UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2156327 [SRU] Add quirks support for Elan touchpad 04F3:3355 libinput libinput libinput libinput libinput libinput
Launchpad 2156191 [SRU] kwin_wayland does not use the NVIDIA GPU on Wayland when prime-select is set to nvidia plasma-optimus
CVE CVE-2026-8450 HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open( libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl
Launchpad 2152830 Taint mismatch, Ustrncpy: string_is_ip_addressX 110 exim4 exim4 exim4 exim4
Launchpad 2155665 Removing package ubuntu-helper-virt-hwe breaks Apt qemu-hwe qemu-hwe
CVE CVE-2026-43513 Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0. tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-43512 DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 t tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-43515 Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affe tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-42498 Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-41293 Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 1 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-41284 Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
Launchpad 2155241 [SRU] libreoffice 26.2.4 for resolute libreoffice libreoffice
CVE CVE-2026-9076 Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-7383 Issue summary: A signed integer overflow when sizing the destination b ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45447 Issue summary: A specially crafted PKCS#7 or S/MIME signed message cou ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45446 Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-S ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45445 Issue summary: When an application drives an AES-OCB context through t ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42770 Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42769 Issue Summary: An error in the callback used to verify the certificate ... openssl openssl openssl openssl
CVE CVE-2026-42768 Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnera ... openssl openssl openssl openssl



About   -   Send Feedback to @ubuntu_updates