Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2025-47806 | In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash. | gst-plugins-base1.0 gst-plugins-base1.0 gst-plugins-base1.0 gst-plugins-base1.0 gst-plugins-base1.0 gst-plugins-base1.0 |
| CVE | CVE-2025-47219 | In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possib | gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 |
| CVE | CVE-2025-47183 | In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leadin | gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 gst-plugins-good1.0 |
| Launchpad | 2089080 | [MIR][noble] oem-somerville-delcatty-meta | oem-somerville-delcatty-meta oem-somerville-delcatty-meta |
| Launchpad | 2090856 | [MIR][noble] oem-somerville-jellicent-meta | oem-somerville-jellicent-meta |
| Launchpad | 2102066 | [MIR][noble] oem-somerville-seaking-meta | oem-somerville-seaking-meta |
| Launchpad | 2089087 | [MIR][noble] oem-somerville-tauros-meta | oem-somerville-tauros-meta |
| Launchpad | 2090857 | [MIR][noble] oem-somerville-torracat-meta | oem-somerville-torracat-meta |
| Launchpad | 2100398 | [MIR][noble] oem-somerville-tynamo-meta | oem-somerville-tynamo-meta |
| Launchpad | 2089090 | [MIR][noble] oem-somerville-tyrogue-meta | oem-somerville-tyrogue-meta |
| Launchpad | 2089675 | [MIR][noble] oem-somerville-woobat-meta | oem-somerville-woobat-meta |
| Launchpad | 2089091 | [MIR][noble] oem-somerville-wooper-meta | oem-somerville-wooper-meta |
| Launchpad | 2101008 | [MIR][noble] oem-stella-mejina-meta | oem-stella-mejina-meta |
| Launchpad | 2089551 | [MIR][noble] oem-stella-moa-meta | oem-stella-moa-meta |
| CVE | CVE-2025-53859 | NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMT | nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx nginx |
| CVE | CVE-2025-27151 | Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exi | valkey valkey |
| CVE | CVE-2025-48367 | Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to cl | valkey valkey valkey valkey |
| CVE | CVE-2025-32023 | Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use | valkey valkey valkey valkey |
| CVE | CVE-2025-21605 | Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can caus | valkey valkey valkey valkey |
| Launchpad | 2115258 | Update Valkey to 7.2.10 in noble, 8.0.4 in plucky, and 8.1.3 in questing | valkey valkey valkey valkey |
About
-
Send Feedback to @ubuntu_updates
