Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2023-53154 | parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called. | cjson cjson |
| CVE | CVE-2023-26819 | cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,99999999999999999999999999999999999999999999 | cjson cjson |
| CVE | CVE-2025-57052 | cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers t | cjson cjson cjson cjson |
| Launchpad | 2138326 | [SRU] New upstream microrelease .NET 8.0.123/8.0.23 | dotnet8 dotnet8 dotnet8 |
| Launchpad | 2130304 | Context menu options often don't work the first time they're pressed | gtk4 gtk4 |
| Debian | 1011294 | libabsl-dev: spurious -Wl flag in some pkg-config entries | abseil |
| Launchpad | 2004577 | [SRU] Issue with libabsl-dev | abseil |
| Launchpad | 2130203 | Migrate oem-6.{8|11|14} to oem-6.17 | linux-restricted-modules-oem-6.17 linux-meta-oem-6.17 linux-restricted-signatures-oem-6.17 |
| CVE | CVE-2026-23490 | pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed | pyasn1 pyasn1 pyasn1 pyasn1 pyasn1 pyasn1 pyasn1 pyasn1 |
| CVE | CVE-2026-0992 | A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeat | libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 |
| CVE | CVE-2026-0990 | A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an | libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 |
| CVE | CVE-2026-0989 | A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on | libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 |
| CVE | CVE-2025-8732 | A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog o | libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 |
| Launchpad | 2134505 | [SRU] New upstream microrelease .NET 10.0.101/10.0.1 | dotnet10 dotnet10 |
| Launchpad | 2089076 | [MIR][noble] oem-somerville-aurorus-meta | oem-somerville-aurorus-meta |
| Launchpad | 2089548 | [MIR][noble] oem-somerville-remoraid-meta | oem-somerville-remoraid-meta |
| Launchpad | 2089109 | [MIR][noble] oem-sutton-dana-meta | oem-sutton-dana-meta |
| Launchpad | 2089110 | [MIR][noble] oem-sutton-danby-meta | oem-sutton-danby-meta |
| Launchpad | 2089554 | [MIR][noble] oem-sutton-danilo-meta | oem-sutton-danilo-meta |
| Launchpad | 2110268 | [MIR][noble] oem-sutton-darrell-meta | oem-sutton-darrell-meta |
About
-
Send Feedback to @ubuntu_updates
