Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2142854 | [BPO] libreoffice 25.8.5 for jammy/noble | libreoffice libreoffice libreoffice libreoffice |
| Launchpad | 2143997 | [BPO] sso-mib/0.7.0+ds-1 from resolute | sso-mib |
| Launchpad | 2143994 | [BPO] linux-entra-sso/1.8.0-1 from resolute | linux-entra-sso |
| Launchpad | 2143480 | Questing: Failed to query NVIDIA devices | linux-riscv linux linux-riscv-6.17 linux-hwe-6.17 linux-azure-nvidia-6.17 |
| Launchpad | 2143042 | exec_mailer: Set group as well as uid when running the mailer | sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo |
| CVE | CVE-2025-61985 | ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. | openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh |
| CVE | CVE-2025-61984 | ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code | openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh |
| CVE | CVE-2026-3497 | Vulnerability in the OpenSSH GSSAPI delta included in various Linux di ... | openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh openssh |
| CVE | CVE-2026-26007 | cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to 46.0.5, the public_key_from_numbers | python-cryptography python-cryptography python-cryptography python-cryptography python-cryptography python-cryptography |
| Launchpad | 2130487 | rabbitmq-server install fails when another package is using port 5672 | rabbitmq-server |
| CVE | CVE-2026-23865 | An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bo | freetype freetype freetype freetype freetype freetype freetype freetype |
| CVE | CVE-2026-3805 | When doing a second SMB request to the same host again, curl would wro ... | curl |
| CVE | CVE-2026-3784 | curl would wrongly reuse an existing HTTP proxy connection doing CONNE ... | curl curl curl |
| CVE | CVE-2026-3783 | When an OAuth2 bearer token is used for an HTTP(S) transfer, and that ... | curl curl curl |
| CVE | CVE-2026-1965 | libcurl can in some circumstances reuse the wrong connection when aske ... | curl curl curl |
| Launchpad | 2142446 | [SRU] The entire desktop session crashes when browsing/playing videos/scrolling in firefox | budgie-session budgie-session |
| Launchpad | 2139061 | [SRU] Add support for new Goodix device 27c6:66a9 | libfprint libfprint libfprint libfprint |
| Launchpad | 2143028 | [SRU] Add quirks support for Goodix touchpad | libinput libinput libinput libinput |
| CVE | CVE-2025-0167 | When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the follo | curl curl curl curl |
| CVE | CVE-2025-69662 | SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used | python-geopandas python-geopandas python-geopandas python-geopandas python-geopandas python-geopandas |
About
-
Send Feedback to @ubuntu_updates
