Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-25646 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to | libpng1.6 libpng1.6 libpng1.6 libpng1.6 libpng1.6 libpng1.6 |
| CVE | CVE-2026-25506 | MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vul | munge munge munge munge munge munge |
| CVE | CVE-2026-1642 | A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a ma | nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx |
| CVE | CVE-2025-30187 | In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to | dnsdist dnsdist |
| CVE | CVE-2025-8671 | A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implement | dnsdist dnsdist |
| CVE | CVE-2026-26081 | BUG/MAJOR: quic: reject invalid token | haproxy haproxy haproxy haproxy |
| CVE | CVE-2025-11678 | Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilati | libwebsockets libwebsockets |
| CVE | CVE-2025-11677 | Use After Free in WebSocket server implementation in lws_handshake_server in warmcat libwebsockets may allow an attacker, in specific configurations | libwebsockets libwebsockets |
| CVE | CVE-2026-21218 | Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network. | dotnet9 dotnet10 dotnet8 dotnet8 dotnet9 dotnet10 dotnet8 dotnet8 |
| CVE | CVE-2026-25210 | In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for t | expat expat expat expat expat expat expat expat |
| CVE | CVE-2026-24515 | In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data. | expat expat expat expat expat expat expat expat |
| CVE | CVE-2025-59375 | libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. | expat expat expat expat |
| Launchpad | 2137664 | Noble update: upstream stable patchset 2026-01-07 | linux linux linux-hwe-6.8 |
| Launchpad | 2141314 | xhci_find_slot_id_by_port kernel panic on boot on arm64 | linux linux linux-hwe-6.8 |
| Launchpad | 2140984 | GTK4 failing tests on s390x with newer mesa | gtk4 gtk4 |
| Launchpad | 2085698 | Gesture in file chooser are not added, leading an huge Memory leak | gtk4 gtk4 |
| Launchpad | 2138276 | [noble:linux-xilinx] Disable cpu governor in ubuntu-xilinx kernel | linux-xilinx |
| Launchpad | 2139694 | SEGV in remmina or xfreerdp since upgrade to 2.6.1+dfsg1-3ubuntu2.8 on jammy | freerdp2 freerdp2 freerdp2 freerdp2 |
| CVE | CVE-2026-1539 | A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTT | libsoup3 libsoup3 libsoup3 libsoup3 libsoup3 libsoup3 libsoup3 libsoup3 |
| CVE | CVE-2026-1536 | A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) seq | libsoup3 libsoup3 libsoup3 libsoup3 libsoup3 libsoup3 libsoup3 libsoup3 |
About
-
Send Feedback to @ubuntu_updates
