UbuntuUpdates

Bugs addressed in recent updates

Origin	Bug number	Title	Packages
Launchpad	2155241	[SRU] libreoffice 26.2.4 for resolute	libreoffice libreoffice
CVE	CVE-2026-9076	Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-7383	Issue summary: A signed integer overflow when sizing the destination b ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-45447	Issue summary: A specially crafted PKCS#7 or S/MIME signed message cou ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-45446	Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-S ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-45445	Issue summary: When an application drives an AES-OCB context through t ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-42770	Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-42769	Issue Summary: An error in the callback used to verify the certificate ...	openssl openssl openssl openssl
CVE	CVE-2026-42768	Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnera ...	openssl openssl openssl openssl
CVE	CVE-2026-42767	Issue summary: An attacker-controlled CMP (Certificate Management Prot ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-42766	Issue summary: A specially crafted password-encrypted CMS message can ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-42764	Issue summary: Receiving a QUIC initial packet with an invalid token m ...	openssl openssl openssl openssl
CVE	CVE-2026-34183	Issue summary: Remote peer may exhaust heap memory of the QUIC server ...	openssl openssl openssl openssl
CVE	CVE-2026-34182	Issue Summary: Cryptographic Message Services (CMS) processing fails t ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-34181	Issue Summary: The PKCS#12 file processing fails to perform sufficient ...	openssl openssl openssl openssl
CVE	CVE-2026-34180	Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a pr ...	openssl openssl openssl openssl openssl openssl openssl openssl
CVE	CVE-2026-46483	Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/ta	vim vim vim vim vim vim vim vim vim vim vim vim vim vim vim vim
CVE	CVE-2026-40214	In OpenStack Cyborg before 16.0.1, the Accelerator Request (ARQ) API does not enforce project ownership at any layer. The project_id column in the da	cyborg cyborg
CVE	CVE-2026-40213	OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any	cyborg cyborg
Launchpad	2150773	Slowness on UC26 on daemon-reload requests	systemd systemd

About - Send Feedback to @ubuntu_updates

Bugs addressed in recent updates

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates