UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2155241 [SRU] libreoffice 26.2.4 for resolute libreoffice libreoffice
CVE CVE-2026-9076 Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-7383 Issue summary: A signed integer overflow when sizing the destination b ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45447 Issue summary: A specially crafted PKCS#7 or S/MIME signed message cou ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45446 Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-S ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45445 Issue summary: When an application drives an AES-OCB context through t ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42770 Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42769 Issue Summary: An error in the callback used to verify the certificate ... openssl openssl openssl openssl
CVE CVE-2026-42768 Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnera ... openssl openssl openssl openssl
CVE CVE-2026-42767 Issue summary: An attacker-controlled CMP (Certificate Management Prot ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42766 Issue summary: A specially crafted password-encrypted CMS message can ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42764 Issue summary: Receiving a QUIC initial packet with an invalid token m ... openssl openssl openssl openssl
CVE CVE-2026-34183 Issue summary: Remote peer may exhaust heap memory of the QUIC server ... openssl openssl openssl openssl
CVE CVE-2026-34182 Issue Summary: Cryptographic Message Services (CMS) processing fails t ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-34181 Issue Summary: The PKCS#12 file processing fails to perform sufficient ... openssl openssl openssl openssl
CVE CVE-2026-34180 Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a pr ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-46483 Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/ta vim vim vim vim vim vim vim vim vim vim vim vim vim vim vim vim
CVE CVE-2026-40214 In OpenStack Cyborg before 16.0.1, the Accelerator Request (ARQ) API does not enforce project ownership at any layer. The project_id column in the da cyborg cyborg
CVE CVE-2026-40213 OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any cyborg cyborg
Launchpad 2150773 Slowness on UC26 on daemon-reload requests systemd systemd



About   -   Send Feedback to @ubuntu_updates