Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2130569 | php-fpm scoreboard: failed to lock | php8.3 php8.3 |
| Launchpad | 2139651 | [SRU] Add ALSA UCM support for MediaTek MT8391-EVK platform | alsa-ucm-conf alsa-ucm-conf |
| Launchpad | 2140975 | firmware file iwlwifi-bz-b0-gf-a0-100.ucode missing from linux-firmware pkg | linux-firmware linux-firmware |
| Launchpad | 2138754 | [ath12k wcn7850] 5 GHz Wi-Fi broken in kernel 6.17+ due to broken frequency range filtering | linux-firmware |
| Launchpad | 2141270 | Support Video Codec on Qualcomm RB8 | linux-firmware |
| Launchpad | 2140349 | Add ISH firmware for DELL devices of Intel Panther Lake platform | linux-firmware |
| Launchpad | 2065149 | initramfs-tools/scripts/local-bottom/clevis: ps: invalid option -- 'o' | clevis clevis |
| Launchpad | 2133183 | libvirt fails to live-migrate instances with non-shared storage, tls and live migrations | libvirt libvirt |
| CVE | CVE-2026-2447 | Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, a | libvpx libvpx libvpx libvpx libvpx libvpx libvpx libvpx libvpx libvpx libvpx |
| Launchpad | 2089834 | ods-signerd crashes at start after upgrade 22.04 to 24.04 LTS | opendnssec opendnssec |
| CVE | CVE-2026-0968 | Denial of Service due to malformed SFTP message | libssh libssh libssh libssh libssh libssh |
| CVE | CVE-2026-0967 | Denial of Service via inefficient regular expression processing | libssh libssh libssh libssh libssh libssh |
| CVE | CVE-2026-0966 | Buffer underflow in ssh_get_hexa() on invalid input | libssh libssh libssh libssh libssh libssh |
| CVE | CVE-2026-0965 | Denial of Service via improper configuration file handling | libssh libssh libssh libssh libssh libssh |
| CVE | CVE-2026-0964 | Improper sanitation of paths received from SCP servers | libssh libssh libssh libssh libssh libssh |
| CVE | CVE-2025-8277 | A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free | libssh libssh libssh libssh libssh libssh |
| CVE | CVE-2024-50305 | Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2 | trafficserver trafficserver trafficserver trafficserver trafficserver trafficserver |
| Launchpad | 2141624 | CVE-2024-50305: out-of-bounds read in trafficserver get_host_port_values | trafficserver trafficserver trafficserver trafficserver trafficserver trafficserver |
| CVE | CVE-2025-61107 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext. | frr frr frr frr frr frr frr frr frr frr frr frr |
| CVE | CVE-2025-61106 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext. | frr frr frr frr frr frr frr frr frr frr frr frr |
About
-
Send Feedback to @ubuntu_updates
