Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2024-20926 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Sup | openjdk-8 openjdk-8 openjdk-8 openjdk-8 openjdk-8 openjdk-8 |
| Launchpad | 2057699 | [SRU] New upstream microrelease .NET 6.0.28 and SDK 6.0.128 | dotnet6 dotnet6 |
| Launchpad | 2029314 | [SRU] Hexchat crashes whenever I click on a specific link in a channel | hexchat hexchat |
| Launchpad | 2051895 | Lenovo XT99 BT headset can't work in HFP profile | pulseaudio pulseaudio pulseaudio pulseaudio pulseaudio pulseaudio pulseaudio pulseaudio |
| Launchpad | 2056769 | [jammy/mantic] ftbfs due to build-time incompatibility with updated openvswitch | ovn ovn ovn ovn ovn ovn ovn ovn |
| CVE | CVE-2019-18604 | In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled. | texlive-bin texlive-bin texlive-bin texlive-bin |
| CVE | CVE-2023-32668 | LuaTeX before 1.17.0 allows a document (compiled with the default settings) to make arbitrary network requests. This occurs because full access to th | texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin |
| CVE | CVE-2024-25262 | texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to | texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin |
| Launchpad | 2047912 | There is a heap buffer overflow in texlive-bin | texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin texlive-bin |
| CVE | CVE-2024-28757 | libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCrea | expat expat expat expat expat expat expat expat |
| CVE | CVE-2023-52425 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for w | expat expat expat expat expat expat expat expat |
| Launchpad | 2055519 | Mutter rebuilds on jammy fail test: mutter:cogl+cogl/conform / framebuffer-get-bits (due to Mesa \u003e= 23.1.1) | mutter mutter mutter mutter |
| Launchpad | 2055530 | Mutter (sometimes) fails to build with [fatal error: meta/meta-enum-types.h: No such file or directory] | mutter mutter mutter mutter |
| Launchpad | 2056732 | [BPO] libreoffice 7.6.5 for jammy | libreoffice libreoffice |
| CVE | CVE-2024-21392 | .NET and Visual Studio Denial of Service Vulnerability | dotnet8 dotnet7 dotnet8 dotnet7 dotnet8 dotnet8 |
| Launchpad | 2039017 | [SRU] 2.61.3 | snapd snapd snapd snapd snapd snapd snapd snapd snapd snapd snapd snapd |
| CVE | CVE-2022-25647 | The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal clas | libgoogle-gson-java libgoogle-gson-java |
| Launchpad | 2056201 | [BPO] rpki-client/9.0-1 from noble | rpki-client |
| CVE | CVE-2024-26146 | Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a p | ruby-rack ruby-rack |
| CVE | CVE-2024-26141 | Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Respo | ruby-rack ruby-rack |
About
-
Send Feedback to @ubuntu_updates
