Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-20217 | A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly othe | clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav |
| CVE | CVE-2026-20216 | A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affe | clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav |
| CVE | CVE-2026-20215 | A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other ex | clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav |
| CVE | CVE-2026-20214 | A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other e | clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav |
| CVE | CVE-2026-20213 | A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other ex | clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav clamav |
| CVE | CVE-2024-54661 | readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. | socat socat |
| CVE | CVE-2026-41992 | GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between diffe | gzip gzip gzip gzip gzip gzip gzip gzip gzip gzip |
| CVE | CVE-2026-41991 | GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the u | gzip gzip gzip gzip gzip gzip gzip gzip gzip gzip |
| CVE | CVE-2026-56123 | socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite ad | socat socat socat socat |
| CVE | CVE-2026-4224 | When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stac | python3.12 python3.12 python3.10 python3.10 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2026-3644 | The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling | python3.12 python3.12 python3.10 python3.10 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2026-2297 | The import hook in CPython that handles legacy *.pyc files (SourcelessFileLoader) is incorrectly handled in FileLoader (a base class) and so does not | python3.12 python3.12 python3.10 python3.10 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2026-1299 | The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allow | python3.12 python3.12 python3.10 python3.10 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2025-69534 | Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled Assert | python3.12 python3.12 python3.10 python3.10 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2025-13462 | The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE | python3.12 python3.12 python3.10 python3.10 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2026-9669 | bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same dec | python3.14 python3.14 python3.12 python3.12 python3.10 python3.10 python3.14 python3.14 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2026-8328 | The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv() was patched to replace server-supplied PASV ho | python3.14 python3.14 python3.12 python3.12 python3.10 python3.10 python3.14 python3.14 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2026-7774 | tarfile.data_filter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive me | python3.14 python3.14 python3.12 python3.12 python3.14 python3.14 python3.12 python3.12 |
| CVE | CVE-2026-6100 | Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when a memory allocation fails with a `M | python3.14 python3.14 python3.12 python3.12 python3.10 python3.10 python3.14 python3.14 python3.12 python3.12 python3.10 python3.10 |
| CVE | CVE-2026-6019 | http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML | python3.14 python3.14 python3.12 python3.12 python3.10 python3.10 python3.14 python3.14 python3.12 python3.12 python3.10 python3.10 |
About
-
Send Feedback to @ubuntu_updates