Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2156327 | [SRU] Add quirks support for Elan touchpad 04F3:3355 | libinput libinput libinput libinput libinput libinput |
| Launchpad | 2156191 | [SRU] kwin_wayland does not use the NVIDIA GPU on Wayland when prime-select is set to nvidia | plasma-optimus |
| CVE | CVE-2026-8450 | HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open( | libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl libhttp-daemon-perl |
| Launchpad | 2152830 | Taint mismatch, Ustrncpy: string_is_ip_addressX 110 | exim4 exim4 exim4 exim4 |
| Launchpad | 2155665 | Removing package ubuntu-helper-virt-hwe breaks Apt | qemu-hwe qemu-hwe |
| CVE | CVE-2026-43513 | Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0. | tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 |
| CVE | CVE-2026-43512 | DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 t | tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 |
| CVE | CVE-2026-43515 | Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affe | tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 |
| CVE | CVE-2026-42498 | Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache | tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 |
| CVE | CVE-2026-41293 | Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 1 | tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 |
| CVE | CVE-2026-41284 | Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2 | tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 |
| Launchpad | 2155241 | [SRU] libreoffice 26.2.4 for resolute | libreoffice libreoffice |
| CVE | CVE-2026-9076 | Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key ... | openssl openssl openssl openssl openssl openssl openssl openssl |
| CVE | CVE-2026-7383 | Issue summary: A signed integer overflow when sizing the destination b ... | openssl openssl openssl openssl openssl openssl openssl openssl |
| CVE | CVE-2026-45447 | Issue summary: A specially crafted PKCS#7 or S/MIME signed message cou ... | openssl openssl openssl openssl openssl openssl openssl openssl |
| CVE | CVE-2026-45446 | Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-S ... | openssl openssl openssl openssl openssl openssl openssl openssl |
| CVE | CVE-2026-45445 | Issue summary: When an application drives an AES-OCB context through t ... | openssl openssl openssl openssl openssl openssl openssl openssl |
| CVE | CVE-2026-42770 | Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X ... | openssl openssl openssl openssl openssl openssl openssl openssl |
| CVE | CVE-2026-42769 | Issue Summary: An error in the callback used to verify the certificate ... | openssl openssl openssl openssl |
| CVE | CVE-2026-42768 | Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnera ... | openssl openssl openssl openssl |
About
-
Send Feedback to @ubuntu_updates
