UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2152830 Taint mismatch, Ustrncpy: string_is_ip_addressX 110 exim4 exim4
Launchpad 2155665 Removing package ubuntu-helper-virt-hwe breaks Apt qemu-hwe qemu-hwe
CVE CVE-2026-43513 Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0. tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-43512 DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 t tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-43515 Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affe tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-42498 Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-41293 Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 1 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
CVE CVE-2026-41284 Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10 tomcat9 tomcat10
Launchpad 2155241 [SRU] libreoffice 26.2.4 for resolute libreoffice libreoffice
CVE CVE-2026-9076 Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-7383 Issue summary: A signed integer overflow when sizing the destination b ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45447 Issue summary: A specially crafted PKCS#7 or S/MIME signed message cou ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45446 Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-S ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-45445 Issue summary: When an application drives an AES-OCB context through t ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42770 Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42769 Issue Summary: An error in the callback used to verify the certificate ... openssl openssl openssl openssl
CVE CVE-2026-42768 Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnera ... openssl openssl openssl openssl
CVE CVE-2026-42767 Issue summary: An attacker-controlled CMP (Certificate Management Prot ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42766 Issue summary: A specially crafted password-encrypted CMS message can ... openssl openssl openssl openssl openssl openssl openssl openssl
CVE CVE-2026-42764 Issue summary: Receiving a QUIC initial packet with an invalid token m ... openssl openssl openssl openssl



About   -   Send Feedback to @ubuntu_updates