Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2023-42843 | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2023-42956 | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing we | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2023-42950 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchO | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2024-23284 | A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17 | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2024-23280 | An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 1 | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2024-23263 | A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, wa | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2024-23254 | The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watch | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| CVE | CVE-2024-2496 | A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host inter | libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt |
| CVE | CVE-2024-2494 | A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length c | libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt |
| CVE | CVE-2024-1441 | An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `nam | libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt libvirt |
| CVE | CVE-2024-2201 | Native Branch History Injection | linux linux linux-hwe-5.15 linux linux-oem-6.5 linux-azure-5.15 linux-aws-5.15 linux-lowlatency-hwe-5.15 linux-gcp-5.15 linux-azure-6.5 linux-ibm-5.15 linux-hwe-6.5 linux-oracle-5.15 linux-gcp-6.5 linux-riscv-5.15 linux linux-intel-iotg-5.15 linux-oem-6.5 linux-gcp-6.5 linux-azure-6.5 linux-oracle-5.15 linux-hwe-5.15 linux-gcp-5.15 linux-aws-5.15 linux-ibm-5.15 linux-laptop linux-azure-5.15 linux-oracle-6.5 linux-lowlatency-hwe-6.5 linux-aws-6.5 linux-intel-iotg-5.15 linux-riscv linux-starfive linux-xilinx-zynqmp linux-starfive linux-laptop linux-lowlatency-hwe-5.15 linux-riscv-6.5 linux-starfive-6.5 linux-hwe-6.5 linux-aws-6.5 linux-xilinx-zynqmp linux-riscv-5.15 linux linux-riscv-5.15 linux-lowlatency-hwe-5.15 linux-oracle-5.15 linux-gcp-5.15 linux-ibm-5.15 linux-azure-5.15 linux linux-riscv-5.15 linux-lowlatency-hwe-5.15 linux-oracle-5.15 linux-gcp-5.15 linux-ibm-5.15 linux-azure-5.15 |
| CVE | CVE-2024-27285 | YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) a | yard yard yard yard |
| Launchpad | 2061121 | Mantic preseeding of LXD using incorrect track/channel | livecd-rootfs |
| Launchpad | 2051380 | Expired certificate used for tests causes failures | ruby3.1 ruby3.0 ruby3.1 ruby3.0 |
| Launchpad | 2055241 | Update on-chip oscillator clock nodes for Kria | linux-xilinx-zynqmp linux-xilinx-zynqmp |
| Launchpad | 2058321 | Unsupported platform 'ZynqMP KV260 revB | linux-xilinx-zynqmp linux-xilinx-zynqmp |
| Launchpad | 2058707 | Backport AXI 1-wire host driver | linux-xilinx-zynqmp linux-xilinx-zynqmp |
| Launchpad | 2056100 | sru cloud-init 23.4.4 to 24.1.3 | cloud-init cloud-init cloud-init cloud-init |
| CVE | CVE-2022-29599 | In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing she | maven-shared-utils maven-shared-utils maven-shared-utils maven-shared-utils |
| Launchpad | 2060906 | attempt to add opensc using modutil suddenly fails | nss nss nss nss nss nss nss nss |
About
-
Send Feedback to @ubuntu_updates
