UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
CVE CVE-2024-20965 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0
CVE CVE-2024-20963 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0
CVE CVE-2024-20961 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0
Launchpad 1999075 autopkgtest fails for 8.0.31 on armhf mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0
Launchpad 2024276 MySQL 8.0 in Ubuntu ignores MTR test results, allowing faulty packages to users mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0
CVE CVE-2023-30577 AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerab amanda amanda amanda amanda amanda amanda
CVE CVE-2023-34194 StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted X tinyxml tinyxml tinyxml tinyxml
CVE CVE-2023-51766 Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique t exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4
CVE CVE-2023-43040 Improperly verified POST keys ceph ceph ceph ceph ceph ceph ceph ceph ceph ceph ceph ceph
Launchpad 2041325 Merge Debian changes into Ubuntu Rust 1.71 rustc rustc rustc rustc rustc rustc
Launchpad 2028420 Backport open-vm-tools 12.3.5 for jammy, lunar and mantic open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools
Launchpad 1875642 [SRU] FSVS - not able to commit changes to remote HTTP SVN repo fsvs fsvs fsvs fsvs fsvs fsvs
Launchpad 1811817 [SRU] weex crash/core dumps under Ubuntu 18.04 LTS. weex
Launchpad 2046184 [arm64] Increase max CPU count to 512 linux-oracle-6.5 linux-oracle-6.5 linux-oracle-5.15 linux-oracle-5.15 linux-oracle-5.15 linux-oracle-5.15
Launchpad 2051068 GUI crashed after installed proposed package libegl-mesa0 mesa mesa mesa mesa
CVE CVE-2020-28493 This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the `_punctuation_re regex` operator and its u jinja2 jinja2 jinja2 jinja2
CVE CVE-2024-22195 Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject jinja2 jinja2 jinja2 jinja2 jinja2 jinja2 jinja2 jinja2 jinja2 jinja2 jinja2 jinja2
CVE CVE-2022-47015 MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to derefere mariadb-10.6 mariadb-10.3 mariadb-10.6 mariadb-10.3
Launchpad 2045452 CVE-2022-47015 et al affects MariaDB in Ubuntu mariadb-10.6 mariadb-10.3 mariadb mariadb-10.6 mariadb-10.3 mariadb
CVE CVE-2024-21647 Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked puma puma puma puma



About   -   Send Feedback to @ubuntu_updates