
Ubuntu has published USN-8555-1 for vulnerabilities in Ubuntu Advantage Tools (pro client) that could expose bearer tokens, allow unsafe APT configuration injection, or leak sensitive data through diagnostic log handling.
Tag archive

Ubuntu has published USN-8555-1 for vulnerabilities in Ubuntu Advantage Tools (pro client) that could expose bearer tokens, allow unsafe APT configuration injection, or leak sensitive data through diagnostic log handling.

Ubuntu Security Notice USN-8549-1 warns that the idna package could consume significant system resources when handling oversized inputs, creating a potential denial-of-service condition.

Ubuntu has issued USN-8526-2 to deliver libheif fixes for Ubuntu 24.04 LTS, addressing denial-of-service and potential sensitive information exposure risks tied to CVE-2026-47709 and CVE-2026-47714.

Ubuntu has issued USN-8536-1 for multiple MariaDB vulnerabilities that could lead to shell command execution, sensitive information disclosure, path traversal, SQL injection, and unintended file writes depending on configuration and privileges.

Ubuntu has published USN-8533-1 for multiple OpenSSH vulnerabilities affecting sftp, scp, internal-sftp, authentication controls, forwarding restrictions, and a client-side memory safety issue. Organizations using OpenSSH on Ubuntu should review exposure and apply updates promptly.

Ubuntu has published USN-8515-1 for a denial-of-service vulnerability in Addressable caused by catastrophic backtracking in certain generated regular expressions from URI templates.

Ubuntu has published USN-8509-1 to address multiple Python vulnerabilities affecting several modules, including tarfile, http.client, email, webbrowser, and decompression components across supported LTS releases.

Ubuntu has released USN-8467-2 to deliver the Perl fixes for Ubuntu 25.10, addressing an Archive::Tar extraction flaw and a 32-bit regular expression memory issue.

Ubuntu has published USN-8492-1 to address a large set of Linux kernel vulnerabilities affecting multiple architectures, drivers, networking components, and file systems. Organizations running Ubuntu should review impacted systems and prioritize kernel updates.

Ubuntu has released USN-8487-1 to address multiple curl vulnerabilities that could expose credentials, weaken connection security, enable denial of service, or in some cases possibly allow code execution on affected systems.

Ubuntu has published USN-8482-1 for a Roundcube Webmail cross-site scripting vulnerability involving the animate tag in SVG content, with risk of script execution in an affected user session.

Ubuntu has published USN-8474-1 to address multiple NSD vulnerabilities, including memory-safety issues and a TLS zone transfer authentication flaw. Organizations running NSD should review affected Ubuntu versions and apply updates promptly.

Ubuntu has issued USN-8447-2 to deliver LXD updates for multiple embedded Go Cryptography vulnerabilities affecting SSH-related security controls and denial-of-service exposure.

Ubuntu has published USN-8361-3 for a Linux kernel vulnerability affecting the packet sockets subsystem. The notice says an attacker could possibly use the issue to compromise a system, making timely patch review and deployment important for defenders.

Ubuntu has issued USN-8423-1 for multiple lwIP vulnerabilities, including buffer overflow issues that could lead to denial of service, information disclosure, or possible arbitrary code execution in affected environments.

Ubuntu has released USN-6455-2 to correct an Exim regression introduced by an earlier security fix on Ubuntu 22.04 LTS. The update resolves Taint mismatch errors affecting certain connections while preserving protections for prior Exim vulnerabilities.

Ubuntu has published USN-8414-2 to deliver OpenSSL fixes for Ubuntu 14.04, 16.04, 18.04, and 20.04 LTS, addressing vulnerabilities tied to denial of service, information disclosure, authentication bypass, and possible code execution.

Ubuntu has published USN-8405-1 for multiple CUPS vulnerabilities that may lead to unauthorized access, file overwrite, denial of service, information disclosure, or possible arbitrary code execution depending on system configuration and exposure.

Ubuntu has issued USN-8401-1 for multiple Netty vulnerabilities that can enable request smuggling, header injection, Redis command injection, validation bypass, and denial-of-service conditions across supported LTS releases.

Ubuntu has released USN-8349-2 to correct multiple rsync regressions introduced by a prior security update. Teams relying on rsync should review affected systems and apply the corrected packages promptly.

Ubuntu has issued USN-8338-2 to correct a regression introduced by the earlier Apache HTTP Server update. The fix restores mod_http2 loading on Ubuntu 18.04 LTS and is important for administrators validating recent Apache package updates.