CLSA-2026-1779183996 expat: Fix of CVE-2026-45186

CVE-2026-45186: fix quadratic complexity in attribute name collision check...

CLSA-2026-1778788223 libssh2: Fix of 2 CVEs

CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...

CLSA-2026-1778786567 curl: Fix of 2 CVEs

CVE-2018-1000120: fix buffer overflow exists in the FTP URL handling - CVE-2018-1000007: fix leak authentication data to third parties in HTTP requests...

Updated libexif packages fix security vulnerabilities

CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...

CLSA-2026-1778069531 xorg-x11-server-Xwayland: Fix of 3 CVEs

CVE fix for: CVE-2026-33999, CVE-2026-34001, CVE-2026-34003...

UBUNTU-CVE-2025-71285

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Drop the MHI autoqueue feature for IPCR DL channels MHI stack offers the 'autoqueue' feature, which allows the MHI stack to auto queue the buffers for the RX path DL channel. Though this feature simplifies the client...

UBUNTU-CVE-2026-43098

In the Linux kernel, the following vulnerability has been resolved: nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82uartread reports the number of accepted bytes to the serdev core. The current code consumes bytes into recvskb and may already deliver a complete frame before allocatin...

CLSA-2026-1778024392 exim: Fix of CVE-2026-40687

CVE-2026-40687: fix uninitialized buffer and out-of-bounds writes in SPA authenticator...

CLSA-2026-1777969863 gd: Fix of CVE-2021-40145

CVE-2021-40145: fix double free in gdImageGd2Ptr...

CLSA-2026-1777545003 rpm: Fix of CVE-2021-3521

CVE-2021-3521: validate and require subkey binding signatures on PGP public keys...

CLSA-2026-1777683788 file: Fix of CVE-2019-18218

CVE-2019-18218: fix heap-based buffer overflow in cdfreadpropertyinfo...

CLSA-2026-1777660095 python3.9: Fix of CVE-2026-4786

CVE-2026-4786: fix webbrowser %action substitution bypass of dash-prefix check...

UBUNTU-CVE-2026-43028

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...

CLSA-2026-1777540469 taglib: Fix of CVE-2023-47466

CVE-2023-47466: Fix segmentation violation and application crash during tag writing via crafted WAV file...

CLSA-2026-1777538840 mysql: Fix of CVE-2018-2755

CVE-2018-2755: harden binlog event decoding against corrupt binary log files BUG24365972...

CLSA-2026-1777301041 gd: Fix of CVE-2021-38115

Fix CVE-2021-38115: out-of-bounds read in readheadertga...

UBUNTU-CVE-2026-31648

In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nrpages calculation overflow in filemapmappages When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I encountered some very strange crash issues showing up as "Bad page state": " 734.496287 BUG: Bad...

CLSA-2026-1776069305 binutils: Fix of 2 CVEs

CVE-2026-3441, CVE-2026-3442: fix out-of-bounds read in XCOFF relocation processing...

CLSA-2026-1775647149 libarchive: Fix of CVE-2024-20696

CVE-2024-20696: fix heap buffer overflow via negative copy length in RAR4 reader...

CLSA-2026-1775654402 python3.9: Fix of CVE-2026-4519

CVE-2026-4519: fix webbrowser.open leading dash injection...