Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014278)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014278 advisory. jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libsoup (UTSA-2026-014297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014297 advisory. A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libsoup (UTSA-2026-014298)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014298 advisory. A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF Carriage Return Line Feed Injection, occurs when an HTTP proxy is configured a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014276 advisory. jq is a command-line JSON processor. In versions 1.8.1 and below, functions jvsetpath, jvgetpath, and delpathssorted in jq's src/jvaux.c use unbounded recursion whos...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014274)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014274 advisory. NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libvpx (UTSA-2026-014289)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014289 advisory. Heap buffer overflow in libvpx. This vulnerability affects Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014284)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014284 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to th...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014267)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014267 advisory. The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-014300)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014300 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014272 advisory. jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 f...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014292)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014292 advisory. A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MI...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-014266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014266 advisory. Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-014286)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014286 advisory. GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-014281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014281 advisory. Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-014303)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014303 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gimp (UTSA-2026-014295)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014295 advisory. GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-014283)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014283 advisory. The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gdk-pixbuf2 (UTSA-2026-014288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014288 advisory. A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color compone...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gstreamer1-plugins-base (UTSA-2026-014277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014277 advisory. GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-014270)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014270 advisory. Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native and Tomcat's FFM port of the Tomcat Nativ...