1.25.2

These release notes cover new features and changes in Anbox Cloud 1.25.2.

Anbox Cloud 1.25.2 is a patch release. To understand minor and patch releases, see Release notes.

Please see Component versions for a list of updated components.

Requirements

See the Requirements for details on general and deployment specific requirements to run Anbox Cloud.

New features & improvements

• You can now change the authorization for the AMS API after your initialize the appliance with the following commands:

For a sudo user to authorize and register their UID, run:

sudo anbox-cloud-appliance ams authorize

The command will determine the UID to be authorized from the SUDO_UID environment variable that sudo sets for the invoking user.

To authorize another user and register their UID, run:

    sudo anbox-cloud-appliance ams authorize <UID>

To deauthorize and remove a user’s UID, run:

    sudo anbox-cloud-appliance ams deauthorize <UID>

Other

• Android security updates for April 2025 (see Android Security Bulletin - April 2025).

• The Android WebView has been updated to 135.0.7049.38.

Known issues

• The fix for CVE-2025-30215 is not included in this release.

CVEs

The Anbox Cloud 1.25.2 release includes fixes from the respective upstreams and components for the following CVEs:

Note

Android 12 has reached end of life and there will be no more security updates from upstream. However, for users still on Android 12, we will continue to patch Android 12 by cherry-picking the commits to CVEs tagged with Critical severity from the upstream.

CVE	Affected Components
CVE-2025-27152	AMS
CVE-2025-30204	AMS, Anbox
CVE-2025-22870	AMS, Anbox
CVE-2025-22429	Android 12,13,14
CVE-2025-22416	Android 13,14
CVE-2025-22417	Android 14
CVE-2025-22422	Android 13, 14
CVE-2025-22424	Android 13, 14
CVE-2025-22426	Android 13, 14
CVE-2025-22434	Android 14
CVE-2025-22437	Android 13
CVE-2025-22438	Android 13, 14
CVE-2025-22442	Android 13, 14
CVE-2025-22421	Android 13, 14
CVE-2025-22431	Android 13, 14
CVE-2025-26416	Android 12, 13, 14
CVE-2025-22423	Android 12,13, 14
CVE-2024-40653	Android 13, 14
CVE-2024-49720	Android 13, 14
CVE-2024-49730	Android 13, 14
CVE-2025-22418	Android 13, 14
CVE-2025-22419	Android 13, 14
CVE-2025-22427	Android 13, 14
CVE-2025-22428	Android 13, 14
CVE-2025-22432	Android 13, 14
CVE-2025-22433	Android 13, 14
CVE-2025-22435	Android 13, 14
CVE-2025-22439	Android 13, 14
CVE-2024-49728	Android 13, 14

Bug fixes

• LP 2103746 AMS provides a panic warning because of a concurrent write to the WebSocket connection.

• LP 2103485 Links to some charms on the Charmhub page for the Anbox Cloud Core bundle are broken and the bundle does not deploy correctly.

• LP 2101806 Two different images have the same size when they should have been of different sizes.

• LP 2105468 When deploying the AMS with prometheus_extra_labels configured, the AMS unit ends up with an error status.

• LP 2106349 When a user deploys AMS and AAR using a single juju deploy command, Juju deploys them at the same time. However, this results in AMS running into a hook error while AAR is deployed properly.

• LP 2106384 Sporadically, the Anbox stream gateway gets stuck with Waiting for certificates status.

• LP 2091609 Private bug

Upgrade instructions

See How to upgrade Anbox Cloud for instructions on how to update your Anbox Cloud deployment to the 1.25.2 release.