UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2052599 Jammy update: v6.1.74 upstream stable release linux-oem-6.1
Launchpad 2052622 Jammy update: v6.1.75 upstream stable release linux-oem-6.1
Launchpad 2052623 Jammy update: v6.1.76 upstream stable release linux-oem-6.1
Launchpad 2052631 Jammy update: v6.1.77 upstream stable release linux-oem-6.1
Launchpad 2054541 Jammy update: v6.1.78 upstream stable release linux-oem-6.1
Launchpad 2054366 Fix backported kria device tree changes linux-xilinx-zynqmp
Launchpad 2054412 Jammy RISC-V nezha and licheerv (allwinner kernel) images failing to build due to no kernel found livecd-rootfs livecd-rootfs
CVE CVE-2023-52356 A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw a tiff tiff tiff tiff tiff tiff tiff tiff
CVE CVE-2023-6277 An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service vi tiff tiff tiff tiff tiff tiff tiff tiff
CVE CVE-2023-6228 An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer ove tiff tiff tiff tiff tiff tiff tiff tiff
CVE CVE-2023-50868 The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of se bind9 bind9 bind9 bind9
CVE CVE-2023-50387 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU bind9 bind9 bind9 bind9
CVE CVE-2023-6516 To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods bind9 bind9 bind9 bind9
CVE CVE-2023-5517 A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, bind9 bind9 bind9 bind9
CVE CVE-2023-4408 The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS bind9 bind9 bind9 bind9
CVE CVE-2023-42282 An issue in NPM IP Package v.1.1.8 and before allows an attacker to execute arbitrary code and obtain sensitive information via the isPublic() functi node-ip node-ip
Launchpad 2052469 Provide an arm64 linux-oracle 64k kernel variant linux-oracle-6.5 linux-meta-oracle linux-generate-oracle linux-meta-oracle-6.5 linux-generate-oracle-6.5 linux-restricted-modules-oracle linux-restricted-modules-oracle-6.5 linux-signed-oracle linux-signed-oracle-6.5
Launchpad 2052723 Azure: Enable CONFIG_TEST_LOCKUP linux-azure-6.5
Launchpad 2040465 New upstream microrelease 2.5.17 openldap openldap
Launchpad 2024325 [SRU] trac crashes while importing a library in Ubuntu 20.04 (ImportError: cannot import name 'soft_unicode' from 'jinja2.utils') trac



About   -   Send Feedback to @ubuntu_updates