UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2077729 x86/vmware: Add TDX hypercall support linux linux-hwe-6.8 linux linux-oracle-6.8 linux-aws-6.8 linux-aws-6.8 linux-oracle-6.8 linux-hwe-6.8
Launchpad 2078834 power: Enable intel_rapl driver linux linux-hwe-6.8 linux linux-oracle-6.8 linux-aws-6.8 linux-aws-6.8 linux-oracle-6.8 linux-hwe-6.8
Launchpad 2077470 [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel CPUs linux linux-hwe-6.8 linux linux-oracle-6.8 linux-aws-6.8 linux-aws-6.8 linux-oracle-6.8 linux-hwe-6.8
Launchpad 2076024 SRU: build with -fno-omit-frame-pointer binutils binutils
Launchpad 2082044 New usptream release 550.120 nvidia-graphics-drivers-550 nvidia-graphics-drivers-550 nvidia-graphics-drivers-550
Launchpad 2081124 systemd service dependency loop between cloud-init, NetworkManager and dbus cloud-init cloud-init
Launchpad 1934937 [SRU] Heartbeat in pthreads in nova-wallaby crashes with greenlet error python-oslo.messaging python-oslo.messaging
CVE CVE-2023-26112 All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.*)\). configobj configobj configobj configobj
Launchpad 2080191 [BPO] libreoffice 24.2.6 for jammy libreoffice libreoffice
CVE CVE-2023-49582 Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, pot apr apr apr apr apr apr
CVE CVE-2023-39327 A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on openjpeg2 openjpeg2 openjpeg2 openjpeg2 openjpeg2 openjpeg2 openjpeg2 openjpeg2 openjpeg2 openjpeg2 openjpeg2 openjpeg2
CVE CVE-2023-27530 A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an at ruby-rack ruby-rack
CVE CVE-2022-44572 A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an attacker t ruby-rack ruby-rack
CVE CVE-2022-44571 There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This coul ruby-rack ruby-rack
CVE CVE-2022-44570 A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsin ruby-rack ruby-rack
CVE CVE-2022-30123 A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and Common ruby-rack ruby-rack
CVE CVE-2022-30122 A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack. ruby-rack ruby-rack
Launchpad 2078711 Outstanding CVEs in ruby-rack ruby-rack ruby-rack
Launchpad 2081875 Update to 20240203 bundle ca-certificates ca-certificates ca-certificates ca-certificates
CVE CVE-2023-46589 Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 thro tomcat9 tomcat9 tomcat9 tomcat9



About   -   Send Feedback to @ubuntu_updates