diff --git a/changelog/security/2025-03-31-weekly-updates.md b/changelog/security/2025-03-31-weekly-updates.md
new file mode 100644
index 0000000000..e257fd13c2
--- /dev/null
+++ b/changelog/security/2025-03-31-weekly-updates.md
@@ -0,0 +1,5 @@
+- cifs-utils ([CVE-2025-2312](https://nvd.nist.gov/vuln/detail/CVE-2025-2312))
+- crun ([CVE-2025-24965](https://nvd.nist.gov/vuln/detail/CVE-2025-24965))
+- libarchive ([CVE-2025-25724](https://nvd.nist.gov/vuln/detail/CVE-2025-25724))
+- libxslt ([CVE-2025-24855](https://nvd.nist.gov/vuln/detail/CVE-2025-24855), [CVE-2024-55549](https://nvd.nist.gov/vuln/detail/CVE-2024-55549))
+- socat ([socat-20250221](https://repo.or.cz/socat.git/blob/refs/tags/tag-1.8.0.3:/CHANGES#l4))
diff --git a/changelog/updates/2025-03-31-weekly-updates.md b/changelog/updates/2025-03-31-weekly-updates.md
new file mode 100644
index 0000000000..6c491eb499
--- /dev/null
+++ b/changelog/updates/2025-03-31-weekly-updates.md
@@ -0,0 +1,15 @@
+- base, dev: btrfs-progs ([6.13](https://raw.githubusercontent.com/kdave/btrfs-progs/refs/tags/v6.13/CHANGES))
+- base, dev: cifs-utils ([7.3](https://lists.samba.org/archive/samba-technical/2025-March/139360.html) (includes [7.2](https://lists.samba.org/archive/samba-technical/2025-February/139330.html), [7.1](https://lists.samba.org/archive/samba-technical/2024-October/139146.html)))
+- base, dev: expat ([2.7.1](https://github.com/libexpat/libexpat/blob/R_2_7_1/expat/Changes#L40))
+- base, dev: git ([2.49.0](https://github.com/git/git/blob/v2.49.0/Documentation/RelNotes/2.49.0.adoc))
+- base, dev: libarchive ([3.7.8](https://github.com/libarchive/libarchive/releases/tag/v3.7.8))
+- base, dev: libxml2 ([2.13.7](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.7) (includes [2.13.6](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.6), [2.13.5](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.5), [2.13.4](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.4), [2.13.3](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.3), [2.13.2](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.2), [2.13.1](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.1), [2.13.0](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.13.0)))
+- base, dev: nghttp2 ([1.65.0](https://github.com/nghttp2/nghttp2/releases/tag/v1.65.0))
+- base, dev: socat ([1.8.0.3](https://repo.or.cz/socat.git/blob/refs/tags/tag-1.8.0.3:/CHANGES))
+- base, dev: strace ([6.13](https://github.com/strace/strace/releases/tag/v6.13))
+- sysext-podman: catatonit ([0.2.1](https://github.com/openSUSE/catatonit/releases/tag/v0.2.1))
+- sysext-podman: crun ([1.20](https://github.com/containers/crun/releases/tag/1.20))
+- sysext-podman: gpgme ([1.24.2](https://dev.gnupg.org/T7524))
+- sysext-python: trove-classifiers ([2025.3.19.19](https://github.com/pypa/trove-classifiers/releases/tag/2025.3.19.19))
+- vmware: libxslt ([1.1.43](https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.43) (includes [1.1.42](https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.42), [1.1.41](https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.41), [1.1.40](https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.40)))
+- vmware: xmlsec ([1.3.7](https://github.com/lsh123/xmlsec/releases/tag/1.3.7))