Bugs addressed in recent updates
Origin | Bug number | Title | Packages |
---|---|---|---|
CVE | CVE-2022-32205 | A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficient | curl curl |
Launchpad | 2118865 | libcurl outgoing Cookie header field size check is broken | curl curl |
CVE | CVE-2025-59800 | In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in | ghostscript ghostscript ghostscript ghostscript ghostscript ghostscript |
CVE | CVE-2025-59799 | Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. | ghostscript ghostscript ghostscript ghostscript ghostscript ghostscript |
CVE | CVE-2025-59798 | Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. | ghostscript ghostscript ghostscript ghostscript ghostscript ghostscript |
CVE | CVE-2025-7462 | A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the | ghostscript ghostscript ghostscript ghostscript ghostscript ghostscript |
Launchpad | 2125669 | [BPO] libreoffice 25.2.6 for jammy/noble | libreoffice libreoffice libreoffice libreoffice |
Launchpad | 2116763 | AArch64: Processor Name in GNOME System Info is blank | libgtop2 libgtop2 libgtop2 |
Launchpad | 2124984 | build.info is not present on ubuntu-base and ubuntu-oci Jammy images | livecd-rootfs |
Launchpad | 2120278 | Apparmor /dev/net/tun overflow | libvirt libvirt libvirt libvirt |
Launchpad | 2117467 | Multipath device's targets are not added to domain namespace/cgroup | libvirt libvirt libvirt libvirt libvirt libvirt |
Launchpad | 2089789 | malloc performance degradation with CPU affinity masks | glibc glibc |
Launchpad | 2124109 | DEP8 tests are failing for jammy | docker.io-app |
CVE | CVE-2025-9288 | Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11. | node-sha.js node-sha.js |
CVE | CVE-2025-58050 | The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerabi | pcre2 pcre2 pcre2 pcre2 |
CVE | CVE-2025-31177 | gnuplot is affected by a heap buffer overflow at function utf8_copy_one. | gnuplot gnuplot |
CVE | CVE-2025-31181 | A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash. | gnuplot gnuplot |
CVE | CVE-2025-31180 | A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash. | gnuplot gnuplot |
CVE | CVE-2025-31179 | A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash. | gnuplot gnuplot |
CVE | CVE-2025-31178 | A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash. | gnuplot gnuplot |
About
-
Send Feedback to @ubuntu_updates