Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2115536 | [SRU] Allow building WSL images of Focal in the new format | livecd-rootfs ubuntu-meta |
| Launchpad | 2136341 | [SRU] Include wsl-pro-service into wsl-recommends | ubuntu-meta |
| Launchpad | 2108997 | [SRU] GDB: Internal binutils code requires updates made for IBM z17 in binutils already | binutils binutils |
| Launchpad | 2138617 | [SRU Exception] refresh mirrors list | python-apt python-apt |
| Launchpad | 2138637 | [SRU Exception] Update ubuntu-release-upgrader data for 24.04.4 | ubuntu-release-upgrader ubuntu-release-upgrader |
| Launchpad | 2138403 | 2025.10.07 new upstream release | wireless-regdb wireless-regdb wireless-regdb wireless-regdb wireless-regdb |
| Launchpad | 2136109 | [SRU] django-tastypie: tastypie is completely broken against Django 4+ | django-tastypie django-tastypie |
| Launchpad | 2130313 | [SRU] cs42l43 and cs35l56 audio failed to work on questing | alsa-ucm-conf |
| CVE | CVE-2025-66200 | mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in hta | apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 |
| CVE | CVE-2025-65082 | Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache co | apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 |
| CVE | CVE-2025-58098 | Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to | apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 |
| CVE | CVE-2025-55753 | An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the bac | apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 |
| Launchpad | 2117112 | 421 Misdirected Request: apache2 regression | apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 apache2 |
| Launchpad | 2138420 | backport of CVE-2026-21441 results in broken package | python-urllib3 python-urllib3 |
| CVE | CVE-2025-68471 | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can | avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi |
| CVE | CVE-2025-68468 | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can | avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi |
| CVE | CVE-2025-68276 | Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged | avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi avahi |
| Launchpad | 2138316 | Backport rustc-1.89 to Noble | rustc-1.89 rustc-1.89 |
| Launchpad | 2130973 | Sudo-rs panics executing shell script without execute permission | rust-sudo-rs |
| Launchpad | 2130471 | package tzdata 2025b-3ubuntu1 failed to install/upgrade due to invalid date parsing in postinst | tzdata tzdata |
About
-
Send Feedback to @ubuntu_updates
