Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-42310 | Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to ha | pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow |
| CVE | CVE-2026-42309 | Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates | pillow pillow pillow pillow pillow pillow pillow pillow |
| CVE | CVE-2026-42308 | Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track | pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow pillow |
| CVE | CVE-2025-70103 | Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc. | jpeg-xl jpeg-xl jpeg-xl jpeg-xl jpeg-xl jpeg-xl jpeg-xl jpeg-xl |
| Launchpad | 2152101 | [SRU] Buffer overflow in _get_funcs | smbus2 |
| Launchpad | 2148367 | [SRU - Resolute] Background service collides with the first-time setup dialog | bazaar |
| Launchpad | 2080474 | [SRU] cannot install Ubuntu Server over a multipath disk used as an LVM PV | livecd-rootfs multipath-tools |
| Launchpad | 2147525 | [SRU] tc/tbf, tc/htb: Burst parameter capped at 4GB even though kernel can handle larger values | iproute2 iproute2 iproute2 iproute2 |
| Launchpad | 2151297 | App names are always in English | resources |
| Launchpad | 2152092 | sg_wr_mode rejects every --contents= and --cfile= argument with \ | sg3-utils |
| Launchpad | 2153023 | Rapid photo downloader's device detection does not work any more in 26.04 | rapid-photo-downloader |
| Launchpad | 2153123 | [SRU] localsearch-extractor-office fails to install: file conflict with tracker-extract on libextract-epub.so | localsearch localsearch |
| Launchpad | 2155045 | Mesa 26.0.8 bugfix release | mesa mesa |
| Launchpad | 2146560 | [FFe + SRU] edk2: Introduce FirmwareSecvarUpdater for MS 2023 CA rollout | edk2 edk2 edk2 edk2 virt-firmware edk2 edk2 |
| Launchpad | 2155270 | d/tests/secvar_update.py: GPL-3.0-only license incompatible with virt-firmware GPL-2.0-only | edk2-hwe edk2 edk2-hwe edk2 |
| Launchpad | 2153530 | libvirt: excessive memory allocation / OOM when physical_package_id is large | libvirt-hwe libvirt libvirt-hwe libvirt libvirt libvirt libvirt libvirt libvirt libvirt |
| CVE | CVE-2026-6843 | A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a nam | nano nano nano nano nano nano nano nano nano nano nano nano nano nano nano nano |
| CVE | CVE-2026-6842 | A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions (0777 instead | nano nano nano nano nano nano nano nano nano nano nano nano nano nano nano nano |
| Launchpad | 2154265 | Unattended-Upgrade will upgrade 6.17.0-1023-oem kernel without nvidia-driver | linux-restricted-signatures-oem-6.17 linux-restricted-modules-oem-6.17 linux-meta-oem-6.17 linux-restricted-signatures-oem-6.17 linux-restricted-modules-oem-6.17 linux-meta-oem-6.17 linux-restricted-modules-oem-7.0 linux-restricted-signatures-oem-7.0 linux-restricted-modules-oem-7.0 |
| CVE | CVE-2026-5090 | Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The html_filter function did not escape single quo | libtemplate-perl libtemplate-perl libtemplate-perl libtemplate-perl libtemplate-perl libtemplate-perl libtemplate-perl libtemplate-perl |
About
-
Send Feedback to @ubuntu_updates
