Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2124206 | apparmor socketpair regression test needs fixing | apparmor apparmor |
| Launchpad | 2142792 | The busybox and nautilus profiles in 24.04 should be removed | apparmor apparmor |
| Launchpad | 2143863 | [SRU] AppArmor bugfixes for Noble | apparmor apparmor |
| CVE | CVE-2026-3591 | A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass | bind9 bind9 |
| CVE | CVE-2026-3119 | Authenticated query containing a TKEY record may cause named to terminate unexpectedly | bind9 bind9 |
| CVE | CVE-2026-3104 | Memory leak in code preparing DNSSEC proofs of non-existence | bind9 bind9 |
| CVE | CVE-2026-1519 | Excessive NSEC3 iterations cause high CPU load during insecure delegation validation | bind9 bind9 bind9 bind9 bind9 bind9 bind9 bind9 bind9 bind9 |
| Launchpad | 2141721 | CVE-2025-32023: Redis allows out of bounds writes in hyperloglog commands leading to RCE | redis redis |
| CVE | CVE-2026-29111 | systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. | systemd systemd systemd systemd systemd systemd |
| CVE | CVE-2026-25075 | strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote att | strongswan strongswan strongswan strongswan strongswan strongswan |
| CVE | CVE-2026-28296 | A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file pat | gvfs gvfs gvfs gvfs gvfs gvfs |
| CVE | CVE-2026-28295 | A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its | gvfs gvfs gvfs gvfs gvfs gvfs |
| CVE | CVE-2026-27459 | pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set | pyopenssl pyopenssl pyopenssl pyopenssl |
| CVE | CVE-2026-27448 | pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set | pyopenssl pyopenssl pyopenssl pyopenssl pyopenssl pyopenssl |
| CVE | CVE-2025-61144 | libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. | tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff |
| CVE | CVE-2025-61143 | libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. | tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff |
| Launchpad | 2144556 | php8.3-fpm: SIGSEGV upon fpm_get_status() | php8.3 php8.3 |
| Launchpad | 2141329 | Include Intel WCL support | thermald thermald |
| Launchpad | 2143688 | Can't update Dell K2 dock TBT5 NVM through cab file | fwupd fwupd fwupd fwupd |
| Launchpad | 2144889 | Regression in 3.5.1+dfsg1-0ubuntu1.4: Remmina crashes with \ | freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 |
About
-
Send Feedback to @ubuntu_updates
