UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2147396 AMD Ryzen did not response after system enter suspend linux-firmware-amd-graphics
CVE CVE-2026-11526 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle. GD::Ima libgd-perl libgd-perl libgd-perl libgd-perl libgd-perl libgd-perl libgd-perl libgd-perl
CVE CVE-2026-8632 A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalati hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip
CVE CVE-2026-8631 A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalati hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip hplip
CVE CVE-2026-41401 libyang before 5.2.6 contains a heap use-after-free write vulnerability in lyd_parser_set_data_flags that incorrectly updates metadata list pointers libyang libyang libyang libyang libyang libyang libyang libyang
CVE CVE-2026-12318 Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152. nss nss nss nss nss nss nss nss nss nss
CVE CVE-2026-49271 libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed libheif libheif libheif libheif
CVE CVE-2026-11824 SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a cras sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3
CVE CVE-2026-11822 SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3 sqlite3
Launchpad 2147329 [SRU] openvswitch 3.3.9 point release openvswitch openvswitch
Launchpad 2154006 [SRU] openvswitch 2.17.12 point release openvswitch openvswitch
Launchpad 2154007 [SRU] openvswitch 3.6.3 point release openvswitch openvswitch
Launchpad 2157880 [SRU] libadwaita 1.9.1 libadwaita-1
Launchpad 2156488 [SRU][Resolute] volume control broken when AVRCP connects before AVDTP due to uninitialised target volume bluez bluez bluez bluez
Launchpad 2156411 [SRU][Resolute] GATT cached db hash is not updating when adding services to existing connection bluez bluez bluez bluez
Launchpad 2152848 GDM 50 incorrectly sets XDG_SESSION_TYPE=wayland for X11 user sessions, breaking Cinnamon and other X11-only desktops gdm3
Launchpad 2157886 [SRU] GDM 50.1 gdm3
Launchpad 2157883 [SRU] gnome-text-editor 50.1 gnome-text-editor
Launchpad 2157974 [SRU] orca 50.2 orca orca
Launchpad 2157962 [SRU] gnome-session 50.1 gnome-session gnome-session



About   -   Send Feedback to @ubuntu_updates