{"chromium-135.0.7049.95":{"security":true,"name":{"default":"Chromium 135.0.7049.95"},"caution":{"default":"Fixes 2 security vulnerabilities (1 each of critical and high severities)","zh_CN":"修复 2 个安全漏洞（含 1 个严重漏洞，1 个高危漏洞）"},"packages":{"chromium":"135.0.7049.95"},"type":"conventional"},"clash-verge-service-fix-get-root-access":{"security":true,"name":{"default":"Clash Verge Service Security Update","zh_CN":"Clash Verge 服务安全更新"},"caution":{"default":"Fixes a remote code execution vulnerability exploitable via parameter manipulation","zh_CN":"修复一处可通过操纵程序参数利用的远程代码执行漏洞"},"packages":{"clash-verge-service":"0+git20250324-2"},"type":"conventional"},"core-12.1.3":{"security":false,"must_match_all":false,"name":{"default":"AOSC OS Core 12.1.3","zh_CN":"安同 OS 核心包，版本 12.1.3"},"caution":{"default":"Fixes inconsistent CMake configuration in zlib (zlib-ng), causing some software to fail to build","zh_CN":"修复 zlib (zlib-ng) 软件包中 CMake 配置与包内文件不一致的问题，该问题先前导致部分软件无法正常构建"},"packages":{"linux+api":"2:6.12.23","zlib":"1:2.2.4-2","aosc-aaa":"12.1.3"},"type":"conventional"},"firefox-137.0.2":{"security":true,"name":{"default":"Firefox 137.0.2"},"caution":{"default":"Fixes 1 security vulnerabilities disclosed in Mozilla Foundation Security Advisory 2025-25 (1 of high severity)","zh_CN":"修复 Mozilla 基金会第 2025-25 号安全公告中披露的 1 个安全漏洞（含 1 个高危漏洞）"},"packages":{"firefox":"137.0.2"},"type":"conventional"},"firefox-137.0":{"security":true,"name":{"default":"Firefox 137.0"},"caution":{"default":"Fixes 8 security vulnerabilities disclosed in Mozilla Foundation Security Advisory 2025-20 (2 of high severity)","zh_CN":"修复 Mozilla 基金会第 2025-20 号安全公告中披露的 8 个安全漏洞（含 2 个高危漏洞）"},"packages":{"firefox":"137.0"},"type":"conventional"},"firefox-138.0":{"security":true,"name":{"default":"Firefox 138.0"},"caution":{"default":"Fixes 11 security vulnerabilities disclosed in Mozilla Foundation Security Advisory 2025-28 (4 of high severity)","zh_CN":"修复 Mozilla 基金会第 2025-28 号安全公告中披露的 11 个安全漏洞（含 4 个高危漏洞）"},"packages":{"firefox":"138.0"},"type":"conventional"},"git-lfs-3.6.1":{"security":true,"name":{"default":"Git LFS 3.6.1 Security Update","zh_CN":"Git LFS 3.6.1 安全更新"},"caution":{"default":"Fixes a credential leak vulnerability - CVE-2024-53263 (Severity: High)","zh_CN":"修复一处身份泄漏漏洞，漏洞编号 CVE-2024-53263（严重性：高）"},"packages":{"git-lfs":"3.6.1"},"type":"conventional"},"intel-ucode-20250512":{"security":true,"name":{"default":"Intel Processor Microcode Package for Linux, version 20250512","zh_CN":"适用于 Linux 的 Intel 处理器微码包，版本 20250512"},"caution":{"default":"Fixes self-training Spectre-v2 (Exposure of Sensitive Information) vulnerability codenamed \"Training Solo\"","zh_CN":"修复代号为 \"Training Solo\" 的自训练 Spectre-v2（敏感信息泄漏）漏洞"},"packages":{"intel-ucode":"20250512"},"type":"conventional"},"libarchive-3.7.8":{"security":true,"name":{"default":"libarchive 3.7.8"},"caution":{"default":"Fixes multiple security vulnerabilities (3 of medium severity)","zh_CN":"修复三个安全漏洞（含 3 个中危漏洞）"},"packages":{"libarchive":"1:3.7.8"},"type":"conventional"},"linux-firmware-20250425":{"security":false,"must_match_all":false,"name":{"default":"Linux Firmware Update (April 25, 2025)","zh_CN":"Linux 固件更新（2025 年 4 月 25 日）"},"caution":{"default":"With enhancements for various audio, graphics, networking, and SoC devices and platforms, and a fix for unusable Wi-Fi on REDMI Book Pro 14 2025","zh_CN":"包含对数款音频、图形和网络设备，以及 SoC 平台的支持增强，并修复 REDMI Book Pro 14 2025 上无线网络不可用的问题"},"packages":{"firmware-nonfree":"20250425+debian20241210+1~bpo12+1"},"type":"conventional"},"linux-kernel-6.14.4":{"security":false,"name":{"default":"Linux Kernel, 6.14.4","zh_CN":"Linux 内核，版本 6.14.4"},"caution":{"default":"Fixes S0ix suspend failure on MECHREVO Wujie 14X","zh_CN":"修复机械革命无界 14X 笔记本 S0ix 睡眠失败的问题"},"packages":{"linux-kernel-6.14.4":"6.14.4-1","linux+kernel":"3:6.14.4"},"type":"conventional"},"linux-kernel-6.14.5":{"security":false,"name":{"default":"Linux Kernel, 6.14.5","zh_CN":"Linux 内核，版本 6.14.5"},"caution":{"default":"Fixes CJK character display in virtual terminal in HiDPI displays and enables basic display support via firmware","zh_CN":"修复高分屏下虚拟终端 CJK（中文、日文及韩文）字符显示错误的问题，并开启基于固件的基础显示支持"},"packages":{"linux+kernel":"3:6.14.5"},"type":"conventional"},"linux-kernel-6.14":{"security":false,"name":{"default":"Linux Kernel 6.14.0","zh_CN":"Linux 内核，版本 6.14"},"caution":{"default":"With enhanced support for new devices, notably AMD Radeon RX 9000 Series Graphics and multi-processor Loongson 3C6000 platforms; also fixes unreliable ACPI suspend (S3) on certain x86 laptops, intermittent USB connection on some Loongson motherboards, and hangs on ASUS laptops with Realtek RTL8723BE wireless cards","zh_CN":"包含对新设备支持的改进，尤其是 AMD Radeon RX 9000 系列显卡及龙芯 3C6000 多处理器平台；另包含对部分 x86 笔记本电脑 ACPI 睡眠 (S3) 不可靠、部分龙芯主板上 USB 时有失灵及搭载瑞昱 RTL8723BE 无线网卡的部分华硕笔记本电脑偶发死机等问题的修复"},"packages":{"linux-kernel-6.14.0":"6.14.0-2","linux+kernel":"3:6.14.0"},"type":"conventional"},"linux-kernel-asahi-6.14.5":{"security":false,"name":{"default":"Linux Kernel (Apple silicon), 6.14.5","zh_CN":"Linux 内核 (Apple silicon)，版本 6.14.5"},"caution":{"default":"Fixes CJK character display in virtual terminal in HiDPI displays","zh_CN":"修复高分屏下虚拟终端 CJK（中文、日文及韩文）字符显示错误的问题"},"packages":{"linux+kernel+asahi":"3:6.14.5"},"type":"conventional"},"linux-kernel-lts-6.12.25":{"security":false,"name":{"default":"Linux Kernel (Longterm Maintenance), 6.12.25","zh_CN":"Linux 内核（长期维护版本），版本 6.12.25"},"caution":{"default":"With enhanced support for new devices, notably AMD Radeon RX 9000 Series Graphics and multi-processor Loongson 3C6000 platforms; also fixes unreliable ACPI suspend (S3) on certain x86 laptops, intermittent USB connection on some Loongson motherboards, hangs on ASUS laptops with Realtek RTL8723BE wireless cards, and S0ix suspend failure on MECHREVO Wujie 14X","zh_CN":"包含对新设备支持的改进，尤其是 AMD Radeon RX 9000 系列显卡及龙芯 3C6000 多处理器平台；另包含对部分 x86 笔记本电脑 ACPI 睡眠 (S3) 不可靠、部分龙芯主板上 USB 时有失灵、搭载瑞昱 RTL8723BE 无线网卡的部分华硕笔记本电脑偶发死机，以及机械革命无界 14X 笔记本 S0ix 睡眠失败等问题的修复"},"packages":{"linux-kernel-lts-6.12.25":"6.12.25-1","linux+kernel+lts":"2:6.12.25"},"type":"conventional"},"linux-kernel-lts-6.12.26":{"security":false,"name":{"default":"Linux Kernel (Longterm Maintenance), 6.12.26","zh_CN":"Linux 内核（长期维护版本），版本 6.12.26"},"caution":{"default":"Fixes CJK character display in virtual terminal in HiDPI displays and enables basic display support via firmware","zh_CN":"修复高分屏下虚拟终端 CJK（中文、日文及韩文）字符显示错误的问题，并开启基于固件的基础显示支持"},"packages":{"linux+kernel+lts":"2:6.12.26"},"type":"conventional"},"mercurial-6.9.4":{"security":true,"name":{"default":"Mercurial 6.9.4 Security Update","zh_CN":"Mercurial 6.9.4 安全更新"},"caution":{"default":"Fixes a cross-site scripting (XSS) vulnerability - CVE-2025-2361 (Severity: Moderate)","zh_CN":"修复一处跨站脚本攻击 (XSS)，漏洞编号 CVE-2025-2361（严重性：中等）"},"packages":{"mercurial":"6.9.4"},"type":"conventional"},"mesa-25.0.3":{"security":false,"must_match_all":false,"name":{"default":"Mesa 3D Graphics Library 25.0.3","zh_CN":"Mesa 3D 图形库，版本 25.0.3"},"caution":{"default":"Fixes occasional instability on resume ACPI suspend (S3) with AMD Radeon RX 9000 Series Graphics and crashes/hangs while playing \"Octopath Traveler II\" and other titles with AMD Radeon 780M","zh_CN":"修复 AMD Radeon RX 9000 系列显卡从 ACPI 睡眠 (S3) 唤醒后的偶发稳定性问题及 AMD Radeon 780M 运行《歧路旅人 II》等游戏时的崩溃或画面锁死问题"},"packages":{"mesa":"1:25.0.3+dxheaders1.615.0"},"type":"conventional"},"oma-1.16.0":{"security":false,"must_match_all":false,"name":{"default":"oma 1.16.0","zh_CN":"小熊猫包管理 (oma) 1.16.0"},"caution":{"default":"With improved interface and instructions for fixing/reporting package manager errors, topic-aware undo functionality, and enhancements to various interfaces.","zh_CN":"修缮了软件包管理报错及修复操作的用户界面、为撤销功能 (oma undo) 新增了对安同 OS 测试源 (topics) 设置的状态操作支持，并对一部分界面设计进行了优化"},"packages":{"oma":"1.16.0"},"type":"conventional"},"oma-1.17.2":{"security":false,"must_match_all":false,"name":{"default":"oma 1.17.2","zh_CN":"小熊猫包管理 (oma) 1.17.2"},"caution":{"default":"With newly introduced disk usage analyzer, low storage warning, Zsh shell completions, and more","zh_CN":"包含全新磁盘占用分析器、磁盘将满警告、Zsh 补全等新特性"},"packages":{"oma":"1.17.2"},"type":"conventional"},"openjdk-24":{"security":false,"name":{"default":"OpenJDK 24 GA Update","zh_CN":"OpenJDK 24 GA 更新"},"packages":{"openjdk-24":"24+ga","openjdk+latest":"24"},"type":"conventional"},"openjdk-security-2025-apr":{"security":true,"must_match_all":false,"name":{"default":"OpenJDK Security Updates (April, 2025)","zh_CN":"OpenJDK 安全更新（2025 年 4 月）"},"caution":{"default":"Fixes over 20 security vulnerabilities disclosed in Oracle Critical Patch Update Advisory - April 2025 (multiple of high severity)","zh_CN":"修复 Oracle 重要更新公告（2025 年 4 月）中披露的逾 20 个安全漏洞（含多个高危漏洞）"},"packages":{"openjdk-8":"8u452+ga","openjdk-11":"11.0.27+ga","openjdk-17":"17.0.15+ga","openjdk-21":"21.0.7+ga","openjdk-24":"24.0.1+ga"},"type":"conventional"},"openvpn-2.6.14":{"security":true,"name":{"default":"OpenVPN 2.6.14 Security Update","zh_CN":"OpenVPN 2.6.14 安全更新"},"caution":{"default":"Fixes a denial of service vulnerability - CVE-2025-2704 (Severity: Medium)","zh_CN":"修复一处拒绝服务漏洞，漏洞编号 CVE-2025-2704（严重性：中）"},"packages":{"openvpn":"2.6.14"},"type":"conventional"},"rework-clash-verge-3428":{"security":true,"name":{"default":"Clash Verge Service Security Update","zh_CN":"Clash Verge 服务安全更新"},"caution":{"default":"Fixes a remote code execution vulnerability exploitable via parameter manipulation (clash-verge-service restart or reboot required)","zh_CN":"修复一处可通过操纵程序参数利用的远程代码执行漏洞（更新后请重启 clash-verge-service 服务或重启系统）"},"packages":{"clash-verge-service":"0+git20250324-3"},"type":"conventional"},"screen-5.0.1":{"security":true,"name":{"default":"GNU Screen 5.0.1"},"caution":{"default":"Fixes 5 security vulnerabilities (low severity)","zh_CN":"修复 5 个安全漏洞（低危）"},"packages":{"screen":"5.0.1"},"type":"conventional"},"thunderbird-137.0.1":{"security":true,"name":{"default":"Thunderbird 137.0"},"caution":{"default":"Fixes 7 security vulnerabilities disclosed in Mozilla Foundation Security Advisory 2025-23 (3 of high severity)","zh_CN":"修复 Mozilla 基金会第 2025-23 号安全公告中披露的 7 个安全漏洞（含 3 个高危漏洞）"},"packages":{"thunderbird":"137.0.1"},"type":"conventional"},"thunderbird-137.0.2":{"security":true,"name":{"default":"Thunderbird 137.0.2"},"caution":{"default":"Fixes 3 security vulnerabilities disclosed in Mozilla Foundation Security Advisory 2025-26 (2 of high severity)","zh_CN":"修复 Mozilla 基金会第 2025-26 号安全公告中披露的 3 个安全漏洞（含 2 个高危漏洞）"},"packages":{"thunderbird":"137.0.2"},"type":"conventional"},"thunderbird-138.0":{"security":true,"name":{"default":"Thunderbird 138.0"},"caution":{"default":"Fixes 11 security vulnerabilities disclosed in Mozilla Foundation Security Advisory 2025-31 (4 of high severity)","zh_CN":"修复 Mozilla 基金会第 2025-31 号安全公告中披露的 11 个安全漏洞（含 4 个高危漏洞）"},"packages":{"thunderbird":"138.0"},"type":"conventional"},"uboot-tools-2025.04":{"security":true,"name":{"default":"U-Boot Utilities 2025.04","zh_CN":"U-Boot 实用工具 2025.04"},"caution":{"default":"Fixes multiple security vulnerabilities (5 of high severity, 1 low)","zh_CN":"修复多个安全漏洞（含 5 个高危漏洞，1 个低危漏洞）"},"packages":{"uboot-tools":"2025.04"},"type":"conventional"},"virtualbox-7.1.8":{"security":true,"name":{"default":"Oracle VM VirtualBox 7.1.8"},"caution":{"default":"Fixes 3 security vulnerabilities disclosed in Oracle Critical Patch Update Advisory - April 2025 (1 of high severity)","zh_CN":"修复 Oracle 重要更新公告（2025 年 4 月）中披露的 3 个安全漏洞（含 1 个高危漏洞）"},"packages":{"virtualbox":"7.1.8"},"type":"conventional"},"xz-5.8.1":{"security":true,"name":{"default":"XZ (liblzma) 5.8.1 Security Update","zh_CN":"XZ (liblzma) 5.8.1 安全更新"},"caution":{"default":"Fixes a use-after-free vulnerability - CVE-2025-31115 (Severity: High)","zh_CN":"修复一处释放后使用 (use-after-free) 漏洞，漏洞编号 CVE-2025-31115（严重性：高）"},"packages":{"xz":"5.8.1","xz+32":"5.8.1"},"type":"conventional"},"zlib-rvv-fix-chunkcopy":{"security":false,"name":{"default":"AOSC OS Core 12.1.1","zh_CN":"安同 OS 核心包 12.1.1"},"caution":{"default":"Fixes application crashes on RISC-V platforms with RVV instructions","zh_CN":"修复搭载 RVV 指令集扩展的 RISC-V 设备上部分应用程序崩溃的问题"},"packages":{"aosc-aaa":"12.1.1","zlib":"1:2.2.4-1"},"type":"conventional"}}