UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
CVE CVE-2024-7788 Improper Digital Signature InvalidationĀ  vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerabili libreoffice libreoffice libreoffice libreoffice libreoffice libreoffice libreoffice libreoffice
CVE CVE-2024-45751 tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the seq tgt tgt tgt tgt
Launchpad 2076432 [SRU] add debian/patches/install-missing-files.patch from upstream rally rally
Launchpad 1965563 GNOME apps crash with \ egl-wayland egl-wayland
Launchpad 2080616 [SRU] No change rebuild for MIR retry retry retry retry retry retry
Launchpad 2078473 Discovery of KRB5 ticket fails even if ticket is discoverable adsys adsys adsys adsys adsys adsys
Launchpad 2078247 rewrite from / to @ formats overwrites usernames adsys adsys adsys adsys adsys adsys
Launchpad 2078246 Ignore casing in domain/ section of sssd.conf adsys adsys adsys adsys adsys adsys
Launchpad 2078245 DCONF policy manager removes userdb on empty policy adsys adsys adsys adsys adsys adsys
CVE CVE-2024-44070 An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before t frr frr frr frr quagga frr frr frr frr quagga
CVE CVE-2024-34509 dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. dcmtk dcmtk
CVE CVE-2024-34508 dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message. dcmtk dcmtk
CVE CVE-2024-28130 An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially craft dcmtk dcmtk
CVE CVE-2022-43272 DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. dcmtk dcmtk
CVE CVE-2022-2121 OFFIS DCMTK's (All versions prior to 3.6.7) has a NULL pointer dereference vulnerability while processing DICOM files, which may result in a denial-o dcmtk dcmtk
CVE CVE-2021-41689 DCMTK through 3.6.6 does not handle string copy properly. Sending specific requests to the dcmqrdb program, it would query its database and copy the dcmtk dcmtk
CVE CVE-2021-41690 DCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST dcmtk dcmtk
CVE CVE-2021-41688 DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending dcmtk dcmtk
CVE CVE-2021-41687 DCMTK through 3.6.6 does not handle memory free properly. The program malloc a heap memory for parsing data, but does not free it when error in parsi dcmtk dcmtk
CVE CVE-2024-23185 Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. Howe dovecot dovecot dovecot dovecot dovecot dovecot dovecot dovecot



About   -   Send Feedback to @ubuntu_updates