[ubuntu/jammy-security] google-guest-agent 20250116.00-0ubuntu1~22.04.1 (Accepted)

[Hlib Korzhynskyy]

google-guest-agent (20250116.00-0ubuntu1~22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Authorization bypass in SSH protocol
    - debian/extra/vendor/golang.org/x/crypto/ssh/server.go: Change
      maxCachedPubKeys to 1 and change limit checks. Based on:
      https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909
    - CVE-2024-45337

google-guest-agent (20250116.00-0ubuntu1~22.04.0) jammy; urgency=medium

  * No change rebuild for Jammy Jellyfish.

google-guest-agent (20250116.00-0ubuntu1) plucky; urgency=medium

  * New upstream version for upstream tag 20250116.00. (LP: #2096765)

google-guest-agent (20241011.01-0ubuntu1~22.04.0) jammy; urgency=medium

  * Rebuild for Jammy

google-guest-agent (20241011.01-0ubuntu1) plucky; urgency=medium

  * New version for upstream tag 20241011.01. (LP: #2084498)
     * Revendor golang dependencies.

google-guest-agent (20240716.00-0ubuntu1~22.04.0) jammy; urgency=medium

  * No-change rebuild for Jammy.

google-guest-agent (20240716.00-0ubuntu1) oracular; urgency=medium

  [ Utkarsh Gupta ]
  * New upstream version 20240716.00. (LP: #2073163)
  * Update vendored dependencies.
  * Set DH_GOLANG_INSTALL_EXTRA to editions_defaults.binpb.

  [ Chloé Smith ]
  * d/p/0006-add-after-cloud-config-service.patch: add patch
    to force ordering between cloud-init and the guest agent.
    (LP: #2057965)

google-guest-agent (20240213.00-0ubuntu4) oracular; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/extra/vendor/googgle.golang.org/protobuf was
      patched with a backport of f01a588e5810b90996452eec4a28f22a0afae023
      in files encoding/protojson/well_known_types.go,
      internal/encoding/json/decode.go.
    - debian/extra/vendor adding patches-applied and README.txt for
      track/documentation propose about patches applied in vendored sources.
    - CVE-2024-24786

google-guest-agent (20240213.00-0ubuntu3) noble; urgency=medium

  * No-change rebuild against Go 1.22.

google-guest-agent (20240213.00-0ubuntu2) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

google-guest-agent (20240213.00-0ubuntu1) noble; urgency=medium

  [ Utkarsh Gupta ]
  * Add a reason to include include-binaries file.

  [ Chloé 'kajiya' Smith ]
  * New upstream version, v20240213.00. (LP: #2054484)
  * d/extra/vendor: Update the vendored dependencies.
  * d/source/include-binaries: add new file.

google-guest-agent (20231004.02-0ubuntu3) noble; urgency=medium

  * d/control: Fix dependency version of `google-compute-engine-oslogin`
    to match archive (LP: #2050956)

google-guest-agent (20231004.02-0ubuntu2) noble; urgency=medium

  * d/control: There should b a dependency on `google-compute-engine-oslogin`
    to match the Google managed control file (LP: #2050956)
    * Also updated the `Vcs-` fields and removed the `Uploaders` field.

google-guest-agent (20231004.02-0ubuntu1) noble; urgency=medium

  * New upstream version 20231004.02. (LP: #2040945)
  * d/extra/vendor: Update vendored dependencies.

Date: 2025-10-24 12:56:14.409725+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/google-guest-agent/20250116.00-0ubuntu1~22.04.1
-------------- next part --------------
Sorry, changesfile not available.