Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-28861 | A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26. | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2026-28859 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, vis | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2026-28857 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2026-20691 | An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2026-20665 | This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26. | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2026-20664 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2026-20643 | A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| Launchpad | 2147340 | apply NVIDIA patches as of April 6, 2026 | linux-nvidia-tegra |
| CVE | CVE-2026-41205 | Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with / | mako mako mako mako mako mako mako mako |
| CVE | CVE-2026-6907 | An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. `dj ... | python-django |
| CVE | CVE-2026-35192 | An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Res ... | python-django |
| CVE | CVE-2026-5766 | An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASG ... | python-django |
| CVE | CVE-2026-27135 | nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incomi | nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 nghttp2 |
| Launchpad | 2150160 | Please build packages for questing, too | rustc-1.91 rustc-1.91 |
| CVE | CVE-2026-33748 | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insuf | docker.io-app docker.io-app docker.io-app docker.io-app docker.io-app docker.io-app |
| CVE | CVE-2026-33747 | BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when | docker.io-app docker.io-app docker.io-app docker.io-app docker.io-app docker.io-app |
| CVE | CVE-2026-5958 | When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function open_next_file() performs two separate, non-atomic filesystem op | sed sed sed sed sed sed sed sed |
| CVE | CVE-2026-40687 | In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes | exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 |
| CVE | CVE-2026-40686 | In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF- | exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 |
| CVE | CVE-2026-40685 | In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrus | exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 exim4 |
About
-
Send Feedback to @ubuntu_updates
