Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2127205 | pkcs11-tool is sending null sha-1 digest to Openssl on FIPS enabled ubuntu 24.04 | opensc |
| Launchpad | 2125203 | wpa_supplicant does not specify disconnection reason, which prevents NetworkManager from displaying password re-entry prompt on auth failure | wpa wpa wpa wpa |
| Launchpad | 2141778 | Change of ABI in 6.8.0 kernel breaks some OTT modules | linux |
| CVE | CVE-2026-25646 | LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to | libpng1.6 libpng1.6 libpng1.6 libpng1.6 libpng1.6 libpng1.6 |
| CVE | CVE-2026-25506 | MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vul | munge munge munge munge munge munge |
| CVE | CVE-2026-1642 | A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a ma | nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx |
| CVE | CVE-2025-30187 | In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to | dnsdist dnsdist |
| CVE | CVE-2025-8671 | A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implement | dnsdist dnsdist |
| CVE | CVE-2026-26081 | BUG/MAJOR: quic: reject invalid token | haproxy haproxy haproxy haproxy |
| CVE | CVE-2025-11678 | Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilati | libwebsockets libwebsockets |
| CVE | CVE-2025-11677 | Use After Free in WebSocket server implementation in lws_handshake_server in warmcat libwebsockets may allow an attacker, in specific configurations | libwebsockets libwebsockets |
| CVE | CVE-2026-21218 | Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network. | dotnet9 dotnet10 dotnet8 dotnet8 dotnet9 dotnet10 dotnet8 dotnet8 |
| CVE | CVE-2026-25210 | In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for t | expat expat expat expat expat expat expat expat |
| CVE | CVE-2026-24515 | In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data. | expat expat expat expat expat expat expat expat |
| CVE | CVE-2025-59375 | libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. | expat expat expat expat |
| Launchpad | 2137664 | Noble update: upstream stable patchset 2026-01-07 | linux linux linux-hwe-6.8 |
| Launchpad | 2141314 | xhci_find_slot_id_by_port kernel panic on boot on arm64 | linux linux linux-hwe-6.8 |
| Launchpad | 2140984 | GTK4 failing tests on s390x with newer mesa | gtk4 gtk4 |
| Launchpad | 2085698 | Gesture in file chooser are not added, leading an huge Memory leak | gtk4 gtk4 |
| Launchpad | 2138276 | [noble:linux-xilinx] Disable cpu governor in ubuntu-xilinx kernel | linux-xilinx |
About
-
Send Feedback to @ubuntu_updates
