Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2019-6462 | An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max | cairo cairo |
| CVE | CVE-2019-6461 | An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c. | cairo cairo |
| CVE | CVE-2017-9814 | cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling | cairo cairo |
| CVE | CVE-2026-33056 | tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpack_dir func | rust-tar rust-cargo-c rust-tar rust-tar |
| Launchpad | 2129178 | Can not boot qemu VMs using ParaVirtual SCSI controllers with Ubuntu 24.04 | edk2 edk2 edk2 edk2 |
| CVE | CVE-2025-61594 | URI is a module providing classes to handle Uniform Resource Identifiers. In versions prior to 0.12.5, 0.13.3, and 1.0.4, a bypass exists for the fix | ruby3.3 ruby3.2 ruby3.0 ruby3.3 ruby3.2 ruby3.0 |
| Launchpad | 2146451 | Remove cert pinning for upcoming expiration | pollinate pollinate pollinate pollinate pollinate pollinate |
| CVE | CVE-2026-0394 | When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowe | dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot |
| CVE | CVE-2026-27859 | A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail | dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot |
| CVE | CVE-2026-27858 | Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can for | dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot |
| CVE | CVE-2026-27857 | Sending "NOOP (((...)))" command with 4000 parenthesis open+close results in ~1MB extra memory usage. Longer commands will result in client disconnec | dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot |
| CVE | CVE-2026-27856 | Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the conf | dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot |
| CVE | CVE-2026-27855 | Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, the | dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot |
| CVE | CVE-2026-27860 | If auth_username_chars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing | dovecot dovecot dovecot dovecot |
| CVE | CVE-2026-24031 | Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin. This vulnerability allows bypassing authentication for | dovecot dovecot dovecot dovecot |
| CVE | CVE-2025-59032 | ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, makin | dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot |
| CVE | CVE-2025-59031 | Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use speciall | dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot |
| CVE | CVE-2025-59028 | When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invali | dovecot dovecot dovecot dovecot |
| Launchpad | 2146026 | Jammy real-time patch set update: v5.15.201-rt93 | linux-nvidia-tegra |
| CVE | CVE-2026-32597 | PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit (Critical) Header Parameter defined in RFC 7515 | pyjwt pyjwt pyjwt pyjwt pyjwt pyjwt |
About
-
Send Feedback to @ubuntu_updates
