UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2145785 portblock does not work due to iptables changes resource-agents resource-agents
Launchpad 2156047 [SRU] Terminal profile is out of sync with the Desktop theme wsl-setup wsl-setup
Launchpad 2145790 ocf:heartbeat:nfsserver resource's stop operation fails due to /var/lib/nfs filesystem failing to unmount resource-agents resource-agents resource-agents resource-agents
CVE CVE-2025-10263 Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Corte linux-azure-nvidia linux-azure-nvidia
Launchpad 2156472 net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer linux-azure-nvidia linux-azure-nvidia
Launchpad 2155222 [hyperv] Ensure MMIO Mapping is Correct for Kexec / kdump kernel on Azure v6 Instance Types linux-azure-nvidia linux-azure-nvidia
Launchpad 2155434 net: mana: Avoid queue struct allocation failure under memory fragmentation linux-azure-nvidia linux-azure-nvidia
Launchpad 2156920 Fix MANA RX queue creation/error-cleanup path issues when RXQ initialization fails partway through linux-azure-nvidia linux-azure-nvidia
Launchpad 2157545 azure: backport \ linux-azure-nvidia linux-azure-nvidia
Launchpad 2158920 noble-stable-2026-06-16 dropped a bracket causing FTBFS linux-azure-nvidia linux-azure-nvidia
CVE CVE-2026-5773 libcurl might in some circumstances reuse the wrong connection for SMB(S) transfers. libcurl features a pool of recent connections so that subsequen curl curl curl curl
CVE CVE-2026-12064 When a user invokes curl using a schemeless URL combined with `--proto-default` sftp (or scp), a disconnect occurs between the tool layer and libcurl curl curl curl curl
CVE CVE-2026-11586 By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a curl curl
CVE CVE-2026-11564 libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle th curl curl
CVE CVE-2026-11352 An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. curl curl
CVE CVE-2026-10536 A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via `CURLOPT_STREAM_DEPENDS` or `CUR curl curl curl curl curl curl
Launchpad 2158262 Please drop pollinate from the default installed set in ubuntu server ubuntu-meta
CVE CVE-2026-24660 A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b. A specially crafted malicious file libraw libraw libraw libraw libraw libraw libraw libraw libraw libraw libraw libraw
CVE CVE-2026-24450 An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious fi libraw libraw libraw libraw libraw libraw libraw libraw
CVE CVE-2026-21413 A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit 0b56545 and Commit d20315b. A speciall libraw libraw libraw libraw libraw libraw libraw libraw libraw libraw libraw libraw



About   -   Send Feedback to @ubuntu_updates