UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2100570 [SRU] upload euslisp/jskeus to Ubuntu/Noble euslisp
Launchpad 2122609 Hardcoded MAX_RESTART_COUNT in unbound 1.13.1 blocks dns resolution of long cname chains unbound unbound unbound unbound
CVE CVE-2025-41244 VMware Aria Operations and VMware Tools contain a local privilege esca ... open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools open-vm-tools
CVE CVE-2025-59830 Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its params_limit only for parameters separated by &, ruby-rack ruby-rack ruby-rack ruby-rack
Launchpad 2125904 [SRU] borgbackup in jammy might loose backup in some corner cases borgbackup borgbackup
CVE CVE-2025-9900 A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF imag tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff
CVE CVE-2025-9165 A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tif tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff
CVE CVE-2025-8961 A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulat tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff tiff
CVE CVE-2022-32205 A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficient curl curl
Launchpad 2118865 libcurl outgoing Cookie header field size check is broken curl curl
CVE CVE-2025-59800 In Artifex Ghostscript through 10.05.1, ocr_begin_page in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ghostscript ghostscript ghostscript ghostscript ghostscript ghostscript
CVE CVE-2025-59799 Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. ghostscript ghostscript ghostscript ghostscript ghostscript ghostscript
CVE CVE-2025-59798 Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. ghostscript ghostscript ghostscript ghostscript ghostscript ghostscript
CVE CVE-2025-7462 A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the ghostscript ghostscript ghostscript ghostscript ghostscript ghostscript
Launchpad 2125669 [BPO] libreoffice 25.2.6 for jammy/noble libreoffice libreoffice libreoffice libreoffice
Launchpad 2116763 AArch64: Processor Name in GNOME System Info is blank libgtop2 libgtop2 libgtop2 libgtop2 libgtop2 libgtop2
Launchpad 2124984 build.info is not present on ubuntu-base and ubuntu-oci Jammy images livecd-rootfs
Launchpad 2120278 Apparmor /dev/net/tun overflow libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt
Launchpad 2117467 Multipath device's targets are not added to domain namespace/cgroup libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt
Launchpad 2089789 malloc performance degradation with CPU affinity masks glibc glibc



About   -   Send Feedback to @ubuntu_updates