Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Debian | 1134612 | lomiri: Missing dependency on deviceinfo-tools | lomiri |
| Launchpad | 2125687 | Fail to upgrade from plucky to questing in a basic Ubuntu | ubuntu-release-upgrader ubuntu-release-upgrader |
| Launchpad | 2149762 | Revert \ | linux |
| Launchpad | 2149766 | Linux kernel 6.17.0-22.22 breaks amdxdna | linux linux |
| Launchpad | 2149788 | Changing system language sets an incomplete configuration | gnome-control-center accountsservice accountsservice gnome-control-center |
| Launchpad | 2149829 | Autostart setting is disabled on non-sandboxed app | gnome-control-center gnome-control-center |
| Launchpad | 2147661 | [SRU R/Q/N] Wi-Fi password dialog does not appear via quicksettings connections on post-login lock screen | gnome-shell gnome-shell gnome-shell gnome-shell |
| Launchpad | 2147595 | [SRU] Prefer Wayland on HP AMD+NVIDIA platform | gdm3 gdm3 |
| Launchpad | 2146768 | Avoid 10-second timeout on platforms where GPU is not advertised as VGA class | gdm3 gdm3 gdm3 |
| Debian | 1131167 | libgtsam-dev: Missing dependencies on libboost-dev and libtbb-dev | gtsam |
| CVE | CVE-2026-5778 | Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS recor | wolfssl wolfssl |
| CVE | CVE-2026-5772 | A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT_MOS | wolfssl wolfssl |
| CVE | CVE-2026-5507 | When restoring a session from cache, a pointer from the serialized session data is used in a free operation without validation. An attacker who can p | wolfssl wolfssl |
| CVE | CVE-2026-5504 | A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with | wolfssl wolfssl |
| CVE | CVE-2026-5503 | In TLSX_EchChangeSNI, the ctx->extensions branch set extensions unconditionally even when TLSX_Find returned NULL. This caused TLSX_UseSNI to attach | wolfssl wolfssl |
| CVE | CVE-2026-5501 | wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker | wolfssl wolfssl |
| CVE | CVE-2026-5500 | wolfSSL's wc_PKCS7_DecodeAuthEnvelopedData() does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. | wolfssl wolfssl |
| CVE | CVE-2026-5479 | In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails t | wolfssl wolfssl |
| CVE | CVE-2026-5477 | An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wc_CmacUpdate used theĀ gua | wolfssl wolfssl |
| CVE | CVE-2026-5466 | wolfSSL's ECCSI signature verifier `wc_VerifyEccsiHash` decodes the `r` and `s` scalars from the signature blob via `mp_read_unsigned_bin` with no ch | wolfssl wolfssl |
About
-
Send Feedback to @ubuntu_updates
