Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2024-47516 | A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pa | pagure pagure pagure pagure |
| CVE | CVE-2024-47515 | A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This | pagure pagure pagure pagure |
| CVE | CVE-2024-4982 | A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could disco | pagure pagure pagure pagure |
| CVE | CVE-2024-4981 | A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentio | pagure pagure pagure pagure |
| CVE | CVE-2025-58438 | internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal (path traversal) vu | python-internetarchive python-internetarchive python-internetarchive python-internetarchive |
| Launchpad | 2139394 | python3-sysv-ipc leaks memory under python3 | python-sysv-ipc |
| Launchpad | 2129005 | tc class show dev change of behavior for values of burst and cburst | openvswitch openvswitch |
| Launchpad | 2137674 | [Azure] AMDv4 VMs may get no timer interrupts or suffer from timer interrupt storms | linux-azure-nvidia linux-azure-nvidia |
| Launchpad | 2138752 | azure: SAUCE: add a knob for serializing open/close operations on NFSv4.x | linux-azure-nvidia linux-azure-nvidia |
| Launchpad | 1920225 | ubuntu-drivers should not run unless user is root | ubuntu-drivers-common ubuntu-drivers-common ubuntu-drivers-common ubuntu-drivers-common |
| CVE | CVE-2022-24107 | Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. | texlive-bin texlive-bin texlive-bin texlive-bin |
| CVE | CVE-2022-24106 | In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leadin | texlive-bin texlive-bin texlive-bin texlive-bin |
| Launchpad | 2139290 | ftbfs due to c23 bool keyword | nss-pam-ldapd |
| Launchpad | 2008393 | armhf dep8 failure due to restrictions changing apparmor profile status | python-ldap nss-pam-ldapd python-ldap |
| Launchpad | 2130351 | openldap apparmor profile denies access to test files in /tmp/ | python-ldap nss-pam-ldapd python-ldap |
| Launchpad | 2104094 | [SRU] NV-CONTROL version is listed as Unknown using 570-open driver | nvidia-settings nvidia-settings nvidia-settings |
| Launchpad | 2132938 | Upstream fixes for failing tegra-tests cases | linux-nvidia-tegra |
| Launchpad | 2137496 | apply NVIDIA patches as of Jan 5, 2025 | linux-nvidia-tegra |
| CVE | CVE-2025-64329 | containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 t | containerd containerd-app containerd containerd containerd-app containerd-app containerd containerd-app |
| CVE | CVE-2024-25621 | containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta. | containerd containerd-app containerd containerd containerd-app containerd-app containerd containerd-app |
About
-
Send Feedback to @ubuntu_updates
