Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2025-31176 | A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash. | gnuplot gnuplot |
| CVE | CVE-2025-3359 | A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment. | gnuplot gnuplot |
| Launchpad | 2125423 | python-eventlet FTBFS due test failing | python-eventlet python-eventlet |
| Launchpad | 2123902 | Regression in %m Variable Substitution: IP instead of name | samba samba |
| CVE | CVE-2025-58068 | Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due | python-eventlet python-eventlet python-eventlet python-eventlet python-eventlet python-eventlet |
| Launchpad | 2122382 | [SRU] Improve audio profiles compatibility | bluez bluez bluez bluez |
| CVE | CVE-2025-50200 | RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. | rabbitmq-server rabbitmq-server |
| CVE | CVE-2023-32681 | Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an | python-pip python-pip |
| Launchpad | 2031880 | CVE-2023-32681 - python-pip fix is improper | python-pip python-pip |
| CVE | CVE-2023-45803 | urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response us | python-pip python-pip |
| Launchpad | 2078906 | Prevent race condition when printing Inode in ll_sync_inode | ceph ceph ceph ceph |
| Launchpad | 2100625 | [SRU] ceph 17.2.9 | ceph ceph ceph ceph |
| Launchpad | 2125338 | [SRU] Cannot fetch files from MAAS stream on autopkgtest runner | ubuntu-boot-test ubuntu-boot-test ubuntu-boot-test ubuntu-boot-test |
| Launchpad | 2123887 | [SRU] Backport nullboot automated testing to Noble and Jammy | ubuntu-boot-test ubuntu-boot-test |
| Launchpad | 2121264 | udev rules reference `/usr/sbin/mdevctl` but binary is installed in `/usr/bin` on Ubuntu 24.04 | mdevctl mdevctl |
| CVE | CVE-2025-22095 | In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regula | linux linux linux-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-38240 | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr The function | linux linux linux-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-22090 | In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track | linux linux linux-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-22083 | In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint If vhost_ | linux linux linux-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
| CVE | CVE-2025-22080 | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Prevent integer overflow in hdr_first_de() The "de_off" and "used" va | linux linux linux-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 |
About
-
Send Feedback to @ubuntu_updates
