Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-46448 | In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation. | nova nova nova nova nova nova |
| CVE | CVE-2026-40683 | In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the user_enabled_invert | keystone keystone keystone keystone keystone keystone |
| CVE | CVE-2026-44394 | An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's | keystone keystone keystone keystone keystone keystone keystone keystone |
| CVE | CVE-2026-43001 | An issue was discovered in OpenStack Keystone before 29.0.2. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-typ | keystone keystone keystone keystone keystone keystone keystone keystone |
| CVE | CVE-2026-43000 | An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker wi | keystone keystone keystone keystone keystone keystone keystone keystone |
| CVE | CVE-2026-42999 | An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforce_call unconditionally merges the raw JSON re | keystone keystone keystone keystone keystone keystone keystone keystone |
| CVE | CVE-2026-42998 | An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user | keystone keystone keystone keystone keystone keystone keystone keystone |
| CVE | CVE-2026-33551 | An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create | keystone keystone keystone keystone keystone keystone keystone keystone |
| Debian | 1063093 | ca-certificates: expired certificate: Security_Communication_Root_CA.crt | ca-certificates ca-certificates ca-certificates ca-certificates |
| CVE | CVE-2023-35789 | An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command lin | librabbitmq librabbitmq librabbitmq librabbitmq librabbitmq librabbitmq librabbitmq librabbitmq |
| Debian | 1121936 | Baltimore CyberTrust Root expired in May 2025; might be a source of confusion | ca-certificates ca-certificates ca-certificates ca-certificates ca-certificates ca-certificates |
| Launchpad | 2156786 | ca-certificates 20260601 update tracking bug | ca-certificates ca-certificates ca-certificates ca-certificates ca-certificates ca-certificates ca-certificates ca-certificates |
| CVE | CVE-2026-45700 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write whe | freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| Debian | 1139318 | cups-filters: parport_pc shouldn't be loaded on all systems | cups-filters |
| Launchpad | 2156340 | Do not handle parport_pc load in modules-load.conf | cups-filters |
| CVE | CVE-2026-33814 | When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE | adsys adsys adsys adsys adsys adsys adsys adsys adsys adsys adsys adsys adsys adsys |
| CVE | CVE-2026-27141 | Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic | adsys adsys adsys adsys |
| Launchpad | 2156339 | LibreOffice 24.2.7-0ubuntu0.24.04.5 crashes (heap corruption) when opening any ZIP-based document (ODF/OOXML) | cups cups cups cups cups cups cups cups |
| CVE | CVE-2026-11623 | A security vulnerability has been detected in tmux up to 3.6a. Affected is the function image_free of the file image.c. Such manipulation leads to us | tmux tmux |
| CVE | CVE-2026-40393 | In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an | mesa mesa mesa mesa mesa mesa mesa mesa mesa mesa mesa mesa |
About
-
Send Feedback to @ubuntu_updates
