-26 22:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-42013",
                                "url": "https://ubuntu.com/security/CVE-2026-42013",
                                "cve_description": "A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-05-26 22:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-42014",
                                "url": "https://ubuntu.com/security/CVE-2026-42014",
                                "cve_description": "A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-06-16 02:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-42015",
                                "url": "https://ubuntu.com/security/CVE-2026-42015",
                                "cve_description": "A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS#12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of service (DoS) or potentially other unspecified impacts.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-05-26 22:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-5419",
                                "url": "https://ubuntu.com/security/CVE-2026-5419",
                                "cve_description": "A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of information disclosure.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-06-01 21:16:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * SECURITY UPDATE: buffer overflow in DTLS handshake fragment reassembly",
                            "    - debian/patches/CVE-2026-33846-pre1.patch: buffers: shorten",
                            "      merge_handshake_packet using recv_buf in lib/buffers.c.",
                            "    - debian/patches/CVE-2026-33846.patch: buffers: add more checks to DTLS",
                            "      reassembly in lib/buffers.c.",
                            "    - CVE-2026-33846",
                            "  * SECURITY UPDATE: DTLS packets sequence number ordering issue",
                            "    - debian/patches/CVE-2026-42009-pre1.patch: buffers: match DTLS datagrams by",
                            "      sequence number in lib/buffers.c.",
                            "    - debian/patches/CVE-2026-42009-1.patch: lib/buffers: ensure packets have",
                            "      differing sequence numbers in lib/buffers.c.",
                            "    - debian/patches/CVE-2026-42009-2.patch: buffers: fix handshake_compare when",
                            "      sequence numbers match in lib/buffers.c.",
                            "    - CVE-2026-42009",
                            "  * SECURITY UPDATE: OOB read via malformed fragments with zero length and",
                            "    non-zero offset",
                            "    - debian/patches/CVE-2026-33845-pre1.patch: buffers: rename a variable in",
                            "      parse_handshake_header in lib/buffers.c.",
                            "    - debian/patches/CVE-2026-33845.patch: buffers: switch from end_offset over",
                            "      to frag_length in lib/buffers.c, lib/gnutls_int.h.",
                            "    - debian/patches/CVE-2026-33845-2.patch: buffers: simplify and tighten",
                            "      parse_handshake_header checks in lib/buffers.c.",
                            "    - CVE-2026-33845",
                            "  * SECURITY UPDATE: malformed OCSP response issue",
                            "    - debian/patches/CVE-2026-3832.patch: cert-session: fix multi-entry OCSP",
                            "      revocation bypass in lib/cert-session.c.",
                            "    - CVE-2026-3832",
                            "  * SECURITY UPDATE: policy bypass via x509 case-sensitive comparisons",
                            "    - debian/patches/CVE-2026-3833.patch: x509/name-constraints: compare domain",
                            "      names case-insensitive in lib/x509/name_constraints.c.",
                            "    - CVE-2026-3833",
                            "  * SECURITY UPDATE: permitted name constrains were incorrectly ignored",
                            "    - debian/patches/CVE-2026-42011.patch: x509/name_constraints: fix",
                            "      intersecting empty constraints in lib/x509/name_constraints.c.",
                            "    - CVE-2026-42011",
                            "  * SECURITY UPDATE: ",
                            "    - debian/patches/CVE-2026-42010.patch: lib/auth/rsa_psk: fix binary PSK",
                            "      identity lookup in lib/auth/rsa_psk.c.",
                            "    - CVE-2026-42010",
                            "  * SECURITY UPDATE: incorrect username parsing with NUL characters",
                            "    - debian/patches/CVE-2026-5260-1.patch: lib/auth/rsa: check that ciphertext",
                            "      matches the modulus size in lib/auth/rsa.c, lib/auth/rsa_psk.c.",
                            "    - debian/patches/CVE-2026-5260-2.patch: lib/pkcs11_privkey: guard against",
                            "      overreading on short ciphertexts in lib/pkcs11_privkey.c.",
                            "    - CVE-2026-5260",
                            "  * SECURITY UPDATE: ",
                            "    - debian/patches/CVE-2026-42012-pre1.patch: x509/hostname-verify: refactor",
                            "      and simplify CN fallback logic in lib/x509/hostname-verify.c.",
                            "    - debian/patches/CVE-2026-42012-pre2.patch: x509: add bare-bones awareness",
                            "      of SRV virtual SAN in lib/includes/gnutls/gnutls.h.in, lib/x509/common.h,",
                            "      lib/x509/name_constraints.c, lib/x509/output.c, lib/x509/virt-san.c,",
                            "      lib/x509/x509.c.",
                            "    - debian/patches/CVE-2026-42012.patch: x509/hostname-verify: make URI/SRV",
                            "      SAN preclude CN fallback in lib/x509/hostname-verify.c.",
                            "    - CVE-2026-42012",
                            "  * SECURITY UPDATE: incorrect URI or SRV Subject Alternative Names checking",
                            "    - debian/patches/CVE-2026-42013-pre1.patch: x509/email-verify: call",
                            "      fallback DN fallback in lib/x509/email-verify.c.",
                            "    - debian/patches/CVE-2026-42013.patch: x509: prevent fallback on oversized",
                            "      SAN in lib/x509/email-verify.c, lib/x509/hostname-verify.c.",
                            "    - CVE-2026-42013",
                            "  * SECURITY UPDATE: UaF when changing the Security Officer PIN",
                            "    - debian/patches/CVE-2026-42014.patch: pkcs11_write: fix UAF and leak in",
                            "      gnutls_pkcs11_token_set_pin in lib/pkcs11_write.c.",
                            "    - CVE-2026-42014",
                            "  * SECURITY UPDATE: buffer overflow when appending to a PKCS#12 bag",
                            "    - debian/patches/CVE-2026-42015.patch: x509/pkcs12_bag: fix off-by-one in",
                            "      bag element bounds check in lib/x509/pkcs12_bag.c.",
                            "    - CVE-2026-42015",
                            "  * SECURITY UPDATE: non constant-time PKCS#7 padding check",
                            "    - debian/patches/CVE-2026-5419.patch: gnutls_cipher_decrypt3: make PKCS#7",
                            "      unpadding branch free in lib/crypto-api.c, lib/libgnutls.map,",
                            "      tests/Makefile.am, tests/pkcs7-pad.c.",
                            "    - debian/patches/CVE-2026-5419-2.patch: _gnutls_pkcs7_unpad: add missing",
                            "      declaration in lib/crypto-api.c.",
                            "    - CVE-2026-5419",
                            ""
                        ],
                        "package": "gnutls28",
                        "version": "3.8.12-2ubuntu1.1",
                        "urgency": "medium",
                        "distributions": "resolute-security",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Deslauriers <marc.deslauriers@ubuntu.com>",
                        "date": "Fri, 08 May 2026 10:11:31 -0400"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libgprofng0:riscv64",
                "from_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46-3ubuntu2",
                    "version": "2.46-3ubuntu2"
                },
                "to_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46.50.20260608-1ubuntu1",
                    "version": "2.46.50.20260608-1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Wed, 10 Jun 2026 09:07:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Wed, 10 Jun 2026 08:16:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260519-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Tue, 19 May 2026 20:54:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Drop build dependency on quilt. Addresses: #1129263.",
                            "  * Bump standards version.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260509-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 07:16:40 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Enable PAC/BTI/GCS on arm64 (Emanuele Rocca). Addresses: #1127747.",
                            "  * Ignore ld-bootstrap/bootstrap.exp test failures everywhere.",
                            "    Addresses: #1127603.",
                            "  * Don't run the ld-elf/sec64k.exp test on sh4, timing out.",
                            "    Addresses: #1127604.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260216-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Mon, 16 Feb 2026 08:47:59 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libidn2-0:riscv64",
                "from_version": {
                    "source_package_name": "libidn2",
                    "source_package_version": "2.3.8-4build1",
                    "version": "2.3.8-4build1"
                },
                "to_version": {
                    "source_package_name": "libidn2",
                    "source_package_version": "2.3.8-5",
                    "version": "2.3.8-5"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Drop Rules-Requires-Root: no",
                            "  * Standards-Version: 4.7.4",
                            "  * Drop Priority: optional",
                            "  * Use pkgconf not pkg-config in d/tests/",
                            "  * Maintain as Debian Commons",
                            "  * Use watch v5",
                            "  * Bump debian/* copyright years",
                            "  * Modernize Salsa CI",
                            ""
                        ],
                        "package": "libidn2",
                        "version": "2.3.8-5",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Simon Josefsson <simon@josefsson.org>",
                        "date": "Tue, 12 May 2026 12:10:33 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libjs-sphinxdoc",
                "from_version": {
                    "source_package_name": "sphinx",
                    "source_package_version": "8.2.3-12",
                    "version": "8.2.3-12"
                },
                "to_version": {
                    "source_package_name": "sphinx",
                    "source_package_version": "9.1.0-4",
                    "version": "9.1.0-4"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  [ Stefano Rivera ]",
                            "  * Patch: Support snowball 3.1.0.",
                            "",
                            "  [ Dmitry Shachnev ]",
                            "  * Install language_data.js files for all supported languages.",
                            "  * dh_sphinxdoc:",
                            "    - Symlink language_data.js files (closes: #1137424).",
                            "    - Remove *-stemmer.js files (closes: #1073497). Sphinx installs these",
                            "      files as source for minified JS, but there is no need to ship them in",
                            "      the binary packages.",
                            "    - Generate ${sphinxdoc:Built-Using} variable only for packages that are",
                            "      already using it, add a usage note to the man page (closes: #1136263).",
                            ""
                        ],
                        "package": "sphinx",
                        "version": "9.1.0-4",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dmitry Shachnev <mitya57@debian.org>",
                        "date": "Mon, 25 May 2026 18:19:00 +0300"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Add “X-Python3-Version: >= 3.12” to debian/control (closes: #1136119).",
                            ""
                        ],
                        "package": "sphinx",
                        "version": "9.1.0-3",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dmitry Shachnev <mitya57@debian.org>",
                        "date": "Sat, 09 May 2026 23:40:58 +0300"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Bump Standards-Version to 4.7.4, no changes needed.",
                            "  * Upload to unstable.",
                            ""
                        ],
                        "package": "sphinx",
                        "version": "9.1.0-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dmitry Shachnev <mitya57@debian.org>",
                        "date": "Tue, 28 Apr 2026 00:41:10 +0300"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "  * Bump the required version of docutils to 0.21.",
                            "  * Refresh patches for the new release.",
                            "  * Drop ‘Priority: optional’, it became default in dpkg 1.22.12.",
                            "  * Bump Standards-Version to 4.7.3, no changes needed.",
                            ""
                        ],
                        "package": "sphinx",
                        "version": "9.1.0-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Dmitry Shachnev <mitya57@debian.org>",
                        "date": "Sun, 04 Jan 2026 22:31:51 +0300"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "  * Drop patches, included in the new release:",
                            "    - docutils_0.22.diff",
                            "    - docutils_0.22.1.diff",
                            "    - docutils_upper_limit.diff",
                            "    - latex_footnote_french.diff",
                            "    - python3.14_autosummary.diff",
                            "    - python3.14_typing.diff",
                            "    - python3.14_autodoc.diff",
                            "    - roman-numerals-package-name.patch",
                            "  * Refresh other patches.",
                            "  * Bump required flit version to 3.11 (per pyproject.toml).",
                            "  * Update debian/watch to use version 5 and Pypi template.",
                            "  * Bump minimum versions in debian/dh-sphinxdoc/index.",
                            "  * Remove mentions of Sphinx.egg-info, flit does not generate it.",
                            "  * Regenerate minified-js and Python stopwords files during build.",
                            "  * Update numbers in debian/jstest/run-tests.",
                            ""
                        ],
                        "package": "sphinx",
                        "version": "9.0.4-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Dmitry Shachnev <mitya57@debian.org>",
                        "date": "Thu, 25 Dec 2025 21:33:08 +0300"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libldap-common",
                "from_version": {
                    "source_package_name": "openldap",
                    "source_package_version": "2.6.10+dfsg-1ubuntu5",
                    "version": "2.6.10+dfsg-1ubuntu5"
                },
                "to_version": {
                    "source_package_name": "openldap",
                    "source_package_version": "2.6.10+dfsg-1ubuntu6",
                    "version": "2.6.10+dfsg-1ubuntu6"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    12470
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * d/slapd.config: fix infinite loop for invalid initial config (LP: #12470)",
                            ""
                        ],
                        "package": "openldap",
                        "version": "2.6.10+dfsg-1ubuntu6",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            12470
                        ],
                        "author": "Jonas Jelten <jj@ubuntu.com>",
                        "date": "Wed, 20 May 2026 16:23:06 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libldap2:riscv64",
                "from_version": {
                    "source_package_name": "openldap",
                    "source_package_version": "2.6.10+dfsg-1ubuntu5",
                    "version": "2.6.10+dfsg-1ubuntu5"
                },
                "to_version": {
                    "source_package_name": "openldap",
                    "source_package_version": "2.6.10+dfsg-1ubuntu6",
                    "version": "2.6.10+dfsg-1ubuntu6"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    12470
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * d/slapd.config: fix infinite loop for invalid initial config (LP: #12470)",
                            ""
                        ],
                        "package": "openldap",
                        "version": "2.6.10+dfsg-1ubuntu6",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            12470
                        ],
                        "author": "Jonas Jelten <jj@ubuntu.com>",
                        "date": "Wed, 20 May 2026 16:23:06 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libnss3:riscv64",
                "from_version": {
                    "source_package_name": "nss",
                    "source_package_version": "2:3.120-1ubuntu2",
                    "version": "2:3.120-1ubuntu2"
                },
                "to_version": {
                    "source_package_name": "nss",
                    "source_package_version": "2:3.124-1",
                    "version": "2:3.124-1"
                },
                "cves": [
                    {
                        "cve": "CVE-2026-6766",
                        "url": "https://ubuntu.com/security/CVE-2026-6766",
                        "cve_description": "Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-04-21 13:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-6767",
                        "url": "https://ubuntu.com/security/CVE-2026-6767",
                        "cve_description": "Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-04-21 13:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-6772",
                        "url": "https://ubuntu.com/security/CVE-2026-6772",
                        "cve_description": "Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-04-21 13:16:00 UTC"
                    }
                ],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "  * debian/rules: Stop installing libcrmf.a, as it's not built anymore.",
                            ""
                        ],
                        "package": "nss",
                        "version": "2:3.124-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Mike Hommey <glandium@debian.org>",
                        "date": "Wed, 20 May 2026 14:34:46 +0900"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "    - Fixes DTLS 1.3 regression. Closes: #1135215.",
                            ""
                        ],
                        "package": "nss",
                        "version": "2:3.123.1-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Mike Hommey <glandium@debian.org>",
                        "date": "Thu, 30 Apr 2026 07:28:06 +0900"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-6766",
                                "url": "https://ubuntu.com/security/CVE-2026-6766",
                                "cve_description": "Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-04-21 13:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-6767",
                                "url": "https://ubuntu.com/security/CVE-2026-6767",
                                "cve_description": "Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-04-21 13:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-6772",
                                "url": "https://ubuntu.com/security/CVE-2026-6772",
                                "cve_description": "Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-04-21 13:16:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "    - Fixes CVE-2026-6766, CVE-2026-6767, CVE-2026-6772.",
                            ""
                        ],
                        "package": "nss",
                        "version": "2:3.123-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Mike Hommey <glandium@debian.org>",
                        "date": "Wed, 22 Apr 2026 17:14:03 +0900"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            ""
                        ],
                        "package": "nss",
                        "version": "2:3.121-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Mike Hommey <glandium@debian.org>",
                        "date": "Wed, 25 Feb 2026 16:38:52 +0900"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libnvme1t64:riscv64",
                "from_version": {
                    "source_package_name": "libnvme",
                    "source_package_version": "1.16.1-4",
                    "version": "1.16.1-4"
                },
                "to_version": {
                    "source_package_name": "libnvme",
                    "source_package_version": "1.16.2-1",
                    "version": "1.16.2-1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merging upstream version 1.16.2.",
                            "  * Removing pre-trixie versions from build-depends.",
                            ""
                        ],
                        "package": "libnvme",
                        "version": "1.16.2-1",
                        "urgency": "medium",
                        "distributions": "sid",
                        "launchpad_bugs_fixed": [],
                        "author": "Daniel Baumann <daniel@debian.org>",
                        "date": "Sat, 20 Jun 2026 07:00:28 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Harmonizing watch file.",
                            "  * Updating to standards version 4.7.4.",
                            "  * Updating to debhelper 14.",
                            "  * Removing pre-trixie python3-nvme transitional package.",
                            ""
                        ],
                        "package": "libnvme",
                        "version": "1.16.1-5",
                        "urgency": "medium",
                        "distributions": "sid",
                        "launchpad_bugs_fixed": [],
                        "author": "Daniel Baumann <daniel@debian.org>",
                        "date": "Sun, 14 Jun 2026 21:32:10 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libpsl5t64:riscv64",
                "from_version": {
                    "source_package_name": "libpsl",
                    "source_package_version": "0.21.2-1.1build2",
                    "version": "0.21.2-1.1build2"
                },
                "to_version": {
                    "source_package_name": "libpsl",
                    "source_package_version": "0.21.5-1",
                    "version": "0.21.5-1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream version 0.21.5 (Closes: #1123613)",
                            "  * d/patches/0003-Add-m4-visibility....patch: now part of upstream, so",
                            "    dropped",
                            "  * d/copyright: update year for new upstream release",
                            "  * d/patches/: mark remaining patches with 'Forwarded: not-needed'",
                            "  * d/control: s#pkg-config#pkgconf#",
                            "  * d/control,copyright: add myself as Uploader",
                            "  * d/control: Standards-Version: 4.7.3",
                            "  * d/psl-make-dafsa.install: upstream now installs psl-make-dafsa",
                            "  * d/control: drop now-obsolete fields",
                            "  * d/libpsl5t64.lintian-overrides: now superfluous and thus dropped",
                            "  * d/control: simplify redundant build prerequisites on dpkg-dev",
                            "  * d/control: drop ${shlibs:Depends} on arch all package",
                            "  * d/rules: use execute_before instead of override where possible",
                            "  * d/salsa-ci.yml: added",
                            ""
                        ],
                        "package": "libpsl",
                        "version": "0.21.5-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Florian Ernst <florian@debian.org>",
                        "date": "Sat, 14 Mar 2026 16:21:50 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "librtmp1:riscv64",
                "from_version": {
                    "source_package_name": "rtmpdump",
                    "source_package_version": "2.4+20151223.gitfa8646d.1-3",
                    "version": "2.4+20151223.gitfa8646d.1-3"
                },
                "to_version": {
                    "source_package_name": "rtmpdump",
                    "source_package_version": "2.6-1",
                    "version": "2.6-1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream version 2.6 (Closes: #1132877)",
                            "  * debian/control:",
                            "    - Bump Standards-Version",
                            "    - Remove Priority: optional",
                            "  * debian/watch: Upgrade to version 5 and switch to git as source",
                            "  * debian/rules:",
                            "    - Remove --no-parallel",
                            "    - Remove -Wl,--as-needed",
                            ""
                        ],
                        "package": "rtmpdump",
                        "version": "2.6-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Sebastian Ramacher <sramacher@debian.org>",
                        "date": "Fri, 10 Apr 2026 10:35:13 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libsframe3:riscv64",
                "from_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46-3ubuntu2",
                    "version": "2.46-3ubuntu2"
                },
                "to_version": {
                    "source_package_name": "binutils",
                    "source_package_version": "2.46.50.20260608-1ubuntu1",
                    "version": "2.46.50.20260608-1ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Wed, 10 Jun 2026 09:07:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260608-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Wed, 10 Jun 2026 08:16:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260519-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Tue, 19 May 2026 20:54:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Drop build dependency on quilt. Addresses: #1129263.",
                            "  * Bump standards version.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260509-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 07:16:40 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream snapshot, taken from the trunk.",
                            "  * Enable PAC/BTI/GCS on arm64 (Emanuele Rocca). Addresses: #1127747.",
                            "  * Ignore ld-bootstrap/bootstrap.exp test failures everywhere.",
                            "    Addresses: #1127603.",
                            "  * Don't run the ld-elf/sec64k.exp test on sh4, timing out.",
                            "    Addresses: #1127604.",
                            ""
                        ],
                        "package": "binutils",
                        "version": "2.46.50.20260216-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Mon, 16 Feb 2026 08:47:59 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libstdc++6:riscv64",
                "from_version": {
                    "source_package_name": "gcc-16",
                    "source_package_version": "16-20260322-1ubuntu1",
                    "version": "16-20260322-1ubuntu1"
                },
                "to_version": {
                    "source_package_name": "gcc-16",
                    "source_package_version": "16.1.0-2ubuntu1",
                    "version": "16.1.0-2ubuntu1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2152642
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            "    - Work-around the 80GB chroot size on the Ubuntu buildds.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-2ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 13 Jun 2026 11:14:58 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Update to git 20260613 from the gcc-16 branch.",
                            "    - Fix PR target/125751 (AVR), PR target/125611 (X86),",
                            "      PR rtl-optimization/125375, PR target/122827 (AArch64),",
                            "      PR tree-optimization/125250, PR middle-end/125156, PR target/124870 (ARM),",
                            "      PR target/125215 (RISCV), PR tree-optimization/124151,",
                            "      PR target/124895 (AArch64), PR target/125409 (AVR),",
                            "      PR target/125362 (loongarch), PR target/125320 (RISCV),",
                            "      PR target/125373 (X86), PR other/125348, PR target/125355 (X86),",
                            "      PR target/125355 (X86), PR target/125351 (X86), PR target/120870 (X86),",
                            "      PR tree-optimization/125291, PR target/125308 (X86),",
                            "      PR target/124316 (X86), PR target/125194 (AVR),",
                            "      PR target/125049 (loongarch), PR middle-end/125259,",
                            "      PR target/53929 (MingW), PR ada/125695, PR ada/18205, PR other/125348,",
                            "      PR ada/125240, PR c/124532, PR c++/125284, PR c++/125333, PR c++/125498,",
                            "      PR c++/125334, PR c++/125378, PR c++/125490, PR c++/125123,",
                            "      PR c++/125412, PR c++/125376, PR c++/125454, PR c++/125423,",
                            "      PR c++/125135, PR c++/125384, PR c++/113563, PR c++/125007,",
                            "      PR c++/125315, PR c++/124628, PR c++/125184, PR c++/125111,",
                            "      PR c++/124991, PR c++/125280, PR c++/100903, PR c++/115181,",
                            "      PR c++/125043, PR c++/124979, PR c++/125208, PR fortran/125669,",
                            "      PR fortran/125606, PR fortran/125393, PR fortran/105582,",
                            "      PR fortran/125391, PR fortran/125416, PR fortran/106546,",
                            "      PR fortran/115260, PR fortran/125021, PR fortran/125192,",
                            "      PR fortran/125198, PR fortran/111952, PR fortran/125059,",
                            "      PR other/125348, PR target/125752 (AVR), PR libfortran/125095,",
                            "      PR libstdc++/125450, PR libstdc++/125374, PR libstdc++/125369,",
                            "      PR libstdc++/78302, PR libstdc++/71301, PR libstdc++/125312.",
                            "",
                            "  [ Matthias Klose ]",
                            "  * Build using GNAT 15 for now. See #1136069.",
                            "  * Configure --with-arch=rv64gc on Ubuntu/riscv64. LP: #2152642.",
                            "  * Apply proposed patch for PR rtl-optimization/123853 (m68k). See #1107416.",
                            "  * Still configure --with-arch=rv64gc for Debian/riscv64 backports.",
                            "  * Apply PR middle-end/124637, taken from the trunk. Addresses: #1131886.",
                            "",
                            "  [ Aurelien Jarno ]",
                            "  * Configure --with-arch=rva20u64 on Debian/riscv64.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [
                            2152642
                        ],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 13 Jun 2026 10:54:28 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Build using GNAT 15 for now. See #1136069.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1ubuntu2",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 09 May 2026 08:29:53 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian; remaining changes:",
                            "    - Build from upstream sources.",
                            "    - Work-around the 80GB chroot size on the Ubuntu buildds.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@ubuntu.com>",
                        "date": "Sat, 09 May 2026 08:05:35 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * GCC 16.1.0 release.",
                            "  * Update to git 20260509 from the gcc-16 branch.",
                            "    - Fix PR target/120587 (OR1K), PR target/125155 (OR1K),",
                            "      PR target/125057 (loongarch), PR target/125180 (x86),",
                            "      PR tree-optimization/125079, PR tree-optimization/125079,",
                            "      PR target/125117 (x86), PR target/124984 (RISCV), PR middle-end/123635,",
                            "      PR tree-optimization/125039, PR target/124133 (PPC), PR middle-end/123635,",
                            "      PR tree-optimization/124988, PR ada/125168, PR ada/125044,",
                            "      PR c++/124770, PR c++/125206, PR c++/125179, PR c++/124957,",
                            "      PR c++/125115, PR c++/124926, PR c++/124989, PR c++/124756,",
                            "      PR c++/125096, PR c++/125035, PR c++/124582, PR c++/123810,",
                            "      PR c++/124953, PR c++/124981, PR d/125089, PR libstdc++/109965,",
                            "      PR libstdc++/121919, PR libstdc++/125112, PR libstdc++/125024,",
                            "      PR tree-optimization/125185, PR middle-end/125146,",
                            "      PR tree-optimization/125025, PR tree-optimization/125025,.",
                            "    - Revert fix for PR tree-optimization/120003.",
                            "  * d/shlibs.common: Add libgdiagnostics.",
                            "  * Drop the debian/lib{32,64}stdc++CXX.postinst scripts, GCC 4.4 times ...",
                            "  * Update NEWS files.",
                            "  * Bump standards version.",
                            "  * libstdc++-dev: Make baseline file reproducible. Addresses: #1133772.",
                            "  * Configure with --enable-checking=release on amd64, but keep the extra",
                            "    checking on arm64 i386 mips64el ppc64 ppc64el s390x for now.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16.1.0-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 09 May 2026 06:46:33 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Snapshot, taken from the gcc-16 branch (20260425, release candidate).",
                            "  * Fix typo in libgcc-s symbols file.",
                            "  * Update libgphobos symbols file for amd64.",
                            "  * Refresh cross-install-location patch.",
                            "  * Replace outdated postal FSF address with URL.",
                            "  * Turn on again PGO/LTO builds for most 64bit architectures.",
                            "  * Turn on running the testsuite again.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16-20260425-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Sat, 25 Apr 2026 07:19:09 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Snapshot, taken from the gcc-16 branch (20260423).",
                            "  * Require bison 3.5.1 or 3.8.2 for the gcobol build.",
                            "  * Update the ada-armel-libatomic patch for PR ada/107475.",
                            "  * Build gcc itself with branch-protection (Emanuele Rocca). Closes: #1130592.",
                            "    - On arm64 by appending CFLAGS_SECURE to BOOT_CFLAGS.",
                            "    - Set BOOT_CFLAGS explicitly instead of relying on upstream defaults.",
                            "  * libgfortran-dev: Install libcaf_shmem.a.",
                            "  * Add conflicts for GCC 15 binary packages. Closes: #1133161.",
                            ""
                        ],
                        "package": "gcc-16",
                        "version": "16-20260423-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Matthias Klose <doko@debian.org>",
                        "date": "Thu, 23 Apr 2026 12:03:13 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libtcl8.6:riscv64",
                "from_version": {
                    "source_package_name": "tcl8.6",
                    "source_package_version": "8.6.17+dfsg-1build1",
                    "version": "8.6.17+dfsg-1build1"
                },
                "to_version": {
                    "source_package_name": "tcl8.6",
                    "source_package_version": "8.6.18+dfsg-1",
                    "version": "8.6.18+dfsg-1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "  * Drop build dependency on versioned dpkg-dev.",
                            "  * Bump standards version to 4.7.4.",
                            ""
                        ],
                        "package": "tcl8.6",
                        "version": "8.6.18+dfsg-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Sergei Golovan <sgolovan@debian.org>",
                        "date": "Thu, 14 May 2026 09:10:10 +0300"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libuv1t64:riscv64",
                "from_version": {
                    "source_package_name": "libuv1",
                    "source_package_version": "1.51.0-2ubuntu1",
                    "version": "1.51.0-2ubuntu1"
                },
                "to_version": {
                    "source_package_name": "libuv1",
                    "source_package_version": "1.52.1-4",
                    "version": "1.52.1-4"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Upload to unstable ",
                            ""
                        ],
                        "package": "libuv1",
                        "version": "1.52.1-4",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Jérémy Lal <kapouer@melix.org>",
                        "date": "Tue, 26 May 2026 17:48:15 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * patch: fix-thread-priority-test needs an ambulance",
                            "  * patch: fix test-tty.c for hurd",
                            ""
                        ],
                        "package": "libuv1",
                        "version": "1.52.1-3",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Jérémy Lal <kapouer@melix.org>",
                        "date": "Tue, 26 May 2026 13:20:50 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Upload to unstable",
                            "  * Update symbols",
                            ""
                        ],
                        "package": "libuv1",
                        "version": "1.52.1-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Jérémy Lal <kapouer@melix.org>",
                        "date": "Sat, 23 May 2026 22:33:28 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream version 1.52.1",
                            "  * Drop RRR, Priority",
                            ""
                        ],
                        "package": "libuv1",
                        "version": "1.52.1-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Jérémy Lal <kapouer@melix.org>",
                        "date": "Sat, 25 Apr 2026 20:44:52 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Multi-Arch: foreign for libuv1-doc",
                            "  * Switch to watch 5",
                            "  * New upstream version 1.52.0",
                            ""
                        ],
                        "package": "libuv1",
                        "version": "1.52.0-1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Jérémy Lal <kapouer@melix.org>",
                        "date": "Wed, 11 Feb 2026 10:53:23 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "libxml2-16:riscv64",
                "from_version": {
                    "source_package_name": "libxml2",
                    "source_package_version": "2.15.2+dfsg-0.1",
                    "version": "2.15.2+dfsg-0.1"
                },
                "to_version": {
                    "source_package_name": "libxml2",
                    "source_package_version": "2.15.3+dfsg-1",
                    "version": "2.15.3+dfsg-1"
                },
                "cves": [
                    {
                        "cve": "CVE-2026-6732",
                        "url": "https://ubuntu.com/security/CVE-2026-6732",
                        "cve_description": "A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-04-23 23:16:00 UTC"
                    }
                ],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-6732",
                                "url": "https://ubuntu.com/security/CVE-2026-6732",
                                "cve_description": "A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-04-23 23:16:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * New upstream bug fix release. Closes: #1134866, CVE-2026-6732.",
                            "  * d/copyright: refresh contents, drop reference to removed trio files,",
                            "    update upstream source URL and copyright years.",
                            "  * d/libxml2-16.symbols: stamp xmlRelaxParserSetIncLImit with the",
                            "    upstream 2.15.2 introduction version.",
                            ""
                        ],
                        "package": "libxml2",
                        "version": "2.15.3+dfsg-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Aron Xu <aron@debian.org>",
                        "date": "Fri, 05 Jun 2026 20:59:42 +0800"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "manpages",
                "from_version": {
                    "source_package_name": "manpages",
                    "source_package_version": "6.17-1",
                    "version": "6.17-1"
                },
                "to_version": {
                    "source_package_name": "manpages",
                    "source_package_version": "6.18-1",
                    "version": "6.18-1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream version 6.18",
                            "    - Refresh patches",
                            "    - Mark all patches as Forwarded: not-needed",
                            "  * Add autopkgtest to package",
                            "  * Update d/copyright",
                            "  * Update d/rules with conflicting manpages",
                            ""
                        ],
                        "package": "manpages",
                        "version": "6.18-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dr. Tobias Quathamer <toddy@debian.org>",
                        "date": "Thu, 23 Apr 2026 09:26:18 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Binary package manpages-utils:",
                            "    - Add needed packages to Depends",
                            "    - Use Priority: optional, see #1132985",
                            "  * Update Standards-Version to 4.7.4, no changes needed",
                            ""
                        ],
                        "package": "manpages",
                        "version": "6.17-4",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dr. Tobias Quathamer <toddy@debian.org>",
                        "date": "Thu, 09 Apr 2026 11:51:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * No change source upload for testing migration",
                            ""
                        ],
                        "package": "manpages",
                        "version": "6.17-3",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dr. Tobias Quathamer <toddy@debian.org>",
                        "date": "Fri, 20 Mar 2026 17:08:33 +0100"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Add new binary package for manpages-utils. (Closes: #1120550, #1120502)",
                            "  * Update d/rules for new binary package",
                            "  * Add Breaks and Replaces for manpages",
                            ""
                        ],
                        "package": "manpages",
                        "version": "6.17-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dr. Tobias Quathamer <toddy@debian.org>",
                        "date": "Thu, 19 Mar 2026 15:14:43 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "manpages-dev",
                "from_version": {
                    "source_package_name": "manpages",
                    "source_package_version": "6.17-1",
                    "version": "6.17-1"
                },
                "to_version": {
                    "source_package_name": "manpages",
                    "source_package_version": "6.18-1",
                    "version": "6.18-1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream version 6.18",
                            "    - Refresh patches",
                            "    - Mark all patches as Forwarded: not-needed",
                            "  * Add autopkgtest to package",
                            "  * Update d/copyright",
                            "  * Update d/rules with conflicting manpages",
                            ""
                        ],
                        "package": "manpages",
                        "version": "6.18-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dr. Tobias Quathamer <toddy@debian.org>",
                        "date": "Thu, 23 Apr 2026 09:26:18 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Binary package manpages-utils:",
                            "    - Add needed packages to Depends",
                            "    - Use Priority: optional, see #1132985",
                            "  * Update Standards-Version to 4.7.4, no changes needed",
                            ""
                        ],
                        "package": "manpages",
                        "version": "6.17-4",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dr. Tobias Quathamer <toddy@debian.org>",
                        "date": "Thu, 09 Apr 2026 11:51:57 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * No change source upload for testing migration",
                            ""
                        ],
                        "package": "manpages",
                        "version": "6.17-3",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dr. Tobias Quathamer <toddy@debian.org>",
                        "date": "Fri, 20 Mar 2026 17:08:33 +0100"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Add new binary package for manpages-utils. (Closes: #1120550, #1120502)",
                            "  * Update d/rules for new binary package",
                            "  * Add Breaks and Replaces for manpages",
                            ""
                        ],
                        "package": "manpages",
                        "version": "6.17-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Dr. Tobias Quathamer <toddy@debian.org>",
                        "date": "Thu, 19 Mar 2026 15:14:43 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "python3-attr",
                "from_version": {
                    "source_package_name": "python-attrs",
                    "source_package_version": "25.4.0-1build1",
                    "version": "25.4.0-1build1"
                },
                "to_version": {
                    "source_package_name": "python-attrs",
                    "source_package_version": "26.1.0-1",
                    "version": "26.1.0-1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream version 26.1.0",
                            "  * Refresh patches (no functional changes)",
                            "  * Bump Standards-Version to 4.7.4",
                            ""
                        ],
                        "package": "python-attrs",
                        "version": "26.1.0-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Timo Röhling <roehling@debian.org>",
                        "date": "Wed, 08 Apr 2026 22:50:57 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "python3-hyperlink",
                "from_version": {
                    "source_package_name": "hyperlink",
                    "source_package_version": "21.0.0-6build1",
                    "version": "21.0.0-6build1"
                },
                "to_version": {
                    "source_package_name": "hyperlink",
                    "source_package_version": "21.0.0-7",
                    "version": "21.0.0-7"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Team upload.",
                            "  * Mark python3-pytest* build-dependencies as <!nocheck>",
                            "  * Add debian/salsa-ci.yml",
                            "  * Bump Standards-Version to 4.7.4, drop Priority: tag",
                            "  * Use dh-sequence-python3",
                            "  * Rewrite d/watch in v5 format",
                            ""
                        ],
                        "package": "hyperlink",
                        "version": "21.0.0-7",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Alexandre Detiste <tchet@debian.org>",
                        "date": "Sun, 21 Jun 2026 11:42:38 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "python3-jwt",
                "from_version": {
                    "source_package_name": "pyjwt",
                    "source_package_version": "2.10.1-4ubuntu1",
                    "version": "2.10.1-4ubuntu1"
                },
                "to_version": {
                    "source_package_name": "pyjwt",
                    "source_package_version": "2.12.1-1",
                    "version": "2.12.1-1"
                },
                "cves": [
                    {
                        "cve": "CVE-2026-32597",
                        "url": "https://ubuntu.com/security/CVE-2026-32597",
                        "cve_description": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC. This vulnerability is fixed in 2.12.0.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-03-13 19:55:00 UTC"
                    }
                ],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-32597",
                                "url": "https://ubuntu.com/security/CVE-2026-32597",
                                "cve_description": "PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting it. This violates the MUST requirement in the RFC. This vulnerability is fixed in 2.12.0.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-03-13 19:55:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * Team upload",
                            "  * [8f6e5f6] New upstream version 2.12.1",
                            "    Fixed CVE issues in upstream version 2.12.0",
                            "    CVE-2026-32597 PyJWT accepts unknown `crit` header extensions",
                            "                   (RFC 7515 §4.1.11 MUST violation)",
                            "    (Closes: #1130662)",
                            "  * [2fbe924] d/control: Bump Standards-Version to 4.7.4",
                            "    No further changes needed.",
                            ""
                        ],
                        "package": "pyjwt",
                        "version": "2.12.1-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Carsten Schoenert <c.schoenert@t-online.de>",
                        "date": "Sat, 25 Apr 2026 18:08:05 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Team upload",
                            "  * New upstream version 2.11.0",
                            "  * Rebuild patch queue from patch-queue branch",
                            "    Added patch:",
                            "    docs-index.rst-Use-a-local-graphic-instead-of-sidelinking.patch",
                            "    Updated patch:",
                            "    docs-Use-packaged-intersphinx-resources.patch",
                            "  * d/_static: Add the logo as local resource",
                            "  * d/python-jwt-doc.install: Install local data from _static",
                            "  * d/control: Add python-cryptography-doc to B-D",
                            "  * d/watch: Convert to version 5",
                            "  * d/copyright: Update year data",
                            ""
                        ],
                        "package": "pyjwt",
                        "version": "2.11.0-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Carsten Schoenert <c.schoenert@t-online.de>",
                        "date": "Sat, 21 Feb 2026 09:57:04 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "python3-software-properties",
                "from_version": {
                    "source_package_name": "software-properties",
                    "source_package_version": "0.121",
                    "version": "0.121"
                },
                "to_version": {
                    "source_package_name": "software-properties",
                    "source_package_version": "0.122",
                    "version": "0.122"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2156069
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Fix GtkBuilder translations by changing the translable property",
                            "    value from \"1\" to \"yes\". The change fixes the template but the strings",
                            "    will still need to be translated on launchpad (lp: #2156069)",
                            ""
                        ],
                        "package": "software-properties",
                        "version": "0.122",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2156069
                        ],
                        "author": "Sebastien Bacher <seb128@ubuntu.com>",
                        "date": "Thu, 11 Jun 2026 12:31:08 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "screen",
                "from_version": {
                    "source_package_name": "screen",
                    "source_package_version": "5.0.1-2",
                    "version": "5.0.1-2"
                },
                "to_version": {
                    "source_package_name": "screen",
                    "source_package_version": "5.0.1-3",
                    "version": "5.0.1-3"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Set Debian default terminal type to screen5 in /etc/screenrc",
                            "    (Closes: #1134721)",
                            "  * Move default bufferfile in screenrc to $HOME/.screen-exchange",
                            "    (Closes: #1100699)",
                            "  * Added patch 98: Fix uninitialised buffer for caption/hardstatus expansions",
                            "    (Closes: #1136895)",
                            "  * Added patch 99: Fix off-by-one in resize CheckMaxSize guard",
                            "    (Closes: #1117241)",
                            "  * Fix GNU/Hurd builds (missing MAXPATHLEN define)",
                            "  * Drop 13split_info_files.patch (obsolete)",
                            "  * Stop deleting named pipes in /run/screen at startup (Closes: #545182)",
                            "  * Removing orphaned package screenie from Suggests",
                            "  * Modernise session creation timestamp handling in patches 81 & 82",
                            "    (Closes: #484655, #1061448)",
                            "  * Fix resize prompt wording for vertical splits (Closes: #600649)",
                            "  * Added patch 101: Remove duplicated permission sentence from manpage",
                            "    (Closes: #611228)",
                            "  * Added patch 102: Fix documentation for $TERM default (Closes: #694178)",
                            ""
                        ],
                        "package": "screen",
                        "version": "5.0.1-3",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Peter Dey <debian@realmtech.net>",
                        "date": "Wed, 17 Jun 2026 14:09:15 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "snapd",
                "from_version": {
                    "source_package_name": "snapd",
                    "source_package_version": "2.76+ubuntu26.10.1",
                    "version": "2.76+ubuntu26.10.1"
                },
                "to_version": {
                    "source_package_name": "snapd",
                    "source_package_version": "2.76+ubuntu26.10.2",
                    "version": "2.76+ubuntu26.10.2"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2154498,
                    2147606,
                    2148544,
                    2139213,
                    2125344,
                    2150683,
                    2152908,
                    1966067,
                    2110368,
                    2110368,
                    2144666,
                    2146337,
                    2147207,
                    2143882,
                    2138629,
                    2147645
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release, LP: #2154498",
                            "    - assertions: add helper for validating integrity data",
                            "    - assertions: drop incorrect/non-standard Ed25519 support",
                            "    - confdb: allow only API admin read access to confdb secrets",
                            "    - confdb: block concurrent confdb accesses",
                            "    - confdb: block concurrent snapctl accesses to configuration",
                            "      database",
                            "    - confdb: check for ephemeral data when missing save-view hook on",
                            "      commit",
                            "    - confdb: ignore not-found errors in confdb-schema refreshes",
                            "    - confdb: support --wait-for timeouts when accessing confdb",
                            "    - core-initrd: add group referenced in udev rules",
                            "    - core-initrd: add libbpf dependency to initramfs",
                            "    - core-initrd: add missing libbpf dependency in 24.04 packaging",
                            "    - core-initrd: ensure audio is a system group",
                            "    - core-initrd: fix /boot/uboot mount with u-boot env in dedicated",
                            "      partition",
                            "    - core-initrd: increase mount burst from 5 to 128 for faster boot",
                            "    - core-initrd: sync partition udev rules with the ones in core-base",
                            "    - core-initrd: sync with latest upload to snappy-dev PPA",
                            "    - core-initrd: synchronize changelogs with latest PPA upload",
                            "    - core-initrd: update changelog with latest PPA upload",
                            "    - core-initrd: add nfnetlink module to fix nf netlink",
                            "      socket speed regression (Ubuntu Core only)",
                            "    - cross-distro: allow snapd to manipulate systemd unit files in",
                            "      SELinux policy",
                            "    - cross-distro: FIPS bootstrap and dispatch via snap-fips-dispatch",
                            "    - desktop: fix common ID selection with multiple desktop plugs",
                            "    - FDE: allow user mode on core in secboot TPM handling",
                            "    - FDE: bump go-efilib dependency",
                            "    - FDE: bump secboot to rev cdcb64992e54 for FDE fixes",
                            "    - FDE: deprecate check-pin/passphrase API endpoints",
                            "    - LP: #2147606 FDE: give inactive state on classic",
                            "    - FDE: improve tracing for OP-TEE probing",
                            "    - FDE: move auto-repair logic to overlord/fdestate and provide state",
                            "    - FDE: update secboot for TPM/FDE bug fixes including Intel HAP and",
                            "      recovery key parsing",
                            "    - FDE: use any primary key matching digest when adding a keyslot",
                            "    - FDE: use ignore action for preinstall check in VM",
                            "    - interfaces: bluez | drop explicit deny send_destination in D-Bus",
                            "      configuration",
                            "    - interfaces: conditionally deny /proc/self/mountinfo to suppress Go",
                            "      1.25+ denials",
                            "    - interfaces: custom-device | fix for-device validation panic on",
                            "      non-string value",
                            "    - interfaces: disallow auto-connect to parallel installs",
                            "    - interfaces: docker | make plug implicit on classic systems",
                            "    - interfaces: ignore errors in disconnect hooks during explicit snap",
                            "      disconnect",
                            "    - interfaces: mediatek-accel | add plug interface base declaration",
                            "    - interfaces: microceph-support | suppress noisy sudo denial audit",
                            "      logs",
                            "    - interfaces: podman | add new interface for podman socket access",
                            "    - interfaces: pulseaudio | fix security tag syntax inconsistency",
                            "    - interfaces: raw-usb | allow USB device enumeration on Fairphone 5",
                            "      with NexDock",
                            "    - interfaces: restore auto-connections on failed refresh undo",
                            "    - LP: #2148544 interfaces: bool-file | support deep SoC sysfs paths",
                            "      for LED brightness",
                            "    - LP: #2139213 packaging: make Ubuntu 16.04 packaging dep17",
                            "      compliant",
                            "    - packaging: add cross-distro build script and instructions",
                            "    - packaging: add openSUSE 16.0 spread support",
                            "    - packaging: Debian build improvements",
                            "    - packaging: default openSUSE to /var/lib/snapd/snap and sync from",
                            "      downstream",
                            "    - packaging: drop transitional packages only for Ubuntu 26.04",
                            "      (Resolute)",
                            "    - packaging: fix Launchpad FIPS build detection for snapd-fips job",
                            "    - packaging: refactor and clean up snapd.mk, standardize test-data",
                            "      directories",
                            "    - packaging: switch to golang-github-chai2010-gettext-go-dev",
                            "    - packaging: update bundled AppArmor 4.1.7 (snapd snap only)",
                            "    - prompting: escape paths in prompt constraints",
                            "    - prompting: improve API error handling and validation",
                            "    - prompting: improve error message when no handler service is",
                            "      present",
                            "    - prompting: re-enable the prompting notice backend",
                            "    - prompting: respond with full user-allowed permission set",
                            "    - prompting: validate permissions while unmarshalling",
                            "    - remote device management: implement dispatch-mgmt-messages task",
                            "      with sequencing support",
                            "    - LP: #2125344 snap: avoid empty channel forwarding message",
                            "    - LP: #2150683 snap: clarify snap install help text for --classic",
                            "      and --devmode",
                            "    - LP: #2152908 snap: print complex attributes in snap interface",
                            "      --attrs output",
                            "    - snap: add run-inhibit hint and inhibit info when a snap is",
                            "      disabled",
                            "    - snap: allow removing a snap and its base at the same time",
                            "    - snap: display detailed component information in snap info",
                            "    - snap: extend AlreadyInstalledError to multiple snaps and",
                            "      components",
                            "    - snap: extend set-quota command options description with accepted",
                            "      value formats",
                            "    - snap: implement snap delta command for computing snap deltas",
                            "    - snap: improve consistency for snap install when some snaps are",
                            "      already installed",
                            "    - snap: show hint in snap list that a snap has components",
                            "    - snap-confine: allow inheriting unix sockets from snaps",
                            "    - snap-confine: allow linking to libm in AppArmor profile",
                            "    - snap-confine: fix out-of-bounds read in mountinfo parser for",
                            "      partial escape sequences",
                            "    - snap-confine: harden bpffs mount with nosuid, nodev, noexec flags",
                            "    - snap-confine: remove experimental persistent per-user mount",
                            "      namespace feature",
                            "    - snap-confine: set FD_CLOEXEC on file descriptors returned by BPF",
                            "      helpers",
                            "    - snap-confine: support transparent_hugepage in AppArmor profile",
                            "    - snap-confine: use strchr after NUL-terminating in infofile parser",
                            "    - snap-update-ns: switch to a multi-pass process for constructing",
                            "      and updating mount namespaces",
                            "    - RemoveMountUnitFile now unmounts even if mount unit file is",
                            "      missing",
                            "    - Add explicit mount phase during single-reboot refresh to fix undo",
                            "      of kernel refreshes",
                            "    - Add security audit logging subsystem",
                            "    - Add base prioritized AppArmmor snippets for strictly confined or",
                            "      jailed snaps",
                            "    - Allow openshell snap to use experimental daemon-scope: user",
                            "    - Allow configuring mount unit options based on filesystem type",
                            "    - Allow equals signs in uevent values in netlink parser",
                            "    - Also bind-mount directories modified by kmod backend during",
                            "      preseed",
                            "    - Clean up potentially corrupted files during snap download undo",
                            "    - Complete the bootloader environment implementation",
                            "    - Copy integrity data files during snap install",
                            "    - Create hook for seed refresh mode",
                            "    - Create removal tasks for old seed-refresh seeds",
                            "    - Dispatch systemctl commands asynchronously when calling Stop()",
                            "    - Ensure /tmp/.X11-unix created inside mount namespace has correct",
                            "      permissions",
                            "    - Ensure exclusive changes conflict with refresh/revert",
                            "    - Ensure existing snap confinement flags are not dropped when",
                            "      installing or removing components",
                            "    - Export ubuntu-boot-state filename constant from bootloader package",
                            "    - Fix duplicate removal of apps under $SNAP_MOUNT_DIR/bin",
                            "    - Fix integration between prerequisites task and seed-refresh mode",
                            "    - Fix split-refresh overwriting provided lane",
                            "    - Fix use of umask in GetListener for socket activation",
                            "    - Ignore net.ErrClosed during daemon shutdown",
                            "    - Implement ResolveValidationSetsEnforcementError in terms of one",
                            "      call",
                            "    - Improve snapctl install consistency when components are already",
                            "      installed",
                            "    - Inject seed creation tasks into snap refresh flow",
                            "    - Introduce system options for custom certificates on Ubuntu Core",
                            "    - Keep idle services with activation units stopped on reload",
                            "    - List snap components in snap-debug-info via debug-tools",
                            "    - Look at gadget.yaml instead of marker file to determine ubootpart",
                            "      usage",
                            "    - LP: #1966067 Skip redundant xdg-settings confirmation prompt when",
                            "      setting is already correct",
                            "    - LP: #2110368 Fix component installation for private snaps via",
                            "      snapctl",
                            "    - LP: #2110368 Fix download of private snap components by setting",
                            "      UserID",
                            "    - LP: #2144666 Fix mount namespace updates with synthetic bind",
                            "      mounts on same target paths",
                            "    - LP: #2146337 Improve handling of failed downloads and retain",
                            "      partial files for resume",
                            "    - LP: #2147207 Fix snap enable/disable cycle forgetting components",
                            "    - Make run-inhibit hint for kill-snap-apps task based on kill reason",
                            "    - Merge content-provider prerequisite updates into seed-refresh",
                            "    - Move SortServices into Backend.StartServices",
                            "    - Move state to client change conversion to ctlcmd package",
                            "    - Omit misleading \"try to refresh snapd\" suggestion for ISA-related",
                            "      errors",
                            "    - Only create link-component tasks when needed during refresh to",
                            "      existing revision",
                            "    - Reconfigure piboot bootloader on gadget refreshes to preserve",
                            "      os_prefix",
                            "    - Reduce the number of AppArmor profile regenerations during snap",
                            "      operations",
                            "    - Refactor seed-refresh ownership to devicestate",
                            "    - Regenerate certificate database on remodels",
                            "    - Remove obsolete FIXME comment in VersionCompare",
                            "    - Remove unused GenerateDmVerityData helper from snap/integrity",
                            "    - Rename and document error type for ISA assumes flags",
                            "    - Restart snapd from daemon.Stop to improve restart reliability",
                            "    - Restart stopped services on error in stopSnapServices for",
                            "      transactionality",
                            "    - Simplify certificate-db updates on model-base refresh/installs",
                            "    - Support racing Loop and Stop correctly in overlord",
                            "    - Support sending file descriptors to systemd via sd_notify",
                            "    - Unroll CPU-heavy recursive function in snap state handlers",
                            "    - Update seccomp syscalls list for kernel 7.1.0",
                            "    - Use change ID to prevent nested seed-refresh spawned by",
                            "      prerequisites",
                            "    - Validate content interface plug target directories exist for",
                            "      core26+ snaps",
                            "    - Validate layout paths exist in snap tree for snaps using bare or",
                            "      core26+",
                            ""
                        ],
                        "package": "snapd",
                        "version": "2.76+ubuntu26.10.2",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2154498,
                            2147606,
                            2148544,
                            2139213,
                            2125344,
                            2150683,
                            2152908,
                            1966067,
                            2110368,
                            2110368,
                            2144666,
                            2146337,
                            2147207
                        ],
                        "author": "Ernest Lotter <ernest.lotter@canonical.com>",
                        "date": "Thu, 17 Jun 2026 16:30:00 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release, LP: #2143882",
                            "    - Interfaces: network-setup-*| allow running python binaries from",
                            "      the base on UC26+",
                            "    - Cross-distro: modify SELinux policy to allow mounting on",
                            "      /var/snap/<snap>/<rev>",
                            "    - Fix potential task deadlock by considering all tasks in a lane",
                            "      that might be waiting for a reboot when processing delayed",
                            "      security backend effects",
                            ""
                        ],
                        "package": "snapd",
                        "version": "2.75.2+ubuntu26.04.2",
                        "urgency": "medium",
                        "distributions": "resolute",
                        "launchpad_bugs_fixed": [
                            2143882
                        ],
                        "author": "Katie May <katie.may@canonical.com>",
                        "date": "Mon, 30 Mar 2026 17:06:36 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release, LP: #2138629",
                            "    - LP: #2147645 FDE: secboot fixes",
                            ""
                        ],
                        "package": "snapd",
                        "version": "2.74.1+ubuntu26.04.4",
                        "urgency": "medium",
                        "distributions": "resolute",
                        "launchpad_bugs_fixed": [
                            2138629,
                            2147645
                        ],
                        "author": "Ernest Lotter <ernest.lotter@canonical.com>",
                        "date": "Thu, 14 Apr 2026 09:30:00 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "software-properties-common",
                "from_version": {
                    "source_package_name": "software-properties",
                    "source_package_version": "0.121",
                    "version": "0.121"
                },
                "to_version": {
                    "source_package_name": "software-properties",
                    "source_package_version": "0.122",
                    "version": "0.122"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2156069
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Fix GtkBuilder translations by changing the translable property",
                            "    value from \"1\" to \"yes\". The change fixes the template but the strings",
                            "    will still need to be translated on launchpad (lp: #2156069)",
                            ""
                        ],
                        "package": "software-properties",
                        "version": "0.122",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2156069
                        ],
                        "author": "Sebastien Bacher <seb128@ubuntu.com>",
                        "date": "Thu, 11 Jun 2026 12:31:08 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "sudo",
                "from_version": {
                    "source_package_name": "sudo",
                    "source_package_version": "1.9.17p2-1ubuntu3",
                    "version": "1.9.17p2-1ubuntu3"
                },
                "to_version": {
                    "source_package_name": "sudo",
                    "source_package_version": "1.9.17p2-7ubuntu1",
                    "version": "1.9.17p2-7ubuntu1"
                },
                "cves": [
                    {
                        "cve": "CVE-2026-35535",
                        "url": "https://ubuntu.com/security/CVE-2026-35535",
                        "cve_description": "In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.",
                        "cve_priority": "high",
                        "cve_public_date": "2026-04-03 03:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2025-32463",
                        "url": "https://ubuntu.com/security/CVE-2025-32463",
                        "cve_description": "Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.",
                        "cve_priority": "high",
                        "cve_public_date": "2025-06-30 21:15:00 UTC"
                    },
                    {
                        "cve": "CVE-2025-32462",
                        "url": "https://ubuntu.com/security/CVE-2025-32462",
                        "cve_description": "Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.",
                        "cve_priority": "high",
                        "cve_public_date": "2025-06-30 21:15:00 UTC"
                    }
                ],
                "launchpad_bugs_fixed": [
                    2153358
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian unstable (LP: #2153358). Remaining changes:",
                            "    - debian/sudo[-ldap].init: delete init scripts, as they are no longer",
                            "      necessary.",
                            "    - debian/etc/sudoers:",
                            "       + also grant admin group sudo access",
                            "       + include /snap/bin in the secure_path",
                            "    - debian/tests/04-getroot-sssd:",
                            "    - Check if the slapd daemon is ready before proceeding.",
                            "      + In some situations, the next command (ldapmodify) runs before",
                            "        the service is ready. See LP#2026888",
                            "    - set alternatives (LP #2111419)",
                            "    - remove sudo-ldap package (LP #2115781)",
                            "      + Whereas Debian introduced a transitional for this package,",
                            "        we remove it outright.",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.17p2-7ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2153358
                        ],
                        "author": "Mitchell Augustin <mitchell.augustin@canonical.com>",
                        "date": "Fri, 05 Jun 2026 16:28:18 -0500"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * new unchanged source upload to trigger build with new",
                            "    debhelper which is needed for full DPKG_ROOT support",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.17p2-7",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Haber <mh+debian-packages@zugschlus.de>",
                        "date": "Mon, 08 Jun 2026 09:32:46 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  [ Marc Haber ]",
                            "  * add CVE number to 1.9.17p2-5 changelog",
                            "  * Fix test suite caching tests.",
                            "  * add pam_env.so invocation to pam files.",
                            "  * align /etc/sudoers with what upstream ships.",
                            "",
                            "  [ Johannes Schauer Marin Rodrigues ]",
                            "  * debian/sudo.postinst: support DPKG_ROOT",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.17p2-6",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Haber <mh+debian-packages@zugschlus.de>",
                        "date": "Mon, 01 Jun 2026 06:44:55 +0200"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-35535",
                                "url": "https://ubuntu.com/security/CVE-2026-35535",
                                "cve_description": "In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.",
                                "cve_priority": "high",
                                "cve_public_date": "2026-04-03 03:16:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * cherry-pick upstream exec_mailer-Set-group-as-well-as-uid.",
                            "    This is the upstream fix for CVE-2026-35535:",
                            "    https://github.com/sudo-project/sudo/commit/3e474c2",
                            "  * Build-Depend on libselinux-dev instead of libselinux1-dev",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.17p2-5",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Haber <mh+debian-packages@zugschlus.de>",
                        "date": "Sat, 28 Mar 2026 13:11:59 +0100"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * some improvements to the test suite, making it more suitable",
                            "    for older Debian releases",
                            "  * remove sudo.preinst (historic)",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.17p2-4",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Haber <mh+debian-packages@zugschlus.de>",
                        "date": "Tue, 10 Feb 2026 21:29:33 +0100"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * use dh_maintscript to remove /etc/sudoers.d/README.",
                            "    Thanks to Sven Joachim (Closes: #1126614)",
                            "  * comment mail_badpass in default /etc/sudoers.",
                            "    Thanks to Sven Geggus (Closes: #1114986)",
                            "  * remove no longer used debconf templates (Closes: #1101123)",
                            "  * remove po-debconf dependency",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.17p2-3",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Haber <mh+debian-packages@zugschlus.de>",
                        "date": "Sat, 31 Jan 2026 21:32:35 +0100"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * upload to unstable",
                            "  * declare proper breaks/replacest",
                            "  * add upstream patch (and test case): Do not perform path expansion",
                            "    Thanks to Adam D. Barratt (Closes: #1126085)",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.17p2-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Haber <mh+debian-packages@zugschlus.de>",
                        "date": "Wed, 28 Jan 2026 22:12:32 +0100"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  [ Marc Haber ]",
                            "  * remove sudo-ldap.maintscript",
                            "  * remove sudo-ldap and libnss-sudo",
                            "",
                            "  [ Alexander Reichle-Schmehl ]",
                            "  * Add myself to uploaders",
                            "",
                            "  [ Daniel Lewart ]",
                            "  * Move /etc/sudoers.d/README to top of README.Debian (Closes: #1108772)",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.17p2-1exp1",
                        "urgency": "medium",
                        "distributions": "experimental",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Haber <mh+debian-packages@zugschlus.de>",
                        "date": "Wed, 31 Dec 2025 08:37:25 +0100"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2025-32463",
                                "url": "https://ubuntu.com/security/CVE-2025-32463",
                                "cve_description": "Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.",
                                "cve_priority": "high",
                                "cve_public_date": "2025-06-30 21:15:00 UTC"
                            },
                            {
                                "cve": "CVE-2025-32462",
                                "url": "https://ubuntu.com/security/CVE-2025-32462",
                                "cve_description": "Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.",
                                "cve_priority": "high",
                                "cve_public_date": "2025-06-30 21:15:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * backport upstream patch for CVE-2025-32463",
                            "  * add upstream patch for CVE-2025-32462",
                            "  * Add new italian debconf translation.",
                            "    Thanks to Ceppo (Closes: #1108208)",
                            ""
                        ],
                        "package": "sudo",
                        "version": "1.9.16p2-3",
                        "urgency": "high",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Marc Haber <mh+debian-packages@zugschlus.de>",
                        "date": "Mon, 30 Jun 2025 07:55:33 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "tcl",
                "from_version": {
                    "source_package_name": "tcltk-defaults",
                    "source_package_version": "8.6.16build1",
                    "version": "8.6.16build1"
                },
                "to_version": {
                    "source_package_name": "tcltk-defaults",
                    "source_package_version": "8.6.18",
                    "version": "8.6.18"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Bump version to match Tcl/Tk currently in forky.",
                            ""
                        ],
                        "package": "tcltk-defaults",
                        "version": "8.6.18",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Sergei Golovan <sgolovan@debian.org>",
                        "date": "Sat, 23 May 2026 21:04:26 +0300"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Bump version to match Tcl/Tk currently in forky.",
                            "  * Bump standards version to 4.7.4.",
                            ""
                        ],
                        "package": "tcltk-defaults",
                        "version": "8.6.17",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Sergei Golovan <sgolovan@debian.org>",
                        "date": "Thu, 30 Apr 2026 12:28:50 +0300"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "tcl8.6",
                "from_version": {
                    "source_package_name": "tcl8.6",
                    "source_package_version": "8.6.17+dfsg-1build1",
                    "version": "8.6.17+dfsg-1build1"
                },
                "to_version": {
                    "source_package_name": "tcl8.6",
                    "source_package_version": "8.6.18+dfsg-1",
                    "version": "8.6.18+dfsg-1"
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "  * Drop build dependency on versioned dpkg-dev.",
                            "  * Bump standards version to 4.7.4.",
                            ""
                        ],
                        "package": "tcl8.6",
                        "version": "8.6.18+dfsg-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Sergei Golovan <sgolovan@debian.org>",
                        "date": "Thu, 14 May 2026 09:10:10 +0300"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "telnet",
                "from_version": {
                    "source_package_name": "inetutils",
                    "source_package_version": "2:2.7-2ubuntu1",
                    "version": "0.17+2.7-2ubuntu1"
                },
                "to_version": {
                    "source_package_name": "inetutils",
                    "source_package_version": "2:2.8-2ubuntu1",
                    "version": "0.17+2.8-2ubuntu1"
                },
                "cves": [
                    {
                        "cve": "CVE-2026-32772",
                        "url": "https://ubuntu.com/security/CVE-2026-32772",
                        "cve_description": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-03-16 14:19:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-24061",
                        "url": "https://ubuntu.com/security/CVE-2026-24061",
                        "cve_description": "telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a \"-f root\" value for the USER environment variable.",
                        "cve_priority": "high",
                        "cve_public_date": "2026-01-21 07:16:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-32746",
                        "url": "https://ubuntu.com/security/CVE-2026-32746",
                        "cve_description": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-03-13 19:55:00 UTC"
                    },
                    {
                        "cve": "CVE-2026-28372",
                        "url": "https://ubuntu.com/security/CVE-2026-28372",
                        "cve_description": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.",
                        "cve_priority": "medium",
                        "cve_public_date": "2026-02-27 06:18:00 UTC"
                    }
                ],
                "launchpad_bugs_fixed": [
                    2153307
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian unstable (LP: #2153307). Remaining changes:",
                            "    - Do not test the inetutils-ping package (LP #2009814)",
                            "      + d/t/test-root-commands: disable ping tests.",
                            "      + d/t/control: remove inetutils-ping dependency.",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.8-2ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2153307
                        ],
                        "author": "Zineb Zaadoud <zineb.zaadoud@canonical.com>",
                        "date": "Tue, 16 Jun 2026 22:02:01 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Remove no longer used spelling-error-in-binary lintian override.",
                            "  * Remove unused /var/log/ppp.log logrotate handling.",
                            "  * Merge individual logrotate log file entries into two entries.",
                            "  * Reload inetutils-syslogd for all logrotate entries.",
                            "  * Switch to /run/xconsole for all systems with a compat symlink from /dev.",
                            "  * Remove /var/log/news/news.* log handling. (Closes: #1135791)",
                            "  * Remove /var/log/lpr.log log handling.",
                            "  * Remove /var/log/uucp.log log handling.",
                            "  * Enable /var/log/cron.log log handling for cron facility.",
                            "  * Place /var/log/syslog as the first log file, before /var/log/auth.log.",
                            "  * Move commented out tty log handling entry to an example config fragment.",
                            "  * Move enabled xconsole log handling entry to an example config fragment.",
                            "  * Fix typos in syslog.conf(5) man page.",
                            "  * Add explicit mentions of /etc/syslog.d/ into man pages.",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.8-2",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Wed, 06 May 2026 23:19:05 +0200"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Merge with Debian unstable. Remaining changes:",
                            "    - Do not test the inetutils-ping package (LP #2009814)",
                            "      + d/t/test-root-commands: disable ping tests",
                            "      + d/t/control: remove inetutils-ping dependency",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.8-1ubuntu1",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [],
                        "author": "Simon Quigley <tsimonq2@debian.org>",
                        "date": "Tue, 05 May 2026 08:38:23 -0500"
                    },
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * New upstream release.",
                            "    - Remove patches merged upstream.",
                            "    - Update copyright years.",
                            "    - Update telnetd man page to remove --debug option.",
                            "  * Remove build dependency on debhelper (>= 13.10) implied by",
                            "    debhelper-compat (= 13) since Debian bookworm.",
                            "  * Remove build dependencies on automake, autoconf and libtool implied",
                            "    by debhelper-compat (>= 10) since Debian stretch.",
                            "  * Switch to Standards-Version 4.7.4 (no changes needed).",
                            "  * Improve package descriptions:",
                            "    - Do not capitalize program names, instead prefix them with \"the\".",
                            "    - Clarify these are GNU tools.",
                            "    - Clarify that inetutils-ping contains ping and ping6 for ICMP and ICMP6.",
                            "    - Add FTP acronym to the synopsis.",
                            "    - Use talk client/server instead of tools to talk/communicate with users.",
                            "    - Fix grammar for inetutils-talkd.",
                            "  * Add a source package Description field.",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.8-1",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Thu, 30 Apr 2026 05:23:37 +0200"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-32772",
                                "url": "https://ubuntu.com/security/CVE-2026-32772",
                                "cve_description": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-03-16 14:19:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * Adapt netkit-telnet patch to not leak unexported environment variables to",
                            "    telnetd. Reported by Justin Swartz <justin.swartz@risingedge.co.za>.",
                            "    Fixes CVE-2026-32772. (Closes: #1130741)",
                            "  * Prevent user local privilege escalation using --debug, which was",
                            "    susceptible to symlink attacks, or leaking on-wire credentials to a",
                            "    user that had pre-created the file and kept it open. Fix by switching",
                            "    from /tmp/telnet.debug to /run/telnet/debug.<pid>, and making the",
                            "    setup error checks fatal.",
                            "    Partially reported by Justin Swartz <justin.swartz@risingedge.co.za>.",
                            "  * Update local telnetd man page to match new --debug behavior.",
                            "  * Fix typo in AUTHORS file. (Closes: #1127398)",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.7-5",
                        "urgency": "medium",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Tue, 24 Mar 2026 04:33:27 +0100"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-24061",
                                "url": "https://ubuntu.com/security/CVE-2026-24061",
                                "cve_description": "telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a \"-f root\" value for the USER environment variable.",
                                "cve_priority": "high",
                                "cve_public_date": "2026-01-21 07:16:00 UTC"
                            },
                            {
                                "cve": "CVE-2026-32746",
                                "url": "https://ubuntu.com/security/CVE-2026-32746",
                                "cve_description": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-03-13 19:55:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * Update patch metadata.",
                            "  * Add patches from upstream:",
                            "    - Ignore all environment options from clients unless the variable was",
                            "      listed in the new --accept-env telnetd option. This mitigates privilege",
                            "      escalation using environment variables.",
                            "      This is the complete fix for CVE-2026-24061, with its own CVE pending.",
                            "    - Fix stack buffer overlflow processing SLC suboption triplets.",
                            "      Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg,",
                            "      Daniel Lubel at DREAM Security Research Team.",
                            "      Fixes CVE-2026-32746. (Closes: #1130742)",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.7-4",
                        "urgency": "high",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Mon, 16 Mar 2026 09:22:45 +0100"
                    },
                    {
                        "cves": [
                            {
                                "cve": "CVE-2026-28372",
                                "url": "https://ubuntu.com/security/CVE-2026-28372",
                                "cve_description": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.",
                                "cve_priority": "medium",
                                "cve_public_date": "2026-02-27 06:18:00 UTC"
                            }
                        ],
                        "log": [
                            "",
                            "  * Add patch from upstream:",
                            "    - Prevent privilege escalation via telnetd abusing systemd service",
                            "      credentials support added to the login(1) implementation of util-linux in",
                            "      release 2.40. Reported by Ron Ben Yizhak <ron.benyizhak@safebreach.com>.",
                            "      Fixes CVE-2026-28372.",
                            "  * Remove unused lintian override very-long-line-length-in-source-file.",
                            ""
                        ],
                        "package": "inetutils",
                        "version": "2:2.7-3",
                        "urgency": "high",
                        "distributions": "unstable",
                        "launchpad_bugs_fixed": [],
                        "author": "Guillem Jover <guillem@debian.org>",
                        "date": "Mon, 16 Feb 2026 13:57:00 +0100"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "ubuntu-kernel-accessories",
                "from_version": {
                    "source_package_name": "ubuntu-meta",
                    "source_package_version": "1.571",
                    "version": "1.571"
                },
                "to_version": {
                    "source_package_name": "ubuntu-meta",
                    "source_package_version": "1.572",
                    "version": "1.572"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2158262
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Refreshed dependencies",
                            "  * debootstrap-version: bump to 1.0.144 in stonking",
                            "  * Removed pollinate from cloud-minimal, server, server-minimal,",
                            "    server-raspi (LP: #2158262)",
                            ""
                        ],
                        "package": "ubuntu-meta",
                        "version": "1.572",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2158262
                        ],
                        "author": "Christian Ehrhardt <christian.ehrhardt@canonical.com>",
                        "date": "Thu, 25 Jun 2026 13:08:38 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "ubuntu-minimal",
                "from_version": {
                    "source_package_name": "ubuntu-meta",
                    "source_package_version": "1.571",
                    "version": "1.571"
                },
                "to_version": {
                    "source_package_name": "ubuntu-meta",
                    "source_package_version": "1.572",
                    "version": "1.572"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2158262
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Refreshed dependencies",
                            "  * debootstrap-version: bump to 1.0.144 in stonking",
                            "  * Removed pollinate from cloud-minimal, server, server-minimal,",
                            "    server-raspi (LP: #2158262)",
                            ""
                        ],
                        "package": "ubuntu-meta",
                        "version": "1.572",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2158262
                        ],
                        "author": "Christian Ehrhardt <christian.ehrhardt@canonical.com>",
                        "date": "Thu, 25 Jun 2026 13:08:38 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "ubuntu-server",
                "from_version": {
                    "source_package_name": "ubuntu-meta",
                    "source_package_version": "1.571",
                    "version": "1.571"
                },
                "to_version": {
                    "source_package_name": "ubuntu-meta",
                    "source_package_version": "1.572",
                    "version": "1.572"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2158262
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Refreshed dependencies",
                            "  * debootstrap-version: bump to 1.0.144 in stonking",
                            "  * Removed pollinate from cloud-minimal, server, server-minimal,",
                            "    server-raspi (LP: #2158262)",
                            ""
                        ],
                        "package": "ubuntu-meta",
                        "version": "1.572",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2158262
                        ],
                        "author": "Christian Ehrhardt <christian.ehrhardt@canonical.com>",
                        "date": "Thu, 25 Jun 2026 13:08:38 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            },
            {
                "name": "ubuntu-standard",
                "from_version": {
                    "source_package_name": "ubuntu-meta",
                    "source_package_version": "1.571",
                    "version": "1.571"
                },
                "to_version": {
                    "source_package_name": "ubuntu-meta",
                    "source_package_version": "1.572",
                    "version": "1.572"
                },
                "cves": [],
                "launchpad_bugs_fixed": [
                    2158262
                ],
                "changes": [
                    {
                        "cves": [],
                        "log": [
                            "",
                            "  * Refreshed dependencies",
                            "  * debootstrap-version: bump to 1.0.144 in stonking",
                            "  * Removed pollinate from cloud-minimal, server, server-minimal,",
                            "    server-raspi (LP: #2158262)",
                            ""
                        ],
                        "package": "ubuntu-meta",
                        "version": "1.572",
                        "urgency": "medium",
                        "distributions": "stonking",
                        "launchpad_bugs_fixed": [
                            2158262
                        ],
                        "author": "Christian Ehrhardt <christian.ehrhardt@canonical.com>",
                        "date": "Thu, 25 Jun 2026 13:08:38 +0200"
                    }
                ],
                "notes": null,
                "is_version_downgrade": false
            }
        ],
        "snap": []
    },
    "added": {
        "deb": [],
        "snap": []
    },
    "removed": {
        "deb": [
            {
                "name": "pollinate",
                "from_version": {
                    "source_package_name": "pollinate",
                    "source_package_version": "4.33-4ubuntu6",
                    "version": "4.33-4ubuntu6"
                },
                "to_version": {
                    "source_package_name": null,
                    "source_package_version": null,
                    "version": null
                },
                "cves": [],
                "launchpad_bugs_fixed": [],
                "changes": [],
                "notes": null,
                "is_version_downgrade": false
            }
        ],
        "snap": []
    },
    "notes": "Changelog diff for Ubuntu 26.10 stonking image from daily image serial 20260621 to 20260626",
    "from_series": "stonking",
    "to_series": "stonking",
    "from_serial": "20260621",
    "to_serial": "20260626",
    "from_manifest_filename": "daily_manifest.previous",
    "to_manifest_filename": "manifest.current"
}