Bugs addressed in recent updates
Origin | Bug number | Title | Packages |
---|---|---|---|
Launchpad | 2112382 | [SRU] ubuntu-advantage-tools (35.1 -\u003e 36) Xenial, Bionic, Focal, Jammy, Noble, Oracular, Plucky | ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools ubuntu-advantage-tools |
Launchpad | 2100300 | gnome-calculator not doing currency conversion | gnome-calculator |
Launchpad | 2108976 | [SRU] Update gnome-calculator 46.3 | gnome-calculator |
Launchpad | 2102186 | wrong packet header size calculation | usbio-drivers usbio-drivers |
CVE | CVE-2024-39312 | Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of | botan botan |
CVE | CVE-2024-34703 | Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of | botan botan |
CVE | CVE-2024-34702 | Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of | botan botan |
CVE | CVE-2024-50383 | Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 (used i | botan botan |
CVE | CVE-2024-50382 | Botan before 3.6.0, when certain LLVM versions are used, has compiler-induced secret-dependent control flow in lib/utils/ghash/ghash.cpp in GHASH in | botan botan |
CVE | CVE-2025-31164 | heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline. | fig2dev fig2dev |
CVE | CVE-2025-31163 | Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function. | fig2dev fig2dev |
CVE | CVE-2025-31162 | Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function. | fig2dev fig2dev |
Launchpad | 2111952 | Remmina prompts for RDP credentials even when they are saved | remmina remmina remmina remmina remmina remmina remmina remmina |
Launchpad | 2100492 | rustc 1.82 required by firefox 137 and chromium 138 | rustc-1.82 rustc-1.82 rustc-1.82 rustc-1.82 rustc-1.82 rustc-1.82 |
Launchpad | 2099829 | libcanberra-gtk3-0t64 remains installed in oracular/plucky | libcanberra libcanberra |
CVE | CVE-2025-49113 | Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is n | roundcube roundcube roundcube roundcube roundcube roundcube |
CVE | CVE-2025-4517 | Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if | python3.13 python3.12 python3.12 python3.12 python3.13 python3.13 python3.13 python3.12 python3.13 python3.12 python3.12 python3.12 python3.12 python3.13 |
CVE | CVE-2025-4435 | When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extrac | python3.13 python3.12 python3.12 python3.12 python3.13 python3.13 python3.13 python3.12 python3.13 python3.12 python3.12 python3.12 python3.12 python3.13 |
CVE | CVE-2025-4330 | Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file me | python3.13 python3.12 python3.12 python3.12 python3.13 python3.13 python3.13 python3.12 python3.13 python3.12 python3.12 python3.12 python3.12 python3.13 |
CVE | CVE-2025-4138 | Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file me | python3.13 python3.12 python3.12 python3.12 python3.13 python3.13 python3.13 python3.12 python3.13 python3.12 python3.12 python3.12 python3.12 python3.13 |
About
-
Send Feedback to @ubuntu_updates