UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
CVE CVE-2024-23254 The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watch webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk
CVE CVE-2024-2496 A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host inter libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt
CVE CVE-2024-2494 A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length c libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt
CVE CVE-2024-1441 An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `nam libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt
CVE CVE-2024-2201 Native Branch History Injection linux linux linux-hwe-5.15 linux linux-oem-6.5 linux-azure-5.15 linux-aws-5.15 linux-lowlatency-hwe-5.15 linux-gcp-5.15 linux-azure-6.5 linux-ibm-5.15 linux-hwe-6.5 linux-oracle-5.15 linux-gcp-6.5 linux-riscv-5.15 linux linux-intel-iotg-5.15 linux-oem-6.5 linux-gcp-6.5 linux-azure-6.5 linux-oracle-5.15 linux-hwe-5.15 linux-gcp-5.15 linux-aws-5.15 linux-ibm-5.15 linux-laptop linux-azure-5.15 linux-oracle-6.5 linux-lowlatency-hwe-6.5 linux-aws-6.5 linux-intel-iotg-5.15 linux-riscv linux-starfive linux-xilinx-zynqmp linux-starfive linux-laptop linux-lowlatency-hwe-5.15 linux-riscv-6.5 linux-starfive-6.5 linux-hwe-6.5
CVE CVE-2024-27285 YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) a yard yard yard yard
Launchpad 2061121 Mantic preseeding of LXD using incorrect track/channel livecd-rootfs
Launchpad 2051380 Expired certificate used for tests causes failures ruby3.1 ruby3.0
Launchpad 2055241 Update on-chip oscillator clock nodes for Kria linux-xilinx-zynqmp
Launchpad 2058321 Unsupported platform 'ZynqMP KV260 revB linux-xilinx-zynqmp
Launchpad 2058707 Backport AXI 1-wire host driver linux-xilinx-zynqmp
Launchpad 2056100 sru cloud-init 23.4.4 to 24.1.3 cloud-init cloud-init
CVE CVE-2022-29599 In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing she maven-shared-utils maven-shared-utils maven-shared-utils maven-shared-utils
Launchpad 2060906 attempt to add opensc using modutil suddenly fails nss nss nss nss nss nss nss nss
CVE CVE-2024-27316 HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client do apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2024-24795 HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applicat apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2023-38709 Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2
Launchpad 2060880 squid crashes after update to 4.10-1ubuntu1.10 squid squid squid squid
Launchpad 1876597 [SRU] package pure-ftpd-common 1.0.49-4 failed to install/upgrade: unable to open '/usr/share/doc/pure-ftpd-common/README.Authentication-Modules.gz.d pure-ftpd
Launchpad 1855189 usbguard stops responding when recvmsg receives ENOBUFS usbguard


About   -   Send Feedback to @ubuntu_updates