Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-12318 | Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | nss nss nss nss nss |
| CVE | CVE-2026-49271 | libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed | libheif libheif libheif libheif |
| CVE | CVE-2026-11824 | SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a cras | sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 |
| CVE | CVE-2026-11822 | SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, | sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 |
| Launchpad | 2147329 | [SRU] openvswitch 3.3.9 point release | openvswitch openvswitch |
| Launchpad | 2154006 | [SRU] openvswitch 2.17.12 point release | openvswitch openvswitch |
| Launchpad | 2154007 | [SRU] openvswitch 3.6.3 point release | openvswitch openvswitch |
| Launchpad | 2157880 | [SRU] libadwaita 1.9.1 | libadwaita-1 |
| Launchpad | 2156488 | [SRU][Resolute] volume control broken when AVRCP connects before AVDTP due to uninitialised target volume | bluez bluez |
| Launchpad | 2156411 | [SRU][Resolute] GATT cached db hash is not updating when adding services to existing connection | bluez bluez |
| Launchpad | 2152848 | GDM 50 incorrectly sets XDG_SESSION_TYPE=wayland for X11 user sessions, breaking Cinnamon and other X11-only desktops | gdm3 |
| Launchpad | 2157886 | [SRU] GDM 50.1 | gdm3 |
| Launchpad | 2157883 | [SRU] gnome-text-editor 50.1 | gnome-text-editor |
| Launchpad | 2157974 | [SRU] orca 50.2 | orca |
| Launchpad | 2157962 | [SRU] gnome-session 50.1 | gnome-session gnome-session |
| Launchpad | 2157622 | Apps in dash are marked as panels | gnome-shell gnome-shell |
| Launchpad | 2157996 | [SRU] papers 50.2 | papers |
| Launchpad | 2158377 | ext4: writeback causes kernel oops when low on space | linux |
| CVE | CVE-2026-5704 | A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fu | tar tar tar tar tar tar tar tar tar tar tar tar |
| Launchpad | 2157344 | systemd: TEST-70-TPM2 and TEST-86-MULTI-PROFILE-UKI timeout | systemd systemd |
About
-
Send Feedback to @ubuntu_updates
